•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the Network Security section within the Tech Talk category of DaniWeb, a massive community of 426,425 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,406 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our Network Security advertiser: Programming Forums
Views: 539 | Replies: 3
•
•
Join Date: Feb 2008
Posts: 29
Reputation: 
Rep Power: 1
Solved Threads: 0
Light Poster
I need to isolate one computer in a small office from the office network - from both NetBIOS networking with other machines and at the IP level. The office is just one of a number of businesses in one building - each office has its own network & internet connection hardware connected to a patchbay in a cupboard - I've already tried some measures to physically isolate the machine in question with some wiring changes, but as soon as the device is plugged into the patchbay, the router that provides the office internet connection appears to connect the whole lot anyway (basic NetGear ADSL router).
We have a Netgear Smartswitch on which I've set up a VLAN to encompass all the machines I do want networked and another VLAN that only includes this one machine and the internet port. I can still ping the other office machines from the `isolated` PC and vice versa even though it can't be accessed via NetBIOS. Is a VLAN strictly a Layer 2 thing, or would a Layer 3 managed switch incorporate VLANs that operate at the IP level too? We have some security requirements to fulfil for a planned project, and until there is money available I can't simply move the isolated PC to its own dedicated internet connection (which is the ideal). I know I could use a firewall and block internal private addresses but if the project takes off, a hardware device that deals with unwanted traffic before it can get to the PC in the first place would be the best option.The PC in question will be used for remote-assistance, accessing other computers over the internet. Any suggestions and insight welcome.
We have a Netgear Smartswitch on which I've set up a VLAN to encompass all the machines I do want networked and another VLAN that only includes this one machine and the internet port. I can still ping the other office machines from the `isolated` PC and vice versa even though it can't be accessed via NetBIOS. Is a VLAN strictly a Layer 2 thing, or would a Layer 3 managed switch incorporate VLANs that operate at the IP level too? We have some security requirements to fulfil for a planned project, and until there is money available I can't simply move the isolated PC to its own dedicated internet connection (which is the ideal). I know I could use a firewall and block internal private addresses but if the project takes off, a hardware device that deals with unwanted traffic before it can get to the PC in the first place would be the best option.The PC in question will be used for remote-assistance, accessing other computers over the internet. Any suggestions and insight welcome.
•
•
•
•
•
•
•
•
DaniWeb Network Security Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Threaded Mode•
•
•
•
- network segmentation (Network Security)
Other Threads in the Network Security Forum
- Previous Thread: Sygate Personal Firewall expert needed. Local network issue.
- Next Thread: SSH problem
