SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Security > General Network Security

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 11-03-2012, 01:20 AM
Jangell Jangell is offline
New Member
 
Join Date: Nov 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Jangell is just starting out
Default Advice on the proper solution/product

As is somewhat normal...I am by default the IT guy for our small business.

Hoping that some of you with experience in environments similar to mine might be wiling to share some of your learned wisdom.

Our office:
10 PCs running mostly Win 7 (2 still on XP)
6 wired and 4 wireless
Wired machines have gigabit NICs...Dont necessarily need Gigabit speed but it would be nice
2 macs running 10.7
2 Wireless

1 Server running 2008
The server hosts an App that the PCs access

2 wired printers
1 wireless printer

Users have iPhones etc that hit the wireless network


my primary problem is with users surfing the web, streaming music and youtube and updating Facebook.

Secondary issue is with users opening webmail attachments that might not be all that safe.

I had a netgear WRN2000 router that worked fine until the amount of websurfing impacted productivity.

Upgraded to a Prosafe FVG318 - Frankly this thing sucks...

Wireless is horribly slow and the number of dropped connections had increased dramatically.

Wired computers have connection issues as well and on more than a handful of instances we have duplicate IP error messages appear.

The Prosafe also lacks the ability to block https sites (works fine on http sites) This is a large problem given that gmail, facebook and a variety of other sites are https sites.



I am by no means an IT expert...I call tech support ALOT...Love netgear's support for this very reason.

Any and all advice is appreciated...Thanks in advance.
Reply With Quote
  #2  
Old 12-09-2012, 01:56 AM
Tumothy T. Doran
Guest
 
Posts: n/a
Default

You have a lot that is “old”; all PC’s should be brought to Windows 7 Enterprise / Professional (with 5 or more, you can opt in for Microsoft VLA – Volume License Agreement), Server 2008 to 2012.

What you did not mention, was the use of Active Directory Services, this should be implemented, with various Policy levels; this can control / limit / and/or totally restrict devices / users on the network; like shutting down all local USB ports (no more unwanted plug-in of iPad’s, iPhones, and other similar) and optical media drives.

A router and/or a security appliance cannot do this alone, or even a large portion (you will have performance that is . . .).

You best bet, spend the money, bring in an IT Consulting / Management firm, rebuild your network, unifying and simplifying. Do first however, depending where you are, if near a big city, there may be a Cisco office near you, stop in, they will provide a ton of information.
1950's
Reply With Quote
  #3  
Old 02-26-2013, 02:05 PM
rquared rquared is offline
New Member
 
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
rquared is just starting out
Default Possibilities

First step, identify what your company's stance (i.e. Policy) is on Internet access. If you have a small pipe, getting streaming off net is fairly easy, Facebook, a bit harder. Acceptable use is not for IT to decide, so make sure you have executive support.

For free, quick, simple, extremely basic/easy to thwart filtering, use OpenDNS, register your IP and turn off categories you identify in this first step as undesirable.

Step two, if you've inherited IT, you've inherited the IT budget. Find out what it is and how much the company plans to invest annually in technology. If it's not important to them to identify, your fighting a loosing battle.

Once identified, step three, do a quick risk analysis to determine where your highest business risk is. Typically organizations look at perimeter first, but as you are doing, remember OUTGOING is perimeter...so content filtering is important.

Anti-virus, although largely ineffective at stopping new threats is valuable when identifying compromise. Make sure your using something good and it's updating on your server and clients. Centralize management is really important as well as content filtering as explained above. When an incident happens, you need to be able to determine what happened in order to stop the incident from occuring again.

Without knowing your email configuration (assuming webmail), standardize on a single service for all users. Anti-virus is your only method for combatting this unless you stand up a UTM box (Untangle, Astaro, etc.) or host your own email server and can subscribe to a service like Postini or Websense to scrub/filter your mail for you.

Hope that helps a bit. Like the other response, I would upgrade your two XP clients if possible, firewall if not. The Win2k8 server is not a concern. Just keep it patched. (patching and vulnerability scanning is a whole new topic that should be on your radar after looking at the above topics as well as a ton of other things, but this should help you get started alteast.)

Hope this helps.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -4. The time now is 06:47 PM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  339
john9527  144
L&LD  129
azazel1024  126
stevech  122
htismaqe  95
sfx2000  75
ChristineBCW  72
TonyH  68
AndreyPopov  54
RMerlin  6002
john9527  372
stevech  349
ryzhov_al  277
TeHashX  230
L&LD  230
RogerSC  199
sinshiva  147
sfx2000  133
joegreat  126
Most Viewed Threads* Hottest Threads*
Old Shellshock...  27237
Old Asuswrt-Merli...  5161
Old Antenna...  3692
Old Asus...  3339
Old Simple NAS...  2251
Old Brainstorming...  2051
Old Looking for...  1815
Old RT-AC68P  1544
Old New Router:...  1499
Old RT-AC68U...  1230
Old Antenna...  73
Old Brainstorming...  47
Old Asuswrt-Merli...  42
Old Simple NAS...  36
Old Advice on...  36
Old Looking for...  35
Old Shellshock...  31
Old Asus...  29
Old WiFi Rates  23
Old Issues...  22


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.