Network Design and Setup

Posted on April 24, 2011 by dgs

Network Design and Setup
by
David Schlecht

So you’re setting up a new office. Whether it’s an office in a commercial building or a home office, you’ll want to make sure you get it right.

For information on securing your network, visit Network Security Technology for security related articles and security case studies.

What’s Required

Obviously, the first thing that is required is a plan and you can’t have a plan without knowing exactly what your requirements are. Don’t just start running wires, but think ahead to how you want it to look when you’re done and how you want it to look in the future. You don’t want to put the time and money into creating a network that you have to completely rebuild in a year or two.

These are some things to consider:

  • Will you eventually need a local server for things like a local wiki or a file server or a caching-only Domain Name server?
  • Will you want static or dynamic IP addresses or a combination of both? If you’re planning on having internal servers, they’ll need static IP addresses.
  • If you’re using a combination of static and dynamic, you’ll need to decide on the IP ranges for each.
  • How will you serve up your dynamic (DHCP) IP addresses?
  • Will you need Internet access? (Of course you will!)
  • What type of Firewall do you need and what types of rules? Will you allow everyone inside the network to access everything on the Internet or will you eventually want to limit what people can do and see?
  • Will you need a VPN (Virtual Private Network) to allow secure access to your network from the outside?
  • Will you have wireless access? If so, what type of encryption and what ACLs (Access Control Lists) do you need?

This isn’t a complete list of everything to consider but it’s a good start.

Avoiding the Pitfalls

A Windows computer connected incorrectly to the Internet can get infected in just a matter of minutes.  This can’t be emphasized enough. It only takes a few minutes before your mistakes start costing you money.

Know your firewall syntax and set up your firewall immediately. And, now what you need in a firewall. You don’t necessarily need a dedicated, expensive machine to perform as your firewall. For most small business and home offices, the Internet router can fulfill the firewall needs if set up properly.

If you are going to allow wireless access to your internal network, put considerable thought into how you want to secure it. Remember, most encryption schemes last only a year or two before they need to be retooled or replaced. This may require constantly upgrading and replacing your wireless routers and updating your firewall rules.

If you’re using a wired network, make sure you have planned for future expansion.

Looking Ahead

No one can foresee the future but it’s important to think how you might want to see things change and plan for those changes. You can also know that certain technologies will become obsolete, such as modes of encryption.

It’s also important to think of how your company will change over time. If you bring in more employees, where will they sit? If you bring in some servers, where will they go?

Follow up

A very important part of network administration is the need for review. No network is stationary and the constant changes can degrade the security that was part of the initial network design.

Your network security should be reviewed on a regular basis. Here are some things that should be reviewed:

  1. Check to make sure your anti-virus protection is up to date on all machines,
  2. Make sure you have a good security policy and that everyone is following it,
  3. Make sure your firewall rules are up to date,
  4. Make sure your firewall hardware (ie: router) is up to date,
  5. Make sure your firewall’s firmware is up to date.
  6. Monitor for breakins,

 

This entry was posted in Internet Security, Technology, Web Technology and tagged , , . Bookmark the permalink.

Comments are closed.