With networks at the heart of the most modern business, network design can have a major impact on business outcomes. Finding the right balance of network performance, security, redundancy, and cost require a unique mix of project management and technical skill. To help you nail your next network design project, we’ll take a deep dive on the topic, provide a basic framework you can follow, and look at some best practices to keep in mind as you go.
What is network design?
Network design is the practice of planning and designing a communications network.
That process starts with identifying business and technical requirements and continues until just before the network implementation stage (when you actually do the work to deploy and configure what was designed). Network analysis, IP addressing, hardware selection, and implementation planning are all part of network design.
In simple networks, like those found in most homes and small offices, network design is a straightforward process. In large enterprise networks, the network design process is often very complex and involves multiple stakeholders.
Understanding PPDIOO & other network lifecycle models
Before we dive into how to design a network, let’s take a moment to review network lifecycle models. In the context of network design, a network lifecycle model helps explain where and how network design fits into the broader lifespan of your network’s components and overall structure.
One of the most popular network lifecycle models is Cisco’s PPDIOO (Prepare, Plan, Design, Implement, Operate and Optimize) model:
- Prepare. This is where you define high-level requirements and strategy. For example, your deliverables from this phase may include requirements documentation and current state surveys.
- Plan. This stage deals with specific network requirements based on information gathered in the planning stages.
- Design. During the design stage, the information gathered from the previous two stages is used to create a detailed network design.
- Implement. This is where the work gets done to configure and deploy the network infrastructure. There is often testing to validate the design in this phase.
- Operate. This is the portion of the lifecycle where the network is in production use. During this stage, monitoring is an important part of validating that the network is working as designed and being able to quickly address issues when it isn’t.
- Optimize. At some point in most networks’ lifecycle, tweaks and optimizations are needed. This is the stage where those changes are identified. For major changes, the cycle begins again to plan and implement them.
Other network lifecycle models include Cisco’s PBM (plan, build, manage) and the NDLC (network development life cycle). Regardless of which model you choose, the general steps—information gathering, design, implementation, and improvement—and cyclical nature are the same. The important takeaway is understanding any network lifecycle and where network design fits in.
Designing a network step by step
Now that we understand the basics of a network lifecycle model, let’s take a step-by-step look at the process of designing a network infrastructure. While the specifics of your network design will vary based on size and complexity, this general framework can help you make the right decisions.
1. Identify the requirements
Before you begin any network design project, begin by gathering information and developing clear business and technical requirements. Without clearly defined targets, the rest of the design falls apart.
Business requirements help define what you need to do. That means things like:
- Support a new office
- Improve end-user experience
- Cut costs
- Comply with a new regulation
- Improve business continuity
Looking back at the PPDIOO lifecycle model, business requirements align with the prepare stage. This means you should work closely with stakeholders when identifying business requirements.
Once you’ve detailed the business requirements, it’s time to move on to the technical/functional requirements. For example, requirements could include:
- Security requirements
- Specific protocols the project must implement
- RTO/RPO (recovery time objective/recovery point objective) numbers
- Uptime SLAs (service level agreements)
When you create your requirements, don’t overlook constraints. For example, business requirements will have a budget constraint. Technical requirements may have constraints such as the need to continue supporting legacy apps.
2. Assess the current state of the network
Chances are, in most networks you’re not starting with a clean slate. Sometimes that’s a good thing that makes life easier, other times it can complicate a project. For example, if all the structured cabling is already in place, that’s one less thing to worry about. However, if all that’s in place is Cat5 cable and you need Cat6A to support 10GBaseT, the existing cabling now becomes an issue to deal with.
Whatever the state of the network is, it’s important you know early in the design process. You need to assess the network’s current state before you make any specific design recommendations. At the end of this step, you should understand the network layout, performance, data flows, applications & services on the network, network security, and physical and logical layout.
Some of this can be achieved by reviewing existing network diagrams, policies, and monitoring tools. In other cases, you’ll need to use automatic network mapping tools and security scanners to get the full picture.
3. Design your network topology
Once you know your requirements and understand the current state of your network, you can begin blocking out the functional components of your network. During this step, you’ll need to consider both the physical and logical aspects of your network.
