Network & Infrastructure

Switching, wireless, firewalls, VPNs, structured cabling, and IoT segmentation. Networks designed for resilience and documented so the next person knows what they are looking at.

Networks that hold up

Most network problems are not the network. They are the slow accumulation of one-off changes nobody documented, equipment past its support life, and configurations that made sense to someone who left two jobs ago. We design networks to be understandable, to hold up under load, and to be easy to repair when something does break.

What we do

Network design and refresh

New construction, office moves, and refreshes of networks that have outgrown their original design. We start with what the network needs to do (how many users, what kinds of traffic, what compliance constraints) and design backward from there. Output is a network diagram, a bill of materials, and an implementation plan.

Switching and routing

Layer 2 and layer 3 work across Cisco, Aruba, Ubiquiti, MikroTik, and Meraki. VLAN design, trunking, spanning tree, OSPF or BGP where it fits. We document configurations so the running state is in source control.

Wireless

Site surveys, AP placement, controller configuration, and ongoing tuning. We deploy on multiple vendor platforms depending on the size and the budget. Coverage maps and performance baselines so you can tell whether the wireless is actually delivering what it promised.

Firewalls and VPNs

Edge firewalls, internal segmentation firewalls, site-to-site and remote-access VPNs. Rule sets that document why each rule exists. Regular reviews so dead rules don't accumulate. Modern next-generation firewall features (intrusion prevention, application identification, web filtering) configured for the threats you actually face.

Structured cabling

Cat6/Cat6A copper, fiber backbones, patch panels, labeling, and as-built documentation. We work with cabling subcontractors when scope demands it and stay engaged through the project so the documentation actually matches what got installed.

IoT and OT segmentation

Cameras, badge readers, building management, manufacturing floor equipment, agricultural sensors. Devices that can't be patched live on a separate network from the things that can. We design segmentation that contains the blast radius when one of these devices inevitably gets compromised.

How engagements work

Most network engagements start with a discovery: we walk the site, look at the existing infrastructure, talk to the people who use it, and write up what we found. From that we propose either a refresh project, an ongoing managed-network engagement, or both. Pricing is fixed-fee for projects, monthly for managed.

Who this is for

Organizations between 10 and 1,000 endpoints with at least one location, often more. Schools, municipal offices, manufacturing plants, professional services firms, and the kinds of mid-size businesses where the network has gotten complicated enough to need an engineer but not so complicated that you need a full-time team.

Get in touch

For a network assessment: hello@alebrijedigitalservices.com or (970) 237-5600.