nV News Forums

 
 

nV News Forums (http://www.nvnews.net/vbulletin/index.php)
-   Networking And Security (http://www.nvnews.net/vbulletin/forumdisplay.php?f=58)
-   -   Here's one for the Network Admins (http://www.nvnews.net/vbulletin/showthread.php?t=100777)

DiscipleDOC 10-22-07 09:24 AM

Here's one for the Network Admins
 
I am on the verge of redoing my entire network. I uploaded a generic topography of how I want it to look, but something is not clicking....I'm thinking that I got the firewall misplaced...but I am still puzzled.

Can you guys give me some suggestions?

evilghost 10-22-07 09:33 AM

Re: Here's one for the Network Admins
 
It's correct. No need for a DMZ, firewall has to sit behind the router unless the router itself is capable of firewalling.

DiscipleDOC 10-22-07 10:02 AM

Re: Here's one for the Network Admins
 
Quote:

Originally Posted by evilghost
It's correct. No need for a DMZ, firewall has to sit behind the router unless the router itself is capable of firewalling.

Well, if I may have to add a DMZ later, because I will use this same scheme for our china location...and they do a lot of FTP uploads.


Speaking of FTP, where would be a good place to insert it?

evilghost 10-22-07 10:15 AM

Re: Here's one for the Network Admins
 
Quote:

Originally Posted by DiscipleDOC
Speaking of FTP, where would be a good place to insert it?

Right into /dev/null, FTP isn't secure, consider using SSH with scp/sftp, there are Win32 versions that support AD authentication.

DiscipleDOC 10-22-07 10:28 AM

Re: Here's one for the Network Admins
 
Quote:

Originally Posted by evilghost
Right into /dev/null, FTP isn't secure, consider using SSH with scp/sftp, there are Win32 versions that support AD authentication.

Yea...I know how insecure FTP is, but they (my company) have customers all over the world using it. Security is not a priority on the FTP box, just as long as I can keep people out of the rest of my network.

Absolution 10-23-07 10:54 PM

Re: Here's one for the Network Admins
 
Quote:

Originally Posted by DiscipleDOC
Yea...I know how insecure FTP is, but they (my company) have customers all over the world using it. Security is not a priority on the FTP box, just as long as I can keep people out of the rest of my network.

thats a rather broad statement, it depends on what ftp service your using, if your worried about security, try vsftpd

ricercar 10-24-07 04:24 PM

Re: Here's one for the Network Admins
 
Get a switch, not a hub. A hub is slower than a switch. A switch is more efficient than a hub. A switch lives on an entirely different layer of the OSI stack than a hub.

A hub broadcasts every packet to all connections. This effectively means one device cannot talk until all other devices have stopped shouting. Packet collision errors (requiring retransmission) are common. Imagine a hub as a 4-way intersection with no stop signs. Cheap and low maintenance. Lots of traffic makes for a very bad situation.

A switch routes a packet only to the device that it is intended for. Many conversations can occur at the same time. Packets rarely collide. Imagine the switch as a competent traffic cop in this 4-way intersection. Traffic may have to wait for a turn, but everyone gets a fair turn.

evilghost 10-24-07 07:37 PM

Re: Here's one for the Network Admins
 
CSMA/CD in the house!

DiscipleDOC 10-30-07 12:22 PM

Re: Here's one for the Network Admins
 
Quote:

Originally Posted by ricercar
Get a switch, not a hub. A hub is slower than a switch. A switch is more efficient than a hub. A switch lives on an entirely different layer of the OSI stack than a hub.

A hub broadcasts every packet to all connections. This effectively means one device cannot talk until all other devices have stopped shouting. Packet collision errors (requiring retransmission) are common. Imagine a hub as a 4-way intersection with no stop signs. Cheap and low maintenance. Lots of traffic makes for a very bad situation.

A switch routes a packet only to the device that it is intended for. Many conversations can occur at the same time. Packets rarely collide. Imagine the switch as a competent traffic cop in this 4-way intersection. Traffic may have to wait for a turn, but everyone gets a fair turn.

Yup...I changed that to a managed switch.

esaym 12-04-07 05:05 PM

Re: Here's one for the Network Admins
 
Alot of diagrams here: http://community.smoothwall.org/foru...ic.php?t=10709


All times are GMT -5. The time now is 11:32 PM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.