When it comes to physical network design you’ll need to address things like:
- Running copper and fiber cabling
- Number of switch ports required
- WiFi access point positioning
- Rack layout
- Cooling and power
Logical network design deals with things like:
- IP addressing/subnetting
- Data flows
- Network topology
At the end of this step, you should be able to create a static map of the physical and logical network you’re designing. If you need help, check out Auvik’s The No Sweat Guide to Network Topology, which covers the ins and out of this step in more detail.
Tip: Don’t forget about cloud workloads and cloud networks. Your network design will need to account for on-premises and cloud data flows.
Hierarchical network design: What are core, distribution, and access layers?
Before we move on to the next step, let’s take a look at two key network design concepts: hierarchical network layers and top-down vs bottom-up design.
A traditional hierarchical network design is based on the idea of three basic network layers. Each layer handles a separate portion of the dataflows on a network. Those layers are:
- Core layer. This is the layer that routes traffic between different geographical sites. In other words, it’s the network backbone. The core layer is where high-throughput, expensive core routers shine.
- Distribution layer. The distribution layer sits between the core and access layers. It acts as a boundary and implements network policies to restrict or allow data flows between different subnets within the network. Less expensive routers and L3 switches are the common workhorses of the distribution layer.
- Access layer. The access layer is the layer for endpoint devices like user PCs, printers, and VoIP phones. Smaller “access switches” are responsible for switching packets and routing traffic at this layer.
In some cases, you may not need all three of these layers. For example, many networks bypass the distribution layer altogether.
Top-down vs bottom-up design
Top-down and bottom-up are two approaches to network design based on the OSI model. With a top-down approach, you start designing your network at the application layer and work your way down the model finishing with the physical layer. The bottom-up design is exactly the opposite.
Top-down is generally considered a better approach when you start with business requirements and work your way down. However, top-down is also often more time-consuming. Bottom-up network design starts with the physical aspect of the network and works upwards.
As a result, bottom-up can be quicker but can often lead to missed requirements or compromises on desired outcomes, as designing a network from the bottom up locks you into certain outcomes before you get to the application layer where users get work done.
4. Choose the hardware and software
This step entails identifying the hardware and software you’ll use. In some cases, this will happen in parallel with step 3. In others, some of the hardware or software may be specified early in the project. As a rule, selecting the specific hardware and software you’ll use after you know what the network needs to do gives you the most flexibility.
During this stage, you’ll choose specific cables, racks, network devices, servers, applications, cloud services, etc. to make your design a reality. For custom parts or large orders, keep in mind potential supply-chain issues. If you can’t get your structured cabling or access switches in time, you can slow down project completion.
5. Plan for implementation and beyond
With your network design and hardware/software selections ready, you can now plan for the implementation and beyond. This step entails creating a plan to deploy, configure, and test the network. In some cases (usually larger networks) this step may include small-scale test deployments to validate the design works before scaling out.
Tight project management and keeping stakeholders informed are key parts of getting your plan right. A network deployment has a lot of moving parts and your plan should account for project milestones, change management, and key deliverables. Additionally, if the network will be managed by a different team than those doing the implementation, you’ll need a transition plan. If you’re responsible for network management going forward, developing a plan for how you’ll monitor and maintain the network is important as well.
Top 5 network design best practices
Now that we have a framework to follow, let’s take a look at some network design best practices for making better decisions throughout the process.
1. Integrate security early on
There is a reason the idea of “shifting security left” has become so popular in the DevOps world: it works. By making security a priority from the beginning of the project, you’re less likely to have gaps in your security posture. You’re also more likely to improve your overall network performance because security won’t be inefficiently shoehorned in after most decisions have been made.
Treat security requirements with just as much priority as performance requirements and spec them into a project early on. Ideally, we should all have a “security is everyone’s responsibility” mindset, but in practice that isn’t always the case. It’s usually a great idea to have a security-focused stakeholder(s) involved in the project end-to-end.
2. Know when to use top-down vs bottom-up
In most cases where you’re starting from scratch, top-down design is the “better” choice. By designing top-down, you focus on the business requirements and maximize your chances of getting it right.
However, there are many network design projects where the resource and time investment in going top-down just doesn’t make sense. For example, if you’re already familiar with an organization’s overall business requirements and simply need to expand a network or increase bandwidth, bottom-up can be much more efficient.
3. Standardize everything
If it can be standardized, standardize it. It will make troubleshooting, patching, maintenance, and asset management drastically easier in the long run.
