Use standards for everything you can. Don't use some product because some propreietry feature is a must-have, or you'll be locked in to that vendor for ever, and if they go away, then you're stuck. And dont just go with what one company calls their "standard", but something that is common and interoperates between vendors.
Design your corporate network with some level of security; know your risks, compromise to make things work smoothly for staff, but understand the compromise. Give people the "least surprise" when having to get on your WiFI, use your printers, etc.
I think a core is to get some central authentiation. Look at LDAP. Then look at using that LDAP data for building an authenticated Wiki. Consider using radius fed from LDAP to secure your ethernet ports (802.1x) - so get a managed switch that supprots that. Its a standard, so you dont HAVE to go for Cisco - I had a lot of joy with the now very old DLink business class gigabit swiches (GDS3224 I think they were) - but don't use propriatry stacking as you'd be stuck to always using that switch/firmware - use LACP and MSTP.
Encourage yourself to have an always-accurate LDAP. Make an internal directory that is auto populated with all relevent fields from LDAP. Extend your LDAP to contain everythign needed. If you find someone in some department is copying all the names to excel to make a phone directory, try and ind out what your current online phone directory doesnt give them, and fix it. Up to them if they want a printed hard copy - but that should be just a case of hitting print in a browser.
Put two Wireless networks in each office - one that uses certiicate based WPA as a secured network for staff, and one that is protected by a simple shared password for guests. Put up signs so that guests are welcomed to use your guest wifi, more than using a wireed ethernet port (which would also, as above be protected with 802.1x - except that's not always possible with ports for printers, etc - but even still you can MAC address lock those ports).
Design your VLANs into areas of shared security risk. Printers. Finance Staff workstations. Common File Servers. Tech Admins. HR. Bridge these staff VLANs to wireless using cert-WPA so that people aren't having to circumvent your security.
Put in a Jabber server, authenticated using LDAP. Let your Jabber server talk out to other networks. Encrypt your internal IMs via your Jabber server.
Put in a SIP server, and use softphones for most people.
The exception to using standards and doing it yourself: Offload email to GMail or similar. Use their calendaring. Get android phones and be done with it. Then use Thunderbid to work with your GMail accounts and calendars... using STANDARD protocols, such as ICAL, IMAPS, etc.
But, use Standards where you can.
2nd'ed. Great little box. The originalk Atom 220 CPU on the original Revos are a little slow on true 1080p at times (though the video is off-loaded to the GPU for decoding); the followup Atom 330 based units were a dual core CPU. I've been using mine as combined backend & front end for some time - plus file server, NTP, DNS server, IPv6 gateway and tunnel endpoint, music DAAP server, and DLNA server (mediatomb).
Was wondering what the product line is for this small form factor from Acer. Atom has continued to evolve, but I havent seen any more products....
All Finagle Laws may be bypassed by learning the simple art of doing without thinking.