SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Security > General Network Security

Thread Tools Search this Thread Display Modes
Old 11-03-2012, 01:20 AM
Jangell Jangell is offline
New Member
Join Date: Nov 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Jangell is just starting out
Default Advice on the proper solution/product

As is somewhat normal...I am by default the IT guy for our small business.

Hoping that some of you with experience in environments similar to mine might be wiling to share some of your learned wisdom.

Our office:
10 PCs running mostly Win 7 (2 still on XP)
6 wired and 4 wireless
Wired machines have gigabit NICs...Dont necessarily need Gigabit speed but it would be nice
2 macs running 10.7
2 Wireless

1 Server running 2008
The server hosts an App that the PCs access

2 wired printers
1 wireless printer

Users have iPhones etc that hit the wireless network

my primary problem is with users surfing the web, streaming music and youtube and updating Facebook.

Secondary issue is with users opening webmail attachments that might not be all that safe.

I had a netgear WRN2000 router that worked fine until the amount of websurfing impacted productivity.

Upgraded to a Prosafe FVG318 - Frankly this thing sucks...

Wireless is horribly slow and the number of dropped connections had increased dramatically.

Wired computers have connection issues as well and on more than a handful of instances we have duplicate IP error messages appear.

The Prosafe also lacks the ability to block https sites (works fine on http sites) This is a large problem given that gmail, facebook and a variety of other sites are https sites.

I am by no means an IT expert...I call tech support ALOT...Love netgear's support for this very reason.

Any and all advice is appreciated...Thanks in advance.
Reply With Quote
Old 12-09-2012, 02:56 AM
Tumothy T. Doran
Posts: n/a

You have a lot that is “old”; all PC’s should be brought to Windows 7 Enterprise / Professional (with 5 or more, you can opt in for Microsoft VLA – Volume License Agreement), Server 2008 to 2012.

What you did not mention, was the use of Active Directory Services, this should be implemented, with various Policy levels; this can control / limit / and/or totally restrict devices / users on the network; like shutting down all local USB ports (no more unwanted plug-in of iPad’s, iPhones, and other similar) and optical media drives.

A router and/or a security appliance cannot do this alone, or even a large portion (you will have performance that is . . .).

You best bet, spend the money, bring in an IT Consulting / Management firm, rebuild your network, unifying and simplifying. Do first however, depending where you are, if near a big city, there may be a Cisco office near you, stop in, they will provide a ton of information.
Reply With Quote
Old 02-26-2013, 03:05 PM
rquared rquared is offline
New Member
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
rquared is just starting out
Default Possibilities

First step, identify what your company's stance (i.e. Policy) is on Internet access. If you have a small pipe, getting streaming off net is fairly easy, Facebook, a bit harder. Acceptable use is not for IT to decide, so make sure you have executive support.

For free, quick, simple, extremely basic/easy to thwart filtering, use OpenDNS, register your IP and turn off categories you identify in this first step as undesirable.

Step two, if you've inherited IT, you've inherited the IT budget. Find out what it is and how much the company plans to invest annually in technology. If it's not important to them to identify, your fighting a loosing battle.

Once identified, step three, do a quick risk analysis to determine where your highest business risk is. Typically organizations look at perimeter first, but as you are doing, remember OUTGOING is content filtering is important.

Anti-virus, although largely ineffective at stopping new threats is valuable when identifying compromise. Make sure your using something good and it's updating on your server and clients. Centralize management is really important as well as content filtering as explained above. When an incident happens, you need to be able to determine what happened in order to stop the incident from occuring again.

Without knowing your email configuration (assuming webmail), standardize on a single service for all users. Anti-virus is your only method for combatting this unless you stand up a UTM box (Untangle, Astaro, etc.) or host your own email server and can subscribe to a service like Postini or Websense to scrub/filter your mail for you.

Hope that helps a bit. Like the other response, I would upgrade your two XP clients if possible, firewall if not. The Win2k8 server is not a concern. Just keep it patched. (patching and vulnerability scanning is a whole new topic that should be on your radar after looking at the above topics as well as a ton of other things, but this should help you get started alteast.)

Hope this helps.
Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

All times are GMT -4. The time now is 06:01 PM.

Top 10 Stats
Top Posters* Top Thanked
RMerlin  354
L&LD  115
john9527  110
stevech  98
azazel1024  91
jegesq  90
htismaqe  88
huotg01  86
watusi  65
ColinTaylor  53
RMerlin  6454
john9527  512
stevech  358
ryzhov_al  298
TeHashX  263
L&LD  256
RogerSC  206
sinshiva  149
sfx2000  138
hggomes  132
Most Viewed Threads* Hottest Threads*
Old Why not...  8949
Old ASUS RT-N66U...  6554
Old Asuswrt-Merli...  5102
Old RT-AC66U...  3783
Old Why ASUS?  2552
Old NAS...  1977
Old OpenVPN...  1671
Old Remote...  1655
Old Asus...  1578
Old The future...  1435
Old Why not...  81
Old Asuswrt-Merli...  59
Old Remote...  50
Old Whats going...  31
Old Extension...  26
Old The future...  26
Old ASUS RT-N66U...  26
Old RT-N66U...  26
Old OpenVPN...  25
Old What are the...  25

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.