Here are some examples of things you can and should standardize:
- Hostnames (e.g. printer5.office2.lan3)
- Hardware models
- IP address schemes
- Cable colors (e.g. one color for VoIP, one for data, etc)
- Security policies
4. Plan for growth
Network bandwidth consumption today isn’t going to be the same a year from now. You have to consider how much you expect bandwidth consumption to increase over the lifecycle of the network, and design with that expectation in mind.
One answer is obvious: just build in additional bandwidth based on your expectations. However, making sure the network is flexible and modular enough to easily accommodate expansion is arguably more important. After all, you can’t know for certain what your requirements will be in the future, but you can design with the idea you may need to extend the network in mind.
5. Create and maintain network documentation
Missing, stale, or incomplete network documentation is a major source of tech debt, wasted time, and added frustration. Do your future self — or your friendly neighborhood network administrator — a favor and make sure your network design and implementation deliverables include layer 1-3 network maps. Then, once they’re created, be sure to maintain them going forward.
Interested in a deep-dive on network docs? Check out Network Documentation Best Practices: What to Create & Why!
Considerations for designing computer networks
Copper vs fiber, logical topologies, IP addressing, VLANs, bandwidth, and WiFi coverage are some of the most obvious considerations when you’re designing a network. However, that’s far from an exhaustive list. There is a lot that goes into designing a network, and it can be easy to overlook things. Here are some key considerations to keep in mind for your next project.
When you’re designing a network, you need to account for legal regulations that impact both the physical and logical design of your network. For example, local building codes may impact how you run structured cabling. Similarly, the National Electrical Code in the US has requirements relevant to the electrical power your network devices will require. From a logical perspective, regulations like HIPAA, PCI DSS, and GDPR can impact both data in transit and data at rest.
During the network design process, you’ll need to keep these requirements in mind to build a compliant network.
Network resilience and redundancy
Because of the importance of network availability to business operations, enterprise networks need some level of fault tolerance. To make that happen, N+1, 2N, or 2N+1 redundancy (or even higher) is often part of modern network design.
Of course, resilience and redundancy come with a budgetary cost. Your network design will need to balance resilience and redundancy against the expense. In other words, reliably achieving five-nines (99.999% uptime) is great if you can do it, but it ain’t cheap!
A good way to frame this tradeoff is: considering your cost of downtime (i.e. how many dollars per minute/hour will you lose if the network goes down) and balancing that against your exposure to downtime with your current redundancy plan.
Cloud vs. on-prem
It’s no longer a given that on-premises are the best place to run a given workload. Once you have your business and technical requirements, you should carefully consider whether or not a cloud network makes sense as a solution. We won’t rehash the entire cloud vs on-prem debate here, but make sure you don’t lock yourself into an on-premises solution when the cloud may be a better fit (or vice versa!).
Cooling and power
It can be easy to overlook the cooling and power requirements of a network. Don’t make this mistake! If you can’t meet your power requirements, you’ll never get your deployment off the ground. If you don’t account for all the heat dissipation of your new network equipment, devices can overheat and prematurely fail. Here are a few points to consider about power and cooling:
- Make sure your electrical panels and electrical outlets can accommodate your new equipment.
- Make sure to account for power-over-Ethernet (PoE) loads when sizing UPS (battery backups) and other power equipment.
- Make sure your server room cooling can handle the additional heat generated by your new network gear or plan to invest in supplemental cooling.
There’s no one size fits all network design. With the right approach, however, you can create a design that matches your business requirements. Of course, as network lifecycle models like PPDIOO demonstrate, it doesn’t stop after the design stage!
Network design and implementation are only the beginning. Once a network goes live, that’s when the real work begins. Proactive network monitoring helps you ensure the network is working as it should and can inform your decisions when it comes time to expand or refresh the network.
Your Guide to Selling Managed Network Services
Get templates for network assessment reports, presentations, pricing & more—designed just for MSPs.
This was an incredibly interesting read. I am currently studying Network & System Security, I am after reading several of the articles posted on your site, written both by Steve Petryschuk and Kevin Dooley. They are all very well written, explaining high level concepts in a concise easy to understand manner. Great work.
Absolutely outstanding breakdown!!!! This is like learning 10 years of network design in 10 mn. Great thanks
This article is what I just needed now! I’m currently looking for materials to get my Course1 assignment started (design a good network for a company struggling for a reliable and scalable network management infrastructure). Your article did the coursework for me because the breakdown is well detailed. You are Godsent – it’s a fact.