Solved

Network configuration and domains

Posted on 2013-01-28
5
196 Views
Last Modified: 2013-01-29
A virus attack rendered our Domain controllers unavailable.  Could not login with any account, tried a couple password reset tools to no avail.  We ended up reformatting and reloading both servers, probably a best practice and gave us an opportunity to upgrade to 2008.  Moving forward would like to redesign network and create two subnets, one for public use and one for staff use.  
Trying to avoid another event bringing down the whole network consisting of around 70 machines.  Having to go to every machine and readd them to the domain - very time consuming.  

Does this sound like a good plan or are there better options?
0
Comment
Question by:Webcc
  • 3
5 Comments
 
LVL 93

Accepted Solution

by:
John Hurst earned 250 total points
ID: 38829372
Generally yes. The public should not be given access to your LAN because you have no control over their computers. Their subnet should be segregated by use of a VLAN if you can do it. Also consider having a second ISP for this. Even with a VLAN, a public child porn user could cause you management grief.

Back to your LAN, make sure you have a good, corporate, integrated AntiVirus. Symantec Endpoint Protection is very good and there are other good ones a well. The point is to have a top notch one that is paid (never free).

Good luck.   ... Thinkpads_User
0
 
LVL 10

Assisted Solution

by:Nancy McCullough
Nancy McCullough earned 250 total points
ID: 38829426
Absolutely, yes. Separate your company from your customers and from the public. Create a network wherein there are no access points that can be exploited by the various forms of viruses, as much as silly people looking for a "challenge", or those who are just "curious". Keep sensistive information backed up and stored offsite. There are quite a few virtual storage sites that work great, but again - you are then subject to *their* networks. Even still, I believe the cloud is where all computing is headed. I have already started storing all company files online as a backup... which has paid off after my company was hit with an incident a month ago. A secure network is one that keeps the data safe from outside sources as well as inside sources of potential harm.
0
 

Author Comment

by:Webcc
ID: 38829650
Thanks for the input.  Had latest SEP installed but got through, we are switching to Kaspersky.  Have to work out one application that is used by the public and managed by the staff so, both networks will need to access.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 38830551
If public has access to one application then they have access to your network using computers you have no control over.

You will certainly need very strong passwords. Perhaps you can provide two instances of the application.
.... Thinkpads_User
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 38830876
@Webcc - Thank you, and I was pleased to help you with this. .... Thinkpads_User
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question