Networking is not my strong suite.
We have a network with a domain. The DC is a Windows Server 2003.
We have decided to rent the upper floor of the building to three individuals operating a law practice.
Obviously, we don't want them on our domain or to have access to our resources (files, printers, etc.). But sharing our internet connection would be fine.
Do I insist they have a separate domain on the same DC so domain security policy can be applied? What are the security risks of letting them just plug in and not be joined to the domain? Is there a way to create a different subnet that could still use the same switch and hardware firewall?