The network example constructed by DrayTek products of a cinema company

Company X is a cinema company which also combines the restaurant, bar and café in the United States, provides customers luxury movie watching experience, premium cinema complete with in-seat dining. Company X has two theaters and an office so far, they plan to expand their bases to all over California soon. In order to manage the company and the theaters, the owner seeks for the stable and reliable network devices to construct the managing network of Company X.

 

Here are the requirements and the usage of the network:

  • Separate each usages to different VLANs
  • IP phones for the internal phone system
  • Timeclocks for employees’ attendance system
  • POS printers for selling tickets, and orders of the meals and drinks, POS printers connect to the POS server through the network
  • Atmosphere lights and sound system, to control the light and sound from the central server
  • Security cams around the building, upload the footage to the NAS, should be able to watch the live stream from not only the theater locally, but also central office remotely
  • Access control system for the restricted area
  • Digital signage to display the information to the customers
  • Guest Wi-Fi network for the customers, regulate the total transmission speed of the guest Wi-Fi network
  • To monitor and maintain the company network from the central office

 

The followings are the features which Vigor Router supports can achieve the goal:

  1. Multi VLAN
  2. Bandwidth Limit
  3. Open ports and Port Redirection
  4. LAN-to-LAN VPN
  5. VigorACS, the central management program if Vigor products
  6. Quality of Service (QoS)

The owner chose Vigor2960 and bought 4 pieces to construct the network of Company X.

 

 

Multi VLAN

Vigor 2960 supports 20 VLANs, we can set up a VLAN for each system. In this scenario, the owner set up 6 VLANs:

VLAN 1 Business network Used to connect each atmosphere and information devices, including attendance system and timeclocks, atmosphere light and control server, sound system and music player, APs and the AP controller.
VLAN 2 Staff network For internal communication, including the IP phone and Wi-Fi for staffs.
VLAN 3 Security network Connect the security cameras, access control devices and NAS, IP cameras will save the live footages to the NAS, and the access control will request and authenticate the credential from the database on NAS.
VLAN 4 Guest network Provide the Wi-Fi to the customers in Company X, will regulate the total transmission speed of this network, to ensure the internal transmission will have the enough bandwidth and higher priority.
VLAN 5 POS network Connect the POS printers and POS server, the ticket selling, meal and drinks order will transmission through this network.
VLAN 50 VigorACS network An individual network for the communication between VigorACS and Vigor products, provide a stable and reliable central management system.

Vigor Router support both port-based and tag-based VLAN. Port-based VLAN is easier then tag-based VLAN when setting up, but when consider the elasticity and extensibility in the future, the tag-based VLAN will take the advantage, especially when you are handling a large network which has lots of subnets and clients.

Moreover, if you are using Vigor router with Vigor switch to construct your network, the Central Switch Management (SWM) can save lots of time for you when setting up the VLAN. You can manage and maintenance the VLAN setting, port availability, and monitor the switch and ports status from the single SWM page on the router. We are still making our effort on developing the features of the SWM, more and more convenient functions will release to Vigor router soon.

 

Related application notes:

 

 

Bandwidth Limit

Bandwidth Limit feature can regulate the transmission speed of individual client, or a group of clients. In order to provide the internet connection for the customers, also prevent the internal service from being affected by the crowded traffic, we can set up the bandwidth limit to limit the maximum speed for the entire guest network.

 

Related application notes:

 

 

Port Redirection

Company X has the security cam system, the owner can connect to the server can check the footage from the LAN side of Vigor2960. If the owner is not in the theater, but he wants to check the footage, he should set the Port Redirection for connection to security cam server from the internet. In order to access the server or service behind the Vigor2960, we need to open port for let the connection from the internet pass through the NAT.

 

Besides, the owner can set Vigor2960 to only let the specific IP access to the LAN service by setting up the Source IP on the Port Redirection profile. So, the Vigor2960 will only pass the access requirement from the set up IP. The owner can set up the Port Redirection profile of Vigor2960 of Station S1 and S2 to accept the source IP of Company X Office only, so he can check the internal server from the office, but VIgor2960 will not pass any requests from other IP addresses. This can make the internal network more secure.

 

Related application notes:

 

 

LAN-to-LAN VPN

Company X has two theaters and an office for now, there is another site for each internal server. The owner constructs few VPN tunnels between each sites, to let the POS system connect to the main POS server, make the IP phones register to the central PBX, and the administrator can access to the security network of each site from any other sites. VPN connection can combine the local network of the different sites as one, and provides the secure connection when transferring through VPN tunnel on the internet.

 

Related application notes:

 

 

VigorACS

The full form of ACS is Automatic Configuration Service. VigorACS is a central management program that allow the network administrator to monitor and manage all Vigor devices on a single web page, it can greatly reduce the effort of maintaining the networks. The more devices you own, the more effort you can reduce with the help of ACS. VigorACS can be installed on any computer which is running Windows or Linux (must be 64-bit operating system).

The owner has four Vigor2960, he uses VigorACS to manage all four Vigor2960. Without VigorACS, the owner will need to login to each router to monitor or change the configuration. With the VigorACS, the owner will only need to login to the single web page to change and monitor the setting of each router.

Besides, it may be a security concerned to enable the internet access of the router for some users. With VigorACS, we can allow the TR-069 access from the internet only, disallow other protocols including HTTP, HTTPS and SSH. This can reduce the risk that your router login by the attacker intentionally.

Please refer to the product page of VigorACS for further information.

 

 

Quality of Service (QoS)

Company X provides the customer internet connection through Wi-Fi, the guest Wi-Fi is using the same internet line as the internal use, the transmission speed of the customers in the theater and the staff network may affect each others, especially during the rush hours. Users will only feel the transmission speed is slower, need more time to open a website. But the usages which need the instant transmission will be affected. The call over VoIP may be intermittent, the live stream display on the digital signage may be delayed, the security footage saved to NAS by the security cams may lost frames.

Quality of Service (QoS) feature can make sure the important service with the higher priority will be transferred sooner, this feature can benefit the network usage which can not bear any delay, such as VoIP or live stream of the digital signage and security cam. The other transferring protocols or service with lower priority, such as HTTP/HTTPS browsing, will be forwarding after the important service. So the call over IP phone will be smooth without delay, the voice will be continuous, the video stream of the digital signage and security cams will not be freeze or lost.

 

Related application notes:

Was this article helpful?
155The network example constructed by DrayTek products of a cinema company has been viewed------ 155 ------times.