Results 1 to 6 of 6
  1. #1
    2 Star Lounger
    Join Date
    Jun 2001
    Oregon, USA
    Thanked 2 Times in 2 Posts

    Fixed IP addresses or use a switch?

    Three solo lawyers with separate practices who share a building want to share a fast internet connection. For ethical considerations they need to keep their traffic separate, as far as one theoretically accessing another's traffic is concerned. One says a switch (small, one-time expense) placed between the router and the lawyers downstream will accomplish this, sending each one's traffic only to him/her. But another says no, merely paying extra each month for fixed IP addresses will take care of that without a switch. Who has the better answer?

  2. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Manning, South Carolina
    Thanked 1,608 Times in 1,452 Posts

    From my limited understanding of networking I would think the best {most secure} method would be to have 4 routers {they are not that expensive}

    The Main Router would hook up to the cable/dsl modem then connect to each of the other 3 routers.
    Each office would have it's own sub-net, i.e. 192.168.3.{0-255}; 192.168.4.{0-255}; 192.168.5{0-255}.
    That way the network traffic would only interset at the Main Router which would automatically send the traffic back to the secondary router that originated it.

    I'm sure one of the Network Gurus here will explain this better but hopefully you get the idea.
    May the Forces of good computing be with you!


    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  3. The Following User Says Thank You to RetiredGeek For This Useful Post:

    Auggie (2012-02-06)

  4. #3
    Lounge VIP
    Join Date
    Apr 2011
    Thanked 134 Times in 115 Posts
    You could subnet them: Hosts on a subnet cannot talk to hosts on a different subnet with sending traffic through the router. However it's not an out of the box solution and somebody would have to administer the router, configure the firewall and hold legal liability if something went wrong. That individual would also have access to all network traffic, which would not be good if the lawyers are separate legal entities.

    If they are indeed separate legal entities, I would recommend leasing three separate lines and use three routers. Each lawyer is responsible for his or her own network and data security policy. Each administers their own internet connection and they have no cross liability case of a network compromise. It also overcomes the issue of apportionment of bandwidth and costs.

    However, if the lawyers are part of a partnership or other single entity I would expect there would be commercial and legal reasons why it would be advantageous to have all network traffic routed through a single point such as Small Business Server.

    .....While on this thought, they should also consider their phone lines - the same considerations apply if a single managed direct-dial phone solution is installed.

  5. #4
    Join Date
    Dec 2009
    Burlington, VT
    Thanked 1 Time in 1 Post
    You could do it with a switch by vlaning the different segments, but it will get messy pretty fast and vlans can be a nightmare to troubleshoot. Like Retired said you can setup 3 IP scopes for each but since the router has connections to each, someone on one of the subnets would still be able "see" the other networks unless you put firewalls in front of each segment or have a higher end router that you could put ACLs on.

  6. The Following User Says Thank You to MikeBinVT For This Useful Post:

    Auggie (2012-02-09)

  7. #5
    WS Lounge VIP
    Join Date
    Dec 2009
    Thanked 1,125 Times in 1,048 Posts
    Modern routers are switches and one is all you need. The only data sent outside the port is internet or broadcast data so snooping will not be an issue. What can be a problem is one user deliberately sending data to one of the other computers to try to access it. This can happen if one user gets a virus.
    Use Windows firewall and anti virus, make regular backups and practise safe hex.
    Fixed IP addresses make no difference.

    cheers, Paul

  8. The Following User Says Thank You to Paul T For This Useful Post:

    Auggie (2012-02-09)

  9. #6
    5 Star Lounger
    Join Date
    Dec 2009
    Milwaukee, WI
    Thanked 64 Times in 52 Posts
    Not sure why they want to share. I just can't think of a good reason other than to save a few dollars. Individual small business broad band accounts are not that expensive. Then there will never be a question of liabilities.

  10. The Following User Says Thank You to Doc Brown For This Useful Post:

    Auggie (2012-02-09)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts