Using some type of image program, can someone draw some basic boxes and text representing the "perfect" network.

I would like to see how people do it... I want someone who is an expert on networking to give me a very nice and complex system so that I can micromanage and be secure.

I am kind of lost...

Please include things like gateway/router/switch/file server/web server/DNS server/(other servers)/office computers/wireless things/print servers/ and anything else you can think of.

I want a diagram that can give me bearings on what a true business/enterprise network looks like.

i dont think you can make up a network topology without knowing the requirements.

if this is for something specific, provide us with more details such as the number of computers and devices, what services they will host, etc etc..

there are alot of things to consider when developing a network and it all starts from a goal in mind with specific requirements.

nadroj is right. Without knowing more about what specific services you'll be running, and how many of those will need to be segmented from each other, it's hard to give a detailed answer.

I just threw a this basic network diagram together in a couple of minutes in Visio. This is what you want to shoot for at a basic level.

http://hallnet.homedns.org/images/ba...re_network.gif

I would highly recommend using some type of Intrusion Detection/Prevention system (something like Fortigate), and a Spam filtering system (like Barracuda) if you'll be hosting corporate email.

It will also make a difference if you will have remote locations as part of a WAN. In that case, you would add a router in the LAN section that is a gateway to and from remote locations. If there will be no remote locations, the firewall in the LAN would be the gateway (if you're using a decent firewall that at least supports static routes).

Yes... YES!!!

The things we need:

A file server that can VPN freely to laptops on the road

A security cam computer that is accessible from home

Security ... Security ... Security...

Enough switching power for sixteen computers on the "green" side

I will have about three servers... One for Apache, one for file, and the other for auxiliary stuff such as databasing/email

I need security on the servers... I know they will be DMZ so that I can enable them to be on their own security computers / firewalls.

Give me what a "good" network for a big business would look like...

For what you've mentioned, it sounds like you only need one DMZ. Just put any computers that will need public access into a DMZ like the drawing shows. I did notice that since I put that together in a hurry, I left out DMZ switching, but you would obviously need one there.

I'm not sure what you mean by this, but you only really need one firewall for the scenario you described. The firewall should have multiple ports if you want a true DMZ, each port with a different address for a different interface. (ie. you would have a public IP address on the port that connects to the Internet router, a private IP on the port that connects to the DMZ switch, and a different private IP on the port that connects to the LAN switch). A firewall that does stateful packet inspection will use the rulebase that you create to determine what traffic is or isn't allowed to connect to each device on the different segments.

As far as VPN access from the laptops, there are multiple ways of accomplishing this. Some firewalls (ie. Checkpoint {always my first choice}, Cisco PIX) will have a VPN client that can be installed onto any computer and that will give access to the network for anyone with a user name and password that is defined in the firewall.

Depending on the OS, there are also other options. If you have any Microsoft servers, PPTP can be used for VPN. The firewall would need to have a rule that allows traffic on port 1723. Then the user account will need to have remote access enabled and the laptop will need to have the PPTP client (which is built in to XP) set up.

There are other options, and there are different valid ways of accomplishing some of the things you want, but this should point you in the right direction.