Problem selecting CCR

We are growing public hospital that currently use copper based cable but want to migrate to fiber optic.

Actually we have no problem used copper so far, but we except the distance, so we decide to replace our backbone cable, the cable that connect our server in main building, to other building using 12 core fiber optic cable, than split it to 2 core for each floor in each other building, then at the end we just use our old copper based network connected to this hardware.

The distance between our building is about 100 to 400 meter, we have 5 building now with 3 to 5 floor in each building, our building will continue to grow in number in the future, we still have a plan to build new building, maybe new building every 5 years, so we want to build a network that last for at least 10 to 20 years.

We have 250 computer for now, and will be around 300 in the near future, We do not include CCTV or IP telephone in the network and instead separate the network because we fear the CCTV or telephone will disturb computer network.

Back to the question, before building the network we want to buy the hardware first, I do not really understand about networking, neither have employee that know about networking, we hear from our consultant that we need to buy CCR1072-1G-8S+ for Fiber Optic server, but when I ask to my friend he do not recommend that and instead recommend the lower CCR1016-12S-1S+ because he believes we do not really need CCR1072-1G-8S+ and will waste the money, the price different is about 4 times, instead he suggest buying 2 or 3 CCR1016-12S-1S+ as backup.

About the traffic, we only run some internal software that do database read write, document sharing, and maybe CCTV if we decide to merge the network.

We do not have much budget when dealing with IT or any computer related things, simply because the management think that is not our company main concern, so what is the recommended main router / controller / network server, we do not want to waste our money to buy something that we do not actually need, so we need to buy product that sufficient to handle our network.

Is there any advice from you guys?

The CCR1072-1G-8S+ is an 8 port 10Gbit router and is indeed overkill. The CCR1016-12S-1S+ is also a router. So neither might be a good candidate. I’m a bit worried that you don’t know what you really need.

How many locations/floors?
How many ports on each location?
Do you need PoE for cameras or phones (power over ethernet)?
How many switches will there be in total?
Will the optocal network be in s “star” or in a “ring”?

I would choose some of these
https://mikrotik.com/product/CRS326-24G-2SplusRM - On floor/locations
https://mikrotik.com/product/crs328_24p_4s_rm - On floor/locations with PoE
https://mikrotik.com/product/crs328_4c_20s_4s_rm - For central core (1Gbit core)
https://mikrotik.com/product/crs317_1g_16s_rm - For central core (10Gbit core)

You should get at least two core switches, for sake of redundancy.

Running CCTV and Phones on same network is no problem if you know what you are doing.

There will be 20 location/floor in total, that locations is divided in 4 building, on every location there will be no more that 24 ports needed, some location indeed need PoE.

We plan to connect 4 building using 12 core, then split 2 core per location, there will be start topology, for many reason, we need a router in the main building to manage all network.

What is the recommended router to choose to manage the network, I mean the router that is not overkill for the requirement.

The level of router/firewall is manly depending on:

1. Speed of external connections, such as Internet.
2. The level of separation between networks (as VLAN separation)
3. Number of clients in general
4. How important it is

i agree with this sugest

i will recommend CCR1036 8g 2s+ 1.095 USD to work as Core router maybe is overkill but a good long term investment CCR0136 can run a 1000 Customer ISP and very versatile for a multi task ROLE like this

I want to add the following thinking’s about CCR1072:

CCR1072 is a very good product but is a different product

CCR1072 is not recommended because is fitted to be a specialized Border/Core router for a Big ISP using several’s CCR1036 as BRAS/Concentration Routers

CCR1072 do not scale well when deployed to replace CCR1036 in some cases, and costs 3050 USD, in most cases 2 x ccr1036 cost less and work better

CCR1072 is not the direct replacement for CCR1036 for scaling purposes, if you have a environment where ccr1036 is getting short, split that load into 2 ccr1036 and use 1 ccr1072 to consolidate that 2 ccr1036 traffic at core/border

It’s all depending on the workload and implementation.

A RB4011 might be sufficent for this solution, buy two and you have redundancy as well.

You first need to understand how you want to partition your network, and how much traffic there will be between those partitions.
E.g. you have a separate network partition per building, and you also want a separate partition per application (e.g. keep CCTV separate from database and documents).
Within such a partition, you will normally use switches rather than a router. The router is only used to connect the partitions.
When you want to use fiber between buildings that form a single complex, you probably want to use mainly switches (with VLAN on the fibers to separate the network partitions).
For that you can use the mentioned CRS devices.
Additional to that, you probably want two CCR devices as routers between the partitions and towards internet (the CRS devices are lousy at that), but you probably do not need a high-end device like the CCR1072 as the traffic between the partitions will be far less than within the partitions.
A CCR1016 can route a lot of traffic. And indeed, having a couple of those is better than to put all your money in a single device.

However, you still will need to invest in some IT consultancy. It is not a good idea to setup such complex networks without knowledge, you can probably get it “running” but there likely will be security issues and maube also reliability issues that an experienced person would have avoided.
But as you found it is difficult to find a good consultant as there is always the risk that they specify top-of-the-line equipment partly to “cover their own ass” and you may waste money or end up with a sub-optimal solution.

@pe1chl provided YOU with very good direction and I would highly encourage you to follow
… very specifically the following is absolutely critical in your situation:

However, you still will need to invest in some IT consultancy. It is not a good idea to setup such complex networks without knowledge, you can probably get it “running” but there likely will be security issues and maube also reliability issues that an experienced person would have avoided.
But as you found it is difficult to find a good consultant as there is always the risk that they specify top-of-the-line equipment partly to “cover their own ass” and you may waste money or end up with a sub-optimal solution.

i will like to add

most of the time consultants are steering towards their own interest on getting sales commissions on hardware