Planning a 50-Person Office Network from Scratch
A step-by-step walkthrough of designing a complete office network.
You've been tasked with designing the network for a new 50-person office. Where do you start? This guide walks through the complete process, from requirements gathering to final specifications.
Subnet Calculator Plan your IP addressing and VLANsStep 1: Gather Requirements
Before drawing any diagrams, understand what the network needs to support:
- Users: 50 employees, expect 20% growth over 3 years
- Devices per user: Desktop/laptop, IP phone, personal mobile
- Shared devices: 4 printers, 5 conference rooms, 3 meeting pods
- Guest access: Required, must be isolated
- Applications: Cloud-based CRM, Office 365, video conferencing
- Special needs: 5 developers with higher bandwidth needs
Step 2: Calculate Bandwidth Needs
Estimate total internet bandwidth required:
| User Type | Count | Average | Concurrent | Total |
|---|---|---|---|---|
| Standard users | 45 | 2 Mbps | 30% | 27 Mbps |
| Developers | 5 | 5 Mbps | 50% | 12.5 Mbps |
| Conference rooms | 5 | 10 Mbps | 60% | 30 Mbps |
| Guests | 10 | 2 Mbps | 30% | 6 Mbps |
Baseline: 75.5 Mbps. Add 50% headroom: 113 Mbps. A 200 Mbps symmetric connection would be appropriate with room for growth. Consider a 500 Mbps or 1 Gbps connection if available at reasonable cost.
Step 3: Plan IP Addressing
Use VLSM to efficiently allocate a 10.10.0.0/16 block:
| VLAN | Purpose | Subnet | Size |
|---|---|---|---|
| 10 | Corporate wired | 10.10.10.0/25 | 126 hosts |
| 20 | Corporate WiFi | 10.10.20.0/25 | 126 hosts |
| 30 | Voice | 10.10.30.0/26 | 62 hosts |
| 40 | Printers/IoT | 10.10.40.0/27 | 30 hosts |
| 50 | Servers | 10.10.50.0/27 | 30 hosts |
| 99 | Guest WiFi | 10.10.99.0/24 | 254 hosts |
| 1 | Management | 10.10.1.0/28 | 14 hosts |
Reserve 10.10.100.0/24 for future expansion.
Step 4: Design the Physical Layout
For a single-floor 50-person office (approximately 8,000-10,000 sq ft):
- MDF (Main Distribution Frame): One dedicated network closet, climate controlled
- Horizontal cabling: Cat6 to all desks, Cat6a to APs
- Wireless APs: 4-5 APs for proper coverage (one per 2,000 sq ft)
- Wall ports: 2 per workstation (data + spare or phone)
Step 5: Select Equipment
Firewall/Router
Mid-range business firewall with:
- 1 Gbps+ throughput with all services enabled
- VPN support for remote workers
- Content filtering and threat protection
- Multiple WAN ports for redundancy
Budget: $800-2,000 (Fortinet 60/80 series, Meraki MX68, Sophos XGS)
Core Switch
One or two stackable Layer 3 switches:
- 48 ports minimum (plan for 60+ with growth)
- PoE+ on all ports (for phones and APs)
- 10G uplinks for future server connections
- Layer 3 for inter-VLAN routing
Budget: $1,500-4,000 (Cisco Catalyst 9200, Aruba 6100/6200, Juniper EX3400)
Wireless Access Points
5 enterprise APs with controller (cloud or on-prem):
- WiFi 6 (802.11ax) minimum
- 2x2 or 4x4 MIMO
- Multiple SSIDs for corporate and guest
- Central management
Budget: $2,000-4,000 for 5 APs (Ubiquiti U6 Pro, Aruba InstantOn, Cisco Meraki MR36)
PoE Budget Calculation
| Device Type | Count | Watts Each | Total |
|---|---|---|---|
| IP Phones | 50 | 7W | 350W |
| Access Points | 5 | 25W | 125W |
| Conference room devices | 5 | 15W | 75W |
| Cameras (if any) | 4 | 15W | 60W |
Total: 610W. A 48-port PoE+ switch with 740W budget covers this with 20% headroom.
Step 6: Plan Security
- VLAN segmentation: Keep voice, data, and guest traffic separated
- Guest isolation: Guest VLAN goes directly to internet, no internal access
- 802.1X: Consider for wired and wireless authentication
- Firewall rules: Restrict inter-VLAN traffic appropriately
- DNS filtering: Block malicious domains at the firewall
- Network monitoring: SNMP, syslog, and alerting
Step 7: Document Everything
Create documentation including:
- Network diagram (logical and physical)
- IP address spreadsheet with all assignments
- VLAN and subnet summary
- Port mappings (switch port to wall jack to location)
- WiFi coverage map
- Equipment inventory with serial numbers
- Credentials (stored securely)
- Vendor support contacts
Budget Summary
| Category | Low | Mid | High |
|---|---|---|---|
| Firewall | $800 | $1,500 | $3,000 |
| Switch(es) | $1,500 | $2,500 | $5,000 |
| Wireless (5 APs) | $1,500 | $2,500 | $4,000 |
| Cabling | $3,000 | $5,000 | $8,000 |
| Rack and accessories | $500 | $1,000 | $2,000 |
| UPS | $400 | $800 | $1,500 |
| Total Equipment | $7,700 | $13,300 | $23,500 |
Add installation labor (typically $3,000-8,000 depending on complexity) and ongoing support/licensing costs.
Common Mistakes to Avoid
- Undersizing the switch: Buy more ports than you think you need
- Forgetting PoE budget: Cheap switches often have insufficient PoE
- Skipping UPS: Network equipment needs clean, uninterrupted power
- Poor AP placement: More APs at lower power beats fewer at high power
- No management VLAN: Separate management traffic from user traffic
- Single point of failure: Dual WAN connections if uptime matters