Two networks secure and insecure. Best option

Posted on 2011-02-14
Medium Priority
Last Modified: 2012-05-11
My scenario is the following:
I have two groups: one with about 50 workstations used by employees (payroll, pension, financial records), and another one used by students (25 PCs)who come and go (obviously insecure because people come from the outside all the time).

They are currently under one domain and one network. We are looking to upgrade them. What would be the best option? Two separate networks with separate DC, DNS, DHCP in each network? Please, let me know what other options could be and if this is the best solution.
Question by:claudiamcse
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 22

Expert Comment

by:Joseph Moody
ID: 34888986
Same physical network. Use VLANs to separate them and access control list on your top router to keep traffic separate.

Author Comment

ID: 34889182
Can you put more info about VLANs and how to separate them. Is it secure? How long does it take to set it up the access controll list on the router for 20 student PCs?
LVL 22

Expert Comment

by:Joseph Moody
ID: 34889294
This is something that you will have to learn a bit about.

You may want to take a networking intro (like a CCNA course).

Here is a good book for you:


Once you understand the technologies and how the work, it wouldn't take you more than five minutes to set up. You just have to understand ACL orders, vlans, routing, etc.
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.


Author Comment

ID: 34889446
Thank you so much. I will buy this book.
LVL 22

Expert Comment

by:Joseph Moody
ID: 34889456
No problem. If you get a chance, take a Cisco Networking Academy course. It will be the best 5 hours a week you spend!

Author Comment

ID: 34889534
Where is this course? Can you give me an info? I would be definitely interested in it.
LVL 22

Accepted Solution

Joseph Moody earned 2000 total points
ID: 34889546

Look in the bottom right for a course locator. It is mainly taught at local colleges.

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question