Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

School needs to share an Internet connection... 3

Status
Not open for further replies.
Mi1house

Mi1house

MIS
Nov 7, 2002
14
US
I am looking into purchasing some needed equipment to upgrade our schools internet access infrastructure. When all is said and done our school will have 3 separate networks. One for the computer lab which will consist of all macs that will run off a OSX 10.2 server, one for the library which will run off of a Appleshare IP 6.x server, and one for the office staff and teachers who will use windows 98 clients running off a Windows 2000 server. I have a sattelite Internet connection coming down the pipe as well as some other hardware. The "other hardware" is my question to you.

I need a device that will allow me to share this one Internet connection with all these individual networks, plus allow for future expansion. This device should have at least 5-10 ethernet ports to share the net connection. This device should also have some sort of firewall to protect the computers. And if at all possible this device should have some type of website filtering so the grade 8 kiddies can see no titties (sorry, couldn't resist). Now, does a device like this exist? Or do I suffer from some sort of delusional pipe dream.
 
Sort by date Sort by votes
is perhaps the best solution to protect the students and staff, it is about $500 a year to stay current on sites offering porn/hate/vice/weapons of mass destruction after the first year.

describes how flexible this is.

offers this for under $1000 for education.

Mind you, there are much cheaper products, but this is the right one in my opinion. the downside I see in your applcation is that it does not seperate students from staff
I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
You need some caching appliance.eg. netcache. bluecoat. cisco engine..inktomi..
 
Upvote 0 Downvote
The sticking point is going to be how you connect the three networks as opposed to how you connect them to the internet.

Will the three networks be accessible to each other or are you intending to keep them completely seperate?

If you want to keep them seperate or have extensive control over the access that they have to each other, you might need to set up multiple DMZs to keep them physically seperate. Otherwise, you can plug them all into the same network infrastructure and let the firewall route packets between them.

If you don't want to sacrifice performance though, you might have to invest in a fast LAN router or layer 3 switch that has a default gateway of the firewall and keep the two functions seperate.

As a rule, hardware appliances often work out cheaper than software based firewall solutions, which the possible exception of the Nokia range, but then this uses Checkpoint-l, hence the increased costs. If you want a hrdware apliance, my choice would be a Watchguard Firebox. I know people rave about Sonicwall, but I've not been impressed so far.
 
Upvote 0 Downvote
What a wonderfully insightful answer. You are correct in assuming that we want to keep them separate. That was something that I failed to add to my original post and remembered only after I clicked on the submit button.

I am in Canada and our bugdet isn't the greatest this year for purchases. I can look into spending at the most $500-$1000 CDN (approx $350-$650 USD) on one of these routing devices. Can you shed a little light on the DMZ concept you spoke of? I am unfamiliar with the acronym. In the meantime I will look into the products you suggested.

The school in question has approximately 35 staff members and 300 kids. Solutions here would go a long way into developing strategies for the two other elementary schools I take care of.
 
Upvote 0 Downvote
I forgot to acknowledge jimbopalmer and ZSwen for their suggestions as well. Thank you.

Here are more details into what I will have and where I want to go with our upgrades. Again we will have three separate networks. Network #1 running Win2000 Server, #2 Appleshare IP 6.x (although all I really need it for is the print server), and #3 in our lab running the latest OSX 10.2 client/server offering from Apple. I am worried that if the three networks are aware of each other, they will create havok with the jobs that I want each of them to do individually.

I am faced with the dilemma of trying to keep some of our more expensive legacy Mac educational software up on #2, while pushing for more advanced and up to date Mac solutions in #3 (the lab). All the while providing the new fancy dangled Internet connection to each.
 
Upvote 0 Downvote
I've been looking at both the Watchguard and the SonicWALL. I have come to the conclusion that the Watchguard is somewhat out of our price range. I am pretty well sold on the SonicWALL. I like the filtering capability as well as some decent prices for desktop antivirus.

One last set of questions to you fellers. What do you think of having all the PC's and Mac's residing on the same subnet? Am I just asking for trouble or would it be somewhat ok to do this. If not, would I be able to access the Internet from each network on separate subnets? How could this be done?

The more I research into this, the more I get an understanding of how much more I have to know. Sigh. Hehe. Head...gonna...burst...
 
Upvote 0 Downvote
you have three subnets as I understand it

Staff on Windows using NetBUEI/SMB/CIFS for file sharing (sorry they keep changing the name hoping to live down the bad press)

The library is on "classic'" macs using TCP/IP protocols for file sharing

A computer lab with OSX using TCP/IP for file sharing

if this is the case, at first blush it looks like all 3 can share internet access with no file sharing worrys, staff and students do not share a protocol. Sadly (for you) OSX also includes Samba which allows SMB file sharing, so the students in the lab will be able to 'see' the staff unless you un-install Samba, which I think you can do. Keeping it un-installed may prove to be a problem. I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
605
Zebad
Zebad
robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
537
robocat
robocat
SirBlack
  • Locked
  • Question
Internet connection problem
Replies
5
Views
156
kjv1611
kjv1611
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
507
Vedant Gonnade
Vedant Gonnade
joserodriguezan
  • Locked
  • Question
Looking for a free software application to recieve SMNP alerts.
Replies
0
Views
499
joserodriguezan
joserodriguezan

Part and Inventory Search

Sponsor

Back
Top