RE: Suggestions for a secure home network

["David Gillett" <gillettdavid () fhda edu>]

  What's with remote access on the Macs???  [i.e., what makes their
*Internet access* needs different from the PCs?] 

  You might consider using a small router/firewall to segregate the
Macs from the PCs, but if the PCs need general Internet access then
there's no point in segregating *that* unless the Macs require
something different.
  If you need to restrict the PCs' Internet access, this can be 
done with ACL/firewall at the Internet connection.

David Gillett


> -----Original Message-----
> From: Edmond Chow [mailto:echow () videotron ca] 
> Sent: Sunday, April 09, 2006 8:14 PM
> To: security-basics () securityfocus com
> Cc: echow () videotron ca
> Subject: RE: Suggestions for a secure home network
>
>
> Hello List,
>
> I am looking to put together a home network for a high-end 
> client of mine and would like your opinion on what type of 
> equipment to use.
>
> Here's an overview of his requirement:
>
> - Two MACs (for his kids) on a wireless network
> - Two PCs on a wired network - these two PCs have sensitive 
> information on them.  These computers would not be used for 
> remote access but only for internet and email access.  I am 
> thinking of adding hard drive encryption to these two computers.
>
> I'm thinking of three approaches and would like your thoughts:
>
> #1 - Use a cable modem with non-wireless router for his two 
> PCs and use a separate DSL modem with wireless router for his 
> two MACs. Double the monthly cost for internet access but 
> there is no chance that hackers entering through the MACs 
> will be able to access his PCs.
> #2 - Use a router (I was thinking of something like an Astaro 
> router or Cisco router) for the PCs and then connect a 
> Linksys wireless router with WPA security to the first 
> router.  The wireless router would be used for the two MACs.
> #3 - Use a wireless router with WPA security for the wireless 
> MACs and then hard wire the two PCs to the non wireless 
> router ports on the back of the wireless router.
>
> Any thoughts you would have would be greatly appreciated.  
> Any manufacturers and or models you could suggest would also 
> be much appreciated.
>
> Thanks.
>
> Regards,
>
>
> Edmond
>
>
>
>
> --------------------------------------------------------------
> -----------
> This List Sponsored by: Webroot
>
> Don't leave your confidential company and customer records 
> un-protected. 
> Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE 
> with no obligation. See why so many companies trust Spy 
> Sweeper Enterprise to eradicate spyware from their networks.
> FREE 30-Day Trial of Spy Sweeper Enterprise
>
> http://www.webroot.com/forms/enterprise_lead.php
> --------------------------------------------------------------
> ------------


-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected. 
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no 
obligation. See why so many companies trust Spy Sweeper Enterprise to 
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------