Skip to main content

A small Office Network

More
21 years 1 month ago #1120 by huliyar
Hello everyone,

Two days ago I got a project, where in I have to set up a office network compromising of 5 systems. Of the 5 systems, 3 will be Windows 2000 prof for the main work and one will be Windows XP for the administration purpose and the other will be Linux (kernel ver 2.4.20) for Internet connection and to protect the LAN and also to provide internet connection to the other systems through IP Masquarade. So now Im thinking of to set the network in the followng way. Please help me if Im wrong and also whether it could be made even better.

1.The internet connection will be through DSL router or (probably cable modem will be used because it is very cheap compared to DSL)into the Linux machine which will be having 2 ethernet cards. (All the cards are RealTeck). One for DSL router and other for LAN.
2.The connection will be by CAT 5e cable.
3.All the systems will be connected to a 16 port switch(D-Link) as shown.

[code:1]
|
| |
| |
|
|Linux box |
|16 port switch |
|win2k |
|
|
| |
|
|----| |
|
| | |
| | | |
|
| | |
| win2k |
| | |
|
V |
To internet | |
|
|
|win2k |
|
|

[/code:1]
Now for a few questionaire.


1.What all software(free) should be running in th Linux to protect the LAN and to provide IP masquarade facilities. Also how do protect from virus threat. (Whether to have anti-virus in the Linux or to have it in every systems.
2.Which ethernet cards should I use to achieve speeds of 100Mbps (maybe 1Gigbps). Please mention any of the D-Link company cards. Also which cable. (I think its CAT5e). Also does the D-Link 16 port switch is enough to achieve 100Mbps(maybe 1Gigbps) ?


Waiting for answers. So that I can get to the market and start buying the goods. Because I have to complete this by Saturday or atleast by sunday.

note: I've edited your post to make the diagram display properly - sahir
More
21 years 1 month ago #1123 by sahirh
Replied by sahirh on topic Re: A small Office Network
Hey huliyar,
Ok so far your setup sounds fine, I'm afraid your diagram didn't come out how you wanted it to.. you can make the diagram format properly by putting it between [\code] [\code] tags (remove that first backslash and replace the second with a forward slash).

So you should be looking at something like this

[code:1]
Internet --> router --> Linux --> Internal LAN
Win2k & XP
[/code:1]

To deal with antivirus you should install anti virus software such as Norton antivirus ( www.symantec.com ) or Mcafee ( www.mcafee.com ) on each of the windows machines.

There are only 40 or so known viruses for linux, so you wont really need to bother with that much. What you will need to do is learn how to make it a 'hardened' machine since it will be the firewall. Make sure its not running any extra services than what you need. Depending on what distribution of linux you use, you'll find information on doing this at the site. If you use Red Hat you'll find
very good information here

www.redhat.com/apps/support/
look under the documentation menu

Here are some more hardening resources:
www.linux-mag.com/2002-09/guru_01.html
librenix.com/?inode=2560

For the firewall software, its already built into most new linux distributions. its called iptables, some people will tell you its difficult to use, but it really isnt.. there are hundreds of tutorials online. Here are a few to start you out

freshmeat.net/projects/iptables-tutorial...ic_id=151%2C150%2C43
www.faqs.org/docs/iptables/
www.yolinux.com/TUTORIALS/LinuxTutorialNetworkGateway.html
www.iptables.org/documentation/tutorials/blueflux/

To sum that up, you might want to read this article :

cwrulug.cwru.edu/talks/gateway/table_of_contents.html
Its called 'Creating A Linux Gateway'



Now for the network cards... you really need to think about why you'd want 1gbps.. it doesnt really seem necessary for such a simple network,

Here are lists of network cards and prices
www.briscomputers.com.au/Category/Network%20card.htm
www.cresca.co.nz/adaptors.html

I'm not sure about the speed rating of the switch, though most half decent switches will support 100mbps (what I personally think you should be aiming for). Think about it.. you're connecting just a few machines.. and the switch will give each its own collision domain with a speed of either 10/100mbps... that should be more than sufficient for most office needs.

Hope that helps,
Keep us posted,

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
21 years 1 month ago #1132 by huliyar
Replied by huliyar on topic Re: A small Office Network
Hi,

Thank you very much for all the links. I feel very lucky to be a member of this site, cause whernever I find a problem I've got the answer from here. Please let me know is there any way that I can be of any help to you people.

Also I will let you know about how my project goes and also if I find any problem again I will be back here.

Once again thank you.
More
21 years 1 month ago #1133 by tfs
Replied by tfs on topic Re: A small Office Network
Sahirh has covered it pretty well. I agree that you shouldn't need any 1gbps switches or cards as you are running such a small network. If you were going to trunk (or cascade switches) or if you knew you were going to grow relatively quickly where you might overload the network, you might think this speed. You can get devices this speed, and it might seem prudent to get them now for growth, but keep in mind, I assume you need to justify what you are putting together, you will look better if you build a cost effective as well as efficient network instead of just putting the biggest baddest network together.

Also, keep in mind that if you are not going to grow that quickly, technology ( and prices ) are going to change. What is the point of buying devices that will be underutilized and then swapped out for better devices later.

As far as network cards, pretty much all the NICs are 100Mbps. I haven't seen too many 10Mbp NIC cards lately.

Thanks,

Tom
More
21 years 1 month ago #1144 by sahirh
Replied by sahirh on topic Re: A small Office Network
Huliyar, you're already a help to the site as you visit pretty regularly and post quite often. Lots of people have similar problems and get helped out.

The best way to help out is to tell other people about the site, and give it a rating (click the 'review this site' button on the top right of the page. That helps us in search engine placements etc.

Tom, I've been meaning to ask you, does your job involve network design as well ?


Cheers,

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
21 years 1 month ago #1146 by tfs
Replied by tfs on topic Re: A small Office Network
Actually, it did.

I was pretty much a Jack of all Trades. I did the complete conversion from our Legacy Data General system over to the new Client Server, NT, Sql Server setup. I did all the in-house software design and programming. I was involved in various stages of the networking design and implementation of our Token Ring and then conversion to Ethernet.

Thanks,

Tom
Time to create page: 0.159 seconds