Solved

The layout of the network.. Second part of question experts-exchange.com/Networking/Microsoft_Network/Q_20952943.html

Posted on 2004-04-14
7
233 Views
Last Modified: 2010-03-18

Comment from LucF
Date: 04/14/2004 03:22AM EDT
 Comment  


goodenough,

>>Come on... That is a bad answer...
That was one of the most serious answers I ever gave, but I'm glad you liked it. :)

Ok, if you're serious, wait a few months. Better security will be on wireless network adapters in the near future. Furthermore, use MAC filtering, only allowing some network adapters in the network. Only you know how confident your data is, and if it's worth the risk.

I still advice you to reconsider, but of course, your choice.

LucF
 
Comment from diggisaur
Date: 04/14/2004 08:06AM EDT
 Comment  


If you want to try and lock down your wireless a little....

1/. Don't broadcast your SSID from your access points (that way it is invisible - Microsoft don't like it but I never had a problems - wirelss setups for 3 years now)
2/. Change the default name of your access points (dont user factory standard ones)
3/. Change the default password on your access points too.
4/. Use encryption (personally WEP is kind of crap - I see a lot of drop outs with WEP - WPA is more secure. Especially when 802.11x comes out)


 
Comment from diggisaur
Date: 04/14/2004 08:07AM EDT
 Comment  


Also MAC filtering as LucF stated is good also.....you can also set up firewalls on the wireless computers as well for additional security to prevent access to files....or control access.  

Comment from goodenough
Date: 04/13/2004 05:42PM EDT

Out standing you two are making this membership woth the money.
OK so these are the specs on the wireless side.
1st - I was thinking that all secure information can be exchanged through terminal server sessions, or Citrix.  dependant on the log on the user would have access to a session and a submition process. VB interface to database or what ever. This would be a secure server.
2nd this is the layout of the network. Each office having internet connection? and wirless in the building out to the WWW through the DSL line.. But were is that connection to the secure server? though a public IP or can it be to one of the other DSL routers in the other building?? DSL is not a constant IP to the router  it is DHCP so i would need to get 1 IP address, for the one router in front of the Secure server.? correct.
 Hope you understand this. I will award points to the both of you infact the second part of this question i will open into another question so i can split the points accordingly.
0
Comment
Question by:goodenough
  • 3
  • 2
  • 2
7 Comments
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 250 total points
ID: 10824157
1/. You can further secure the Terminal Server/Citrix connection with a VPN (microsoft based, hardware VPN based) Just for added security.

2/. Yes you will need just one public IP for the router interface. Static IP is a must as dynamic can obviously chance frequently or infrequently depending on the ISP. You will then open the necessary ports and forward to a manually set private IP of the server.Ports vary based on whether you end up using Terminal Services, Citrix or go for a VPN as well.
0
 
LVL 32

Accepted Solution

by:
Luc Franken earned 250 total points
ID: 10824912
Personally I don't like the terminal services idea, it's pretty hard to manage, and asks a lot from the servers.
I'd setup the internal network in every building with wires (I assume this has allready been done and all these connections exist allready) Each building on their own subnet. Then use routers with VPN to connect the different buildings.

LucF
0
 

Author Comment

by:goodenough
ID: 10824929
THanks any final notes to watch out for..... PLEASE.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 32

Expert Comment

by:Luc Franken
ID: 10825019
1) About everyone with a good sense of security knows some hacking. If you know anyone you trust, hire him/her to check the network for safety.
2) Always log all failed login attempts, so you can react before anything bad happens.
3) Close all ports you don't need with a hardware firewall (make sure to check those logs on a regular base also)

If you do all that, you'll probably be fine ;-)

Good luck,

LucF
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10825171
Yea I agree with LucF...only open the ports you absolutely need to. Most hardware firewalls are pretty good in that they come fairly locked down out of the box. Also, you can get wireless fairly secure but its never as safe as a wired network in my opinion...or as good performance wise.
0
 

Author Comment

by:goodenough
ID: 10825451
Thaks again
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10825679
You're very welcome ;-)

LucF

p.s. for a hardware firewall, think PIX!!
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question