"Herb Martin" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> > A small client recently aske dme to take alook at their network because
> they
> > know I work in computers, and they are worried about their network
> structure
> > and security. They have around 7 computers, mixed between Windows 2000
> and
> > XP Professional. There are two Group names on the network (Accounts and
> > Backoffice),
>
> Do you mean "workgroups"?
>
> "Groups" are an account database issue usually.
>
Yeh, Workgroups sorry.
> >and the network follows a Ring topology.
>
> Unlikely but posssible. What sort? Token ring?
>
> Do you really mean they are not on an Ethernet?
> If NOT, what do you mean by the above?
>
I think you are right. The diagram that was drawn for me was a circle with
nodes (computers) hanging off of it. However, I know a little about
networking and I am sure what was really meant was that each computer is
linked to the hub via an ethernet card. I use wireless at home so I have
forgotten what the ethernet cards look like - can you daisy chain by putting
an in signal in, and then putting another cable into the same card and
linking that new cable to the in on a second card in a different computer?
> > The first machine
> > next to the hub has Nortin Firewall installed along with anti-virus
> > software. All other machines also have anti-virus software. Other than
> > that, people can access the network by logging with the "known" username
> and
> > password.
>
> Technically you almost never have "access to the network" but rather
> to the Servers of the network. (Ok, with 802.1x etc. or WEP you might
> actually secure the net itself.)
>
OK fair point. Maybe my client meant that they have a username and password
that everybody knows, which isnt locked down. Not sure.
> This may seem like a picky distinction but in a Workgroup there is
> NO single account for ALL access -- you must have a separate
> account on EVERY server. In a Domain you can have one account
> that allows (or denies) access to all resources of that domain.
>
> > But there is sensitive and important data that can be accessed by
> > employees, and hence the concern.
> >
> > My question therefore is, would it be advisable to get Windows Advanced
> > Server (or similar) installed, create a single domain, and get all the
> > machines into that domain along with creating specific user accounts to
> log
> > down the network?
>
> The issue is a DOMAIN, not necessarily Advance Server over the
> standard edition.
>
Right.
> > The idea would be to create set accounts that allow
> > certain features and tasks to be accomplished. For example, logging in
as
> a
> > normal user on any of the machines should mean they cannot install or
> remove
> > software. I know this type of thing is possible, but I dont know how.
An
> y
> > advice on this would be greatfully received.
>
> Yes, the above is good, but most people without a lot
> of domain experience will leave the domain so unsecured
> that it really isn't more secure.
>
> Domains make security and access easier to manage but
> they don't make it automatic.
>
I understand - its not a case of installing Advanced Server, or indeed any
other Server software and then expecting the network to be secure.
> You're on the right track, but there is a lot to learn to take
> advantage of that new domain (which is a good idea.)
>
> Are they paying you? Or do you consider this job a learning
> experience? Either way is good, but if you aren't getting paid
> and don't intend to learn this stuff you might pass it someone
> else.
>
Well, my client is also a friend of a friend whom I have known for a while.
I have been told they cannot afford to pay me right now. However, I know
they are struggling and I have a better chance of sorting it than them. I
am more of a software developer, so I understand the concepts etc. I have
just never really set domains up etc.
Thanks for your help Herb.
> --
> Herb Martin
> "Nick" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Hi,
> >
> > Apologies if this is the wrong group - I couldnt work out which was the
> > best.
> >
> >
> > Many thanks,
> >
> > Nick.
> >
> >
> >
>
>
|
Similar Threads
Linear Mode
