Managed Switching & VLANs
A properly segmented network with managed switches and VLAN configuration, keeping staff traffic, guest traffic, VoIP, and CCTV on separate logical networks.
Key highlights
- TP-Link Omada managed switches, PoE and non-PoE options
- VLAN segmentation for security and performance
- PoE budget management for access points, IP phones, and cameras
- Integrated with Omada SDN Controller for central visibility
A flat network is a security problem
In a flat network, where every device is on the same logical network, a compromised machine can reach everything else. A guest laptop can attempt connections to your file server. An IP camera can communicate with a staff workstation. A VoIP phone can consume bandwidth meant for business applications. VLAN segmentation fixes this by dividing a single physical switch infrastructure into multiple isolated logical networks, each with its own traffic policies and access rules.
What VLANs actually do
A VLAN (Virtual Local Area Network) partitions network traffic at the switch level. Devices on VLAN 10 cannot directly communicate with devices on VLAN 20 unless explicitly permitted by a firewall rule. This means your guest Wi-Fi users can reach the internet but cannot reach your servers, regardless of how many devices are plugged into the same switch.
TP-Link Omada managed switches
We deploy TP-Link Omada managed switches for office and commercial environments. These provide 802.1Q VLAN support, link aggregation, spanning tree protocol, and QoS, all managed through the Omada SDN Controller alongside access points and gateways. PoE+ variants power access points, IP desk phones, and IP cameras directly from the switch, eliminating separate power adapters at each device.
Standard VLAN design for business networks
Staff VLAN
Business workstations, laptops, and printers. Access to servers, file shares, and business applications. Protected from guest and IoT traffic.
Guest VLAN
Visitor and client devices. Internet access only, no visibility of internal servers or staff devices. Bandwidth-limited to prevent consumption of business capacity.
VoIP VLAN
IP desk phones and PBX infrastructure. Isolated and prioritised via QoS to ensure call quality is not affected by file downloads or video streaming on other VLANs. Integrates with Hosted PBX and VoIP Communications services.
CCTV / IoT VLAN
IP cameras, access control readers, and smart building devices. Cameras communicate with the NVR but not with business workstations. Supports CCTV & Access Control deployments.
Switching, Wi-Fi, and security in one managed system
Omada managed switches, access points, and gateways all managed through a single controller means your network is one system, not several unconnected ones. When we troubleshoot a problem, we see the full picture. When we make a change, it applies consistently. That consistency is what reliable business networking looks like.
Also in Networking & Infrastructure
Structured Cabling
Cat6 and fibre installation with professional patch panels, labelling, and documentation. Build clean, certified, future-proof network infrastructure for offices of any size in Nairobi.
Wi-Fi Design & Deployment
A properly designed wireless network, not just access points plugged into walls. Full-site survey, Omada EAP deployment, and managed ongoing performance.
Enterprise WiFi Deployment
Site surveys, professional access point placement, and controller configuration for Ubiquiti and Cisco Meraki. Reliable coverage across open-plan offices, multi-floor buildings, and warehouses.
Omada SDN Controller
Centralised management for your entire TP-Link Omada network, access points, switches, and gateways, from a single dashboard. On-premise or cloud-hosted.
Firewall and Network Security
Sophos XGS or Mikrotik firewall installation and configuration with VPN, VLAN segmentation, and traffic policies. Build a secure perimeter that protects your Kenyan business.
Get it done right
Let Sentire handle your Managed Switching & VLANs.
Our engineers are based in Nairobi and support businesses across Kenya. No lengthy contracts. Just reliable, expert IT delivered as a service.