Need help setting up a multi-level network security plan

Discussion in 'other security issues & news' started by AshG, Jul 15, 2008.

Thread Status:
Not open for further replies.
  1. AshG

    AshG Registered Member

    Joined:
    May 7, 2005
    Posts:
    206
    Location:
    East TN
    Hello all!

    I have been given the task of setting up a multi-level network security plan for a non-profit organization. I have a clue of what to do, but I could always use the intelligence of the posters here to make things even better.

    We currently have three computers attached to the network permanently with a few laptops (mine and the boss's) that come around fairly frequently; we will soon be adding an education lab. Here is what the boss has asked for:

    Three levels of security
    Level 1 - Can access the internet freely (hardware firewalled), but cannot see any other computer or printer on the network. Self-contained workstation.
    Level 2 - Can access the internet and see other Level 2 computers within its workgroup. Password protected file sharing is enabled.
    Level 3 - Total lockdown; internet access only when I allow it, and then only for security updates. Can only print to an attached printer.

    Level 1 and Level 3 are going to be fairly easy; it's Level 2 that has me somewhat stumped. There will be a workgroup for the Manager, the Director of Programs, and me. Later, there will be another workgroup for the education lab.

    The ultimate worry for me comes with the wireless router. We're currently trying to do this with just one four port D-Link router, with only two computers connecting via Cat5. Ultimately I want to see as little wireless as possible for the workstations.

    Any thoughts on directions I should go in?
     
  2. OSPA

    OSPA Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    5
    Location:
    Barstow, CA
    I don't know what resources you have available, but have you considered setting up a domain controller?
     
  3. wat0114

    wat0114 Guest

    You don't want to use an enterprise grade router? Generally you get what you pay for, but having said that, the D-link will probably work okay, I guess. Maybe just a hub for the level 2 computers with file sharing obviously enabled on the workstations, while file sharing is disabled on the stations in levels 1 & 2? If you set a strong passphrase and WPA or WPA2 encryption for the wireless portion of the router, it should be fairly secure. One gateway for all three levels should be okay, I think. I still feel if you want to be serious about this, you need a step up from a home router, assuming, that is, the D-Link is a home router.
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    You wanna use Windows or Linux for that task?
    Cause with Linux, the demands are rather simple.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.