Networks that
don't get rebuilt every 18 months.
Designed properly, segmented properly, monitored continuously. We standardize on enterprise network gear for SMB and enterprise firewall for mid-market and regulated industries. Both come with config-as-code so handoffs don't break.
Everything you need, none of the upsell.
Real deliverables, with the boundaries written down. So you know what you're paying for and what counts as extra.
VLANs, segmentation, redundancy.
Guest, corp, IoT, and management on separate VLANs. Critical sites with redundant uplinks. Documented before deployment.
Coverage you can prove.
Heat-mapped surveys, AP placement, channel planning. WiFi 6/6E hardware. Roaming that actually works.
We see issues before users do.
24/7 telemetry on every device. Bandwidth, packet loss, latency, and DHCP health. Alerts route to our queue, not yours.
Multi-site, multi-link.
Failover, load balancing, and policy routing across multiple ISPs. Without the consultant fees of legacy vendors.
The order we work in.
A clear sequence so you can budget time, money, and risk against the work.
Survey.
Site walk plus WiFi heat-map and switch port inventory. We document what's there before we propose what should be.
Design.
Logical topology, VLAN plan, IP plan, hardware list, and cabling plan. You see and approve before we order.
Deploy.
Off-hours cutover where possible. Zero-touch provisioning where the gear supports it. Rollback documented before we start.
Operate.
Continuous monitoring, firmware management, configuration backups, and quarterly review.
Get a quote on managed network.
Tell us a bit about your environment and we'll come back with a scoped proposal in two business days. No obligation, no pressure.
Request a Quote Back to Managed ServicesA network designed once and maintained continuously.
The network problems that cost BC and Alberta businesses the most are not dramatic outages but chronic, low-level failures: WiFi that drops in the conference room, a VPN that disconnects every few hours, a firewall nobody has patched in three years, a flat network where every device can reach every other device with no segmentation. These problems persist because nobody owns them. The IT person who set up the network left, the switch hasn't been touched since, and the firewall admin password is on a sticky note somewhere. North Star's managed network service replaces that situation with a documented, monitored, and continuously maintained network that someone is accountable for.
For a Kamloops construction company with two office locations and 30 field staff on VPN, "managed network" means we designed the firewall rules and VLAN segmentation, we monitor the uptime of every site, we get an alert before you notice the internet is slow, and we apply firmware patches during the maintenance window we agreed on. For a larger manufacturer in the Peace Region running OT equipment on a separate VLAN, it means we maintain the segmentation boundary between the production floor and the corporate network so that a ransomware event on the office side cannot reach the PLCs. The architecture is documented in code so that if anything changes, we can redeploy it consistently.
Network management deliverables.
- Firewall management: rule review, firmware patching, traffic logging, and quarterly policy audit. Standardized on Cisco Meraki for SMB and Sophos XGS or Meraki MX for mid-market.
- Managed WiFi: Cisco Meraki or Ubiquiti UniFi access point deployment, SSID design (corporate, guest, IoT), and coverage validation. Continuous uptime monitoring with automatic alert on AP failure.
- VLAN segmentation: separate VLANs for corporate, guest, IoT, OT, and VoIP where applicable. Firewall rules enforced at each boundary.
- VPN management: site-to-site VPN between locations, remote access VPN for staff, and split-tunneling configured to keep local traffic local.
- SD-WAN (multi-site): multiple internet connections load-balanced and failed over automatically. Prioritization of VoIP and critical application traffic.
- Continuous monitoring: uptime, latency, packet loss, and bandwidth utilization monitored 24/7. Alerts trigger before users notice problems.
- Firmware and patch management: scheduled firmware updates to firewalls, switches, and access points during agreed maintenance windows.
- Network documentation: IP addressing, VLAN map, firewall policy, and device inventory maintained as living documentation, not a Visio file from 2019.
Multi-site businesses and industries where connectivity is operational.
Managed network services are most valuable for businesses where a network failure directly stops operations. A logging company in the Yukon with a satellite uplink and a local server needs someone monitoring that uplink and ready to switch to a backup connection if it degrades. A retail chain in BC with 8 locations needs consistent WiFi and POS connectivity at every site without having a different network setup at each one. A professional services firm in Edmonton with staff working remotely needs a VPN that is reliable and fast enough that people don't work around it.
Industries like oilfield services, mining, construction, and forestry operating in remote BC and Alberta locations often have connectivity challenges that urban MSPs are not experienced with. Starlink business connections, cellular LTE failover, and satellite uplink management require different skills and configurations than a typical office with fibre internet. North Star has experience with these environments.
If you have a network that works most of the time and you're not sure who to call when it doesn't, that is the gap managed network services fills. One point of accountability, one phone number, one monthly invoice that covers everything from a failed access point to a firewall rule change for a new software vendor.
Site-based pricing bundled with managed IT services.
Managed network is priced per site per month, with the rate depending on the complexity of the environment (number of devices, number of VLANs, whether SD-WAN or OT segmentation is required). Hardware (firewall appliance, switches, access points) is quoted separately and can be purchased or provided under a hardware-as-a-service model where North Star retains ownership and replaces failed hardware. Network management is typically bundled with helpdesk and endpoint management as part of a complete managed IT services agreement. Contact us for a site survey and proposal.
What clients ask before starting.
We already have a firewall from our ISP. Do we need this?
ISP-provided routers are consumer or prosumer grade, rarely patched, and not suitable for business use. They lack the logging, traffic inspection, VLAN support, and management visibility that a business network requires. A business firewall (Cisco Meraki, Sophos, or Fortinet) gives you proper network segmentation, threat inspection, centralized management, and a documented configuration that can be restored after a failure. Most ISP routers are also a liability from a security standpoint because they run unpatched firmware for years.
What is VLAN segmentation and why does it matter?
A VLAN (Virtual Local Area Network) separates network traffic at the switch level so devices in different segments cannot communicate directly. In practice, this means guest WiFi users cannot see your file server, a compromised IoT device cannot reach your accounting system, and if ransomware hits a staff workstation, it cannot spread across the network to servers on a different VLAN. Flat networks, where everything can talk to everything, are the primary reason ransomware spreads so fast inside businesses. VLAN segmentation is the structural fix.
Can you manage Starlink and LTE connections?
Yes. We configure and manage Starlink Business, LTE failover, and multi-WAN SD-WAN setups for remote sites in BC, AB, and the Yukon. Starlink Business works well as a primary connection for remote sites or as a failover for sites with a single terrestrial ISP. We configure automatic failover so that when the primary connection goes down, traffic routes over the backup without any user intervention or noticeable disruption for most applications.
How do you handle network changes?
All network changes go through a change management process. You request the change (new firewall rule, new SSID, new site-to-site VPN), we document what will change and what the impact is, we schedule the change during a maintenance window if it requires downtime, and we test and confirm after the change. Every change is logged and the network documentation is updated. You always know who made a change and when, because it is all documented.
Enterprise network design for SMB budgets in Western Canada.
North Star is headquartered in Prince George, BC, and covers BC, Alberta, and the Yukon. We standardize on Cisco Meraki for SMB network management because it gives us centralized visibility across all client sites, automatic firmware updates, and a cloud management platform that lets us respond to issues faster than if we were managing each device individually. For mid-market clients with more complex segmentation requirements, we also work with Sophos XGS and Ubiquiti. Our network configurations are documented as code so that a handoff, a hardware replacement, or a new site deployment is consistent and repeatable. No mystery settings, no undocumented exceptions, no single person who holds all the knowledge.