Results 1 to 6 of 6
  1. #1
    2 Star Lounger
    Join Date
    Jun 2001
    Location
    Oregon, USA
    Posts
    162
    Thanks
    42
    Thanked 2 Times in 2 Posts

    Fixed IP addresses or use a switch?

    Three solo lawyers with separate practices who share a building want to share a fast internet connection. For ethical considerations they need to keep their traffic separate, as far as one theoretically accessing another's traffic is concerned. One says a switch (small, one-time expense) placed between the router and the lawyers downstream will accomplish this, sending each one's traffic only to him/her. But another says no, merely paying extra each month for fixed IP addresses will take care of that without a switch. Who has the better answer?

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,058
    Thanks
    196
    Thanked 765 Times in 699 Posts
    Auggie,

    From my limited understanding of networking I would think the best {most secure} method would be to have 4 routers {they are not that expensive}

    The Main Router would hook up to the cable/dsl modem then connect to each of the other 3 routers.
    Each office would have it's own sub-net, i.e. 192.168.3.{0-255}; 192.168.4.{0-255}; 192.168.5{0-255}.
    That way the network traffic would only interset at the Main Router which would automatically send the traffic back to the secondary router that originated it.

    I'm sure one of the Network Gurus here will explain this better but hopefully you get the idea.
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  4. The Following User Says Thank You to RetiredGeek For This Useful Post:

    Auggie (2012-02-06)

  5. #3
    Lounge VIP
    Join Date
    Apr 2011
    Location
    Scotland
    Posts
    1,168
    Thanks
    44
    Thanked 134 Times in 115 Posts
    You could subnet them: Hosts on a subnet cannot talk to hosts on a different subnet with sending traffic through the router. However it's not an out of the box solution and somebody would have to administer the router, configure the firewall and hold legal liability if something went wrong. That individual would also have access to all network traffic, which would not be good if the lawyers are separate legal entities.

    If they are indeed separate legal entities, I would recommend leasing three separate lines and use three routers. Each lawyer is responsible for his or her own network and data security policy. Each administers their own internet connection and they have no cross liability case of a network compromise. It also overcomes the issue of apportionment of bandwidth and costs.

    However, if the lawyers are part of a partnership or other single entity I would expect there would be commercial and legal reasons why it would be advantageous to have all network traffic routed through a single point such as Small Business Server.

    .....While on this thought, they should also consider their phone lines - the same considerations apply if a single managed direct-dial phone solution is installed.

  6. #4
    Lounger
    Join Date
    Dec 2009
    Location
    Burlington, VT
    Posts
    31
    Thanks
    2
    Thanked 1 Time in 1 Post
    You could do it with a switch by vlaning the different segments, but it will get messy pretty fast and vlans can be a nightmare to troubleshoot. Like Retired said you can setup 3 IP scopes for each but since the router has connections to each, someone on one of the subnets would still be able "see" the other networks unless you put firewalls in front of each segment or have a higher end router that you could put ACLs on.

  7. The Following User Says Thank You to MikeBinVT For This Useful Post:

    Auggie (2012-02-09)

  8. #5
    Platinum Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,511
    Thanks
    7
    Thanked 220 Times in 208 Posts
    Modern routers are switches and one is all you need. The only data sent outside the port is internet or broadcast data so snooping will not be an issue. What can be a problem is one user deliberately sending data to one of the other computers to try to access it. This can happen if one user gets a virus.
    Use Windows firewall and anti virus, make regular backups and practise safe hex.
    Fixed IP addresses make no difference.

    cheers, Paul

  9. The Following User Says Thank You to Paul T For This Useful Post:

    Auggie (2012-02-09)

  10. #6
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Milwaukee, WI
    Posts
    737
    Thanks
    23
    Thanked 63 Times in 51 Posts
    Not sure why they want to share. I just can't think of a good reason other than to save a few dollars. Individual small business broad band accounts are not that expensive. Then there will never be a question of liabilities.
    Chuck

  11. The Following User Says Thank You to Doc Brown For This Useful Post:

    Auggie (2012-02-09)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •