Two networks secure and insecure. Best option

Posted on 2011-02-14
Last Modified: 2012-05-11
My scenario is the following:
I have two groups: one with about 50 workstations used by employees (payroll, pension, financial records), and another one used by students (25 PCs)who come and go (obviously insecure because people come from the outside all the time).

They are currently under one domain and one network. We are looking to upgrade them. What would be the best option? Two separate networks with separate DC, DNS, DHCP in each network? Please, let me know what other options could be and if this is the best solution.
Question by:claudiamcse
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 22

Expert Comment

by:Joseph Moody
ID: 34888986
Same physical network. Use VLANs to separate them and access control list on your top router to keep traffic separate.

Author Comment

ID: 34889182
Can you put more info about VLANs and how to separate them. Is it secure? How long does it take to set it up the access controll list on the router for 20 student PCs?
LVL 22

Expert Comment

by:Joseph Moody
ID: 34889294
This is something that you will have to learn a bit about.

You may want to take a networking intro (like a CCNA course).

Here is a good book for you: 

Once you understand the technologies and how the work, it wouldn't take you more than five minutes to set up. You just have to understand ACL orders, vlans, routing, etc.
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.


Author Comment

ID: 34889446
Thank you so much. I will buy this book.
LVL 22

Expert Comment

by:Joseph Moody
ID: 34889456
No problem. If you get a chance, take a Cisco Networking Academy course. It will be the best 5 hours a week you spend!

Author Comment

ID: 34889534
Where is this course? Can you give me an info? I would be definitely interested in it.
LVL 22

Accepted Solution

Joseph Moody earned 500 total points
ID: 34889546

Look in the bottom right for a course locator. It is mainly taught at local colleges.

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question