Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 208
  • Last Modified:

Connecting Two separate networks together for access

I have two networks.

Network A - contains a lot of confidential data and is contained in a w2k server

Network B - contains userdata, applications etc and is also contained in a w2k server

Both networks have their own address ranges and subnets.

How do I connect the two together so that A can access B and vice versa and are there any particular security issues I should be looking at bearing in mind the nature of Network A?

My initial thoughts are using a router to bridge the two networks and have not actually done this before so would like any guidance that can be offered...please.

kind regards

Chris
0
seatea
Asked:
seatea
  • 3
  • 3
1 Solution
 
pseudocyberCommented:
I'm going to assume these are two IP networks, and they're in close proximity to each other.  I would recommend using a 2+ port firewall.  I like Checkpoint, it's very easy to configure with its graphical interface - so if your a NewB to firewalls it shouldn't be too difficult.  Others like Cisco PIX, but it's command line is harder to learn.  There's others I haven't worked with, such as SonicWall, Symantec, Raptor, etc.

Anyway, since you mention "confidential data" you could plug both your two networks into the firewall and then create objects for machines, users, networks etc.  Then you could define rules which would allow or disallow users or their machines to cross from one network to the other.

You could do it with a router, but the firewall would give you greater control.

http://www.checkpoint.com/products/firewall-1/

Hope this helps.
0
 
Fatal_ExceptionCommented:
Firewalls would work, but any router will allow you to tranverse the subnets, as long as routes are established using static or routing protocols..  If it is only a 2 subnet LAN and a classful IP structure, RIP v1 will do nicely.. (15 hop count limit)..  (If you use classless, you can use v2)..

If you go with Cisco, and I would if you have security concerns, we could easily write your access-lists for you, and with only 2 subnets, setting it up would not be too awfully hard...  There would be only about a dozen CLI commands you would need to place in the configuration file..  Up to you..

FE
0
 
pseudocyberCommented:
If he only has two directly connected networks, he doesn't need any routing protocols, or even static routing.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Fatal_ExceptionCommented:
hmm..  right..!  used to having a more complicated setup..  :)  Just Access-lists then!  even easier!  :)
0
 
seateaAuthor Commented:
Ok... now the other side of this is.  I have a separate w2k box that is not currently being used...what a spare server I hear you say!!!  

Could i use this server to act as the connection between the two domains (ie two network cards ) and use file permissions as the security or are we talking too risky?
0
 
pseudocyberCommented:
ARGH ... nashing of teeth ...

Do you REALLY want to use a Windows Server as a router!?!? Don't forget about weekly patch updates, mysterious reboots, blue screens of death ... etc.

Yes, you could, but I would rather have you get tin cans and string than use a Windows Box as a router ...
0
 
Fatal_ExceptionCommented:
Just got back on line, and have to say I just love that analogy using the tin cans!  Great line, and will remeber to use it!

But I also agree (as I have stated many times in these threads) that using a server as a router is just not what I consider to be the best use of your system's resources...
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now