New Network Subnet Provisioning

Found the Cisco Design Zone online, which has tons of great resources: cisco.com

Read an article on IPv4 addressing schemes, and best practices for setting up a new network.  Besides separate subnets for the standard data and voice networks, it is recommended to:

  1. "Reserve a subnet for physical security. Security requirements can be as simple as a subnet to control door access to a building or something more complex like video surveillance for the entire building. Even if physical security is not required at the initial setup, you should still complete this step."

  2. "Reserve a subnet for facilities. This subnet addresses physical plant requirements such as remote power control, air conditioning, and facilities monitoring, which can now be monitored with new technology on the IP network."

  3. "Allocate public addresses for all production networks in the demilitarized
    zone (DMZ), which is the network or networks situated between an ISP edge
    router and corporate firewalls. An alternative is to use NAT. "

  4. "Allocate a subnet for remote access, which is generally set up as a virtual
    private network (VPN)."

  5. "Allocate a subnet for network management to provide access to network
    devices such as Ethernet switches, firewalls, routers, etc. This subnet allows
    for easy management with a separate logical network. Cisco SBA uses VLAN
    1 for management of network devices."

  6. "Create a loopback address to make it easier to manage a single address for
    a router that has multiple interfaces."

http://www.cisco.com/en/US/docs/solutions/SBA/August2012/Cisco_SBA_BN_IPv4AddressingGuide-Aug2012.pdf