Solved

The layout of the network.. Second part of question experts-exchange.com/Networking/Microsoft_Network/Q_20952943.html

Posted on 2004-04-14
7
234 Views
Last Modified: 2010-03-18

Comment from LucF
Date: 04/14/2004 03:22AM EDT
 Comment  


goodenough,

>>Come on... That is a bad answer...
That was one of the most serious answers I ever gave, but I'm glad you liked it. :)

Ok, if you're serious, wait a few months. Better security will be on wireless network adapters in the near future. Furthermore, use MAC filtering, only allowing some network adapters in the network. Only you know how confident your data is, and if it's worth the risk.

I still advice you to reconsider, but of course, your choice.

LucF
 
Comment from diggisaur
Date: 04/14/2004 08:06AM EDT
 Comment  


If you want to try and lock down your wireless a little....

1/. Don't broadcast your SSID from your access points (that way it is invisible - Microsoft don't like it but I never had a problems - wirelss setups for 3 years now)
2/. Change the default name of your access points (dont user factory standard ones)
3/. Change the default password on your access points too.
4/. Use encryption (personally WEP is kind of crap - I see a lot of drop outs with WEP - WPA is more secure. Especially when 802.11x comes out)


 
Comment from diggisaur
Date: 04/14/2004 08:07AM EDT
 Comment  


Also MAC filtering as LucF stated is good also.....you can also set up firewalls on the wireless computers as well for additional security to prevent access to files....or control access.  

Comment from goodenough
Date: 04/13/2004 05:42PM EDT

Out standing you two are making this membership woth the money.
OK so these are the specs on the wireless side.
1st - I was thinking that all secure information can be exchanged through terminal server sessions, or Citrix.  dependant on the log on the user would have access to a session and a submition process. VB interface to database or what ever. This would be a secure server.
2nd this is the layout of the network. Each office having internet connection? and wirless in the building out to the WWW through the DSL line.. But were is that connection to the secure server? though a public IP or can it be to one of the other DSL routers in the other building?? DSL is not a constant IP to the router  it is DHCP so i would need to get 1 IP address, for the one router in front of the Secure server.? correct.
 Hope you understand this. I will award points to the both of you infact the second part of this question i will open into another question so i can split the points accordingly.
0
Comment
Question by:goodenough
  • 3
  • 2
  • 2
7 Comments
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 250 total points
ID: 10824157
1/. You can further secure the Terminal Server/Citrix connection with a VPN (microsoft based, hardware VPN based) Just for added security.

2/. Yes you will need just one public IP for the router interface. Static IP is a must as dynamic can obviously chance frequently or infrequently depending on the ISP. You will then open the necessary ports and forward to a manually set private IP of the server.Ports vary based on whether you end up using Terminal Services, Citrix or go for a VPN as well.
0
 
LVL 32

Accepted Solution

by:
LucF earned 250 total points
ID: 10824912
Personally I don't like the terminal services idea, it's pretty hard to manage, and asks a lot from the servers.
I'd setup the internal network in every building with wires (I assume this has allready been done and all these connections exist allready) Each building on their own subnet. Then use routers with VPN to connect the different buildings.

LucF
0
 

Author Comment

by:goodenough
ID: 10824929
THanks any final notes to watch out for..... PLEASE.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 32

Expert Comment

by:LucF
ID: 10825019
1) About everyone with a good sense of security knows some hacking. If you know anyone you trust, hire him/her to check the network for safety.
2) Always log all failed login attempts, so you can react before anything bad happens.
3) Close all ports you don't need with a hardware firewall (make sure to check those logs on a regular base also)

If you do all that, you'll probably be fine ;-)

Good luck,

LucF
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10825171
Yea I agree with LucF...only open the ports you absolutely need to. Most hardware firewalls are pretty good in that they come fairly locked down out of the box. Also, you can get wireless fairly secure but its never as safe as a wired network in my opinion...or as good performance wise.
0
 

Author Comment

by:goodenough
ID: 10825451
Thaks again
0
 
LVL 32

Expert Comment

by:LucF
ID: 10825679
You're very welcome ;-)

LucF

p.s. for a hardware firewall, think PIX!!
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question