Solved

Two networks secure and insecure. Best option

Posted on 2011-02-14
7
332 Views
Last Modified: 2012-05-11
Hello,
My scenario is the following:
I have two groups: one with about 50 workstations used by employees (payroll, pension, financial records), and another one used by students (25 PCs)who come and go (obviously insecure because people come from the outside all the time).

They are currently under one domain and one network. We are looking to upgrade them. What would be the best option? Two separate networks with separate DC, DNS, DHCP in each network? Please, let me know what other options could be and if this is the best solution.
0
Comment
Question by:claudiamcse
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34888986
Same physical network. Use VLANs to separate them and access control list on your top router to keep traffic separate.
0
 

Author Comment

by:claudiamcse
ID: 34889182
Can you put more info about VLANs and how to separate them. Is it secure? How long does it take to set it up the access controll list on the router for 20 student PCs?
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34889294
This is something that you will have to learn a bit about.

You may want to take a networking intro (like a CCNA course).

Here is a good book for you:

http://www.amazon.com/CCNA-Certified-Network-Associate-640-802/dp/0470110082/ref=sr_1_9?ie=UTF8&qid=1297701910&sr=8-9 

Once you understand the technologies and how the work, it wouldn't take you more than five minutes to set up. You just have to understand ACL orders, vlans, routing, etc.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 

Author Comment

by:claudiamcse
ID: 34889446
Thank you so much. I will buy this book.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34889456
No problem. If you get a chance, take a Cisco Networking Academy course. It will be the best 5 hours a week you spend!
0
 

Author Comment

by:claudiamcse
ID: 34889534
Where is this course? Can you give me an info? I would be definitely interested in it.
0
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 500 total points
ID: 34889546
http://www.cisco.com/web/learning/netacad/index.html

Look in the bottom right for a course locator. It is mainly taught at local colleges.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Here's a look at newsworthy articles and community happenings during the last month.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question