+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 19 of 19
*nix Thread, Secure Contractor/Visitor Internet in Technical; Originally Posted by E1uSiV3 If you have managed switches, why not vlan it? VLAN it to where? You're going to ...
  1. #16

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Re: Secure Contractor/Visitor Internet

    Quote Originally Posted by E1uSiV3
    If you have managed switches, why not vlan it?
    VLAN it to where? You're going to have to make a gateway for that VLAN somewhere. Simplest would be to make that a spare LAN interface on your WAN router and set some ACLs, but if you don't have a spare i/f then a linux NAT box would be fine.

    Well unless your switches also route & implement layer-3 ACLs.

  2. #17

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,343
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414

    Re: Secure Contractor/Visitor Internet

    We don't have control over out wan router as that is an lea managed service.

    If I were to use a small mini-itx pc which can be bought with ipcop loaded and setup via cf card for £250 then this could be moved to where ever an outside salemans/contractor may require internet access. If I vlan'ed it then I would have to change that everytime someone wanted to plug in via a different network point.

    Ben

  3. #18

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,343
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414

    Re: Secure Contractor/Visitor Internet

    Russ you may be able to do it by allowing certain macs address to access everything on the red rather than just say http and https using the full control firewall mod when I've got it all set up I'll have a look.

    Though smoothie was giving me problems today so I did try an ipcop install but that didn't work properly either turned out to be a faulty nic on the red.

    Ben

  4. #19

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,286
    Thank Post
    225
    Thanked 405 Times in 302 Posts
    Rep Power
    162

    Re: Secure Contractor/Visitor Internet

    Sorry to bump but we have just initiated this as a test. Partly for external people coming in and partly to hook 'nasty' machines we get asked to look at from time to time.

    Quick question though. We have it all set up, the safe NIC attached to the network pointing directly at the router. The unsafe NIC attached to it's own hub that ports are hooked into. We have set Smoothwall to be a DHCP and given it a different IP range and sub net and not touched the firewall, so only web traffic works. I am still a bit cautious as to how safe it is to just hook random and sometimes downright dirty computers to the network, even being segregated as it is.

    Can someone allay my fears that all is well? Mainly along the lines of worst case scenario that a contractor comes in and has a nasty worm, hooks into the segregated network and nothing bad can happen. We have tried some tests, but with the completely different sub-net and range that seems to stop most things seeing anythign else, but as I said I'm still a little uneasy to blindly trust it!

    ta

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Anyone recommend IT contractor?
    By Steele in forum Windows
    Replies: 17
    Last Post: 25th March 2009, 09:22 AM
  2. Secure Printing
    By FreeWill in forum Wireless Networks
    Replies: 2
    Last Post: 9th October 2007, 11:45 AM
  3. How secure is a VLAN?
    By Ben_Stanton in forum Wireless Networks
    Replies: 5
    Last Post: 26th July 2007, 09:15 AM
  4. Making RDP more secure
    By mattx in forum Windows
    Replies: 2
    Last Post: 7th February 2007, 01:52 PM
  5. Secure Folder
    By SimpleSi in forum Windows
    Replies: 17
    Last Post: 5th October 2006, 12:29 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •