Solved

How to connect two network together

Posted on 2013-06-29
2
411 Views
Last Modified: 2013-07-21
History
------------
Currently our company have two isolate network ,One is for finance department and another is for normal LAN.In the first place ,management decide to split the network to two different network due to security issue .But now management has decide to allow finance department to access DMZ resource and browser internet.Please advice how to connect this two network together.Thank you







Company Network
0
Comment
Question by:AnthonyTeah
2 Comments
 
LVL 1

Accepted Solution

by:
dmitrij75 earned 500 total points
Comment Utility
If your organization have a departments that are placed in one building your task performs with ease. You just need still another power router with VLAN support. The other routers must be connected that router. Combine DMZ computers and finance department in VLAN0 segment on the side of the power router, so that the users outside that segment could not access PC's in the finance department. You may use the same subnet mask for finance department personal and the other users in this case. You might want to combine the users in other VLAN cell. (VLAN1, for example) on the side of you power router as well to prevent their computers from being viewed by financial department users if needed. Now you can connect your power router to the internet, another gateway or server with installed gateway Kerio WinRoute Firewall, WinGate, ...
As an additional solution you may not to buy the power router and make the same adjustments on the local routers of your finance department employees and the other users (primarily I mean VLANs). Then you should connect the local routers of your departments to the server with AD, that connected to the Internet. In this means the server with AD must have the quantity of network adapters equal the local routers of your departments. The network adapters of finance employees and DMZ computers should have the same subnet mask to be able to get connected. If the finance department should be isolated from the other users, you must assign the different subnet for their network cards. DMZ computers should have an additional card for the other users as well in this case.
Please note if you would like the finance employees are browse the Internet faster while getting the other files or stuff from DMZ computers, you should consider to buy an additional network card for them to assure them reliable surf the Internet and getting the files from DMZ. Of course you will need to install an additional card on the DMZ computers as well. It's obviously that you will need to set different subnet mask on the cards. If you wish the other users have the same possibility never assign the subnet mask for their second network adapter the same as for finance employees for security reasons. It's better to install yet another card to DMZ computers or servers.
If you will have a plans to grant the same resources for all the computers of your network then delete VLAN. Both finance employees and other users will see their shared resources
0
 
LVL 17

Expert Comment

by:surbabu140977
Comment Utility
Since finance is involved, you should be consulting a networking/security firm before plugging in to internet.From your question it's evident that you may not be aware of all the networking aspects. It will carry a great deal of risk(for your finance dept and business) if you try to do it yourself without any professional audit/consultation.

Depending on the sensitivity of finance division you will need a thorough checking of the Desktops, patching of OS and softwares, implement extra security at the firewall, enable strict user control(windows domain) etc.

The last thing you need will be someone seeing your business finance data sitting in his basement garage (and probably trying to sell it). :)

Best,
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now