[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Network configuration and domains

Posted on 2013-01-28
5
Medium Priority
?
207 Views
Last Modified: 2013-01-29
A virus attack rendered our Domain controllers unavailable.  Could not login with any account, tried a couple password reset tools to no avail.  We ended up reformatting and reloading both servers, probably a best practice and gave us an opportunity to upgrade to 2008.  Moving forward would like to redesign network and create two subnets, one for public use and one for staff use.  
Trying to avoid another event bringing down the whole network consisting of around 70 machines.  Having to go to every machine and readd them to the domain - very time consuming.  

Does this sound like a good plan or are there better options?
0
Comment
Question by:Webcc
  • 3
5 Comments
 
LVL 99

Accepted Solution

by:
John Hurst earned 1000 total points
ID: 38829372
Generally yes. The public should not be given access to your LAN because you have no control over their computers. Their subnet should be segregated by use of a VLAN if you can do it. Also consider having a second ISP for this. Even with a VLAN, a public child porn user could cause you management grief.

Back to your LAN, make sure you have a good, corporate, integrated AntiVirus. Symantec Endpoint Protection is very good and there are other good ones a well. The point is to have a top notch one that is paid (never free).

Good luck.   ... Thinkpads_User
0
 
LVL 10

Assisted Solution

by:Nancy McCullough
Nancy McCullough earned 1000 total points
ID: 38829426
Absolutely, yes. Separate your company from your customers and from the public. Create a network wherein there are no access points that can be exploited by the various forms of viruses, as much as silly people looking for a "challenge", or those who are just "curious". Keep sensistive information backed up and stored offsite. There are quite a few virtual storage sites that work great, but again - you are then subject to *their* networks. Even still, I believe the cloud is where all computing is headed. I have already started storing all company files online as a backup... which has paid off after my company was hit with an incident a month ago. A secure network is one that keeps the data safe from outside sources as well as inside sources of potential harm.
0
 

Author Comment

by:Webcc
ID: 38829650
Thanks for the input.  Had latest SEP installed but got through, we are switching to Kaspersky.  Have to work out one application that is used by the public and managed by the staff so, both networks will need to access.
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 38830551
If public has access to one application then they have access to your network using computers you have no control over.

You will certainly need very strong passwords. Perhaps you can provide two instances of the application.
.... Thinkpads_User
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 38830876
@Webcc - Thank you, and I was pleased to help you with this. .... Thinkpads_User
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question