Networking my church, opinions requested.

A

Ampsonic

Gawd
Joined
Apr 18, 2004
Messages
830
Hello Hello,

Around my church I'm known as the guy who knows computers, so when they decided that they wanted to network/bring in internet, I'm who got called. I was hoping you knowledgeable people could help point me in the right direction on a few issues. Price / usability are main issues.

Right now the network consists of a netgear 24 port 10/100 hub. This is a network for about 15ish computers, with more in the future as a possibility.

I'm having comcast bring in a cable internet line, I figured I'd just get a netgear router to match the hub.

I have a "server" that I can setup however I like, suggestions? I'm hoping to do some sort of authentication along with personal network drives, so NT or 2000 server? Any good guides on setting something like that up?

For antivirus, are there good solutions so that we can update a central server and have the updates propagate along the network?

As for backup, anyone heard anything good/bad about the new zip rev drives?

Also, any good guides for editing XP group policies, ect..? We want to secure some of these computers pretty tight, but I don't know much about all that.

Is the firewall built into standard routers enough? What other security issues should we be looking at?


Sorry for all the questions, I had a list. :) Any insight would be greatly appreciated on any of the issues. Or even anything I didn't mention that might be interesting.
 
We did the network at my church, my father and I, and our solution has served them very well. Basically, here's what we did.

There's a Windows 2000 server in place that works as a proxy/firewall as well as an authentication and fileserver. On there is a 'Document Library' as we called it so that pastors can exchange documents, etc. Seperate of that we run a Windows 2000 server as a mail server. (I'd suggest going with Server 2003 now though, we just haven't updated them yet.)

The cable is good, they'll use it a lot. Pastor's are generally shocked when they find the resoruces they can get online. I know mine were.

Anti-virus...we run Norton Corporate there, that way we can update all the clients directly from the server, automatically even. Don't even need to pay attention...that makes it nice and easy, as well as safe. Recently however, with other clients, we have been using AVG, just to learn an alternative. Both Norton and AVG suffice. AVG can be found at www.grisoft.com I believe.

Backups, we typically like to use USB HardDrives. Now, before you come in and ask 'Why won't it let me backup more than 4 gigs and it's a whatever-gig harddrive?' Make sure you format it to NTFS! Otherwise it freaks out, dunno the exact reason why...just does. Won't copy more than four gigs from an NTFS partition if it's formated as FAT32.

For policies, we typically have everything setup per user account as to what the person can do on each computer. That can all be handled on the server, makes it a lot easier.

Other security issues/features you might want to look into: Microsoft Server 2003 has LOVELY remote login utilities that come with it. I'm sure the pastor would love to login and grab last weeks server notes while sitting at home watching Bible Jeopardy with the kids. :) :) Another thing you may want to look into is an application called Servant Keeper...it's a utility designed just for congregations to store member information for mailing lists, etc. I believe it also has a plug-in for a phone tree, which is nice.

Best of luck, if you ahve any questions, ask away. Cheers!
 
look, if all they're doing is getting cable and wanting you to set it up, get them a WRT54G or 2 so they can put wireless out to the people that come there (free wifi in a church just makes hella sense) and hook that to the cablemodem and 24 port switch.

if they ask you do more, do more (domain controls, mail server, whatever, it cant be that hard, its a church, they preach, they aren't IBM :p)
 
Ok,

First the hub needs to go. if this place really might grow save yourself and them a lot of time/money/hassle. trust me i've been spending the last 6 months cleaning up a church client of my company. They have about 30 pc's. a clereon win2k server w/ AD and no pc joined to the domain (a+ previos it guy. even had exchange installed) and one old netware 4.11 server with no backups and no avr.

First off you need to look at the services they need. server apps? get a good server windows 2000 or 2003 SBS (if they want e-mail because it comes with exchange). Get a tape backup on the server and do good backups. no zip drives no saving important execlt dcuments on the local pcs.

Basically you want to make their network as simple and scaable as you can. replace that hub with a good hp switch if your going to be running anything other than internet over the lan.

ISP they have a partial T1 for phone? they ould goto full and use 1/2 for data and 1/2 for voice. I like to put business class services in businesses.

I like NAV corp its easy to deploy and the client is very light on teh users pc.

There are 100 diffrent ways to setup a network for them. It really up to you to determine what there needs are now and what they may be in the future. takje a hard look at the network resources they use. don't cut cornners by putting in a netgear or linksys home switch when it just going to haunt you and cost you more later when you get 10-15 more users.
 
if its a hub, then yes, put a switch in its place. but i still say you should get them put wireless AP's around :)
 
omega-x said:
if its a hub, then yes, put a switch in its place. but i still say you should get them put wireless AP's around :)
Click to expand...

I would avoind wireless when ever possible. it too big of a security hole. all it takes is for someone who isn't familar with setting an APsecurly and you're asking for trouble. Just say NO to wireless :)


on a side note a group of users lost connection and after a lot of loss of my hair i found a dead netgear switch up in the droop sealing. Please don't do crap like this. they don't know any better.
 
its fairly easy to segment the wireless routers off the main network.
this would be intentionally open, as a public service type thing.
 
I threw around the idea of wireless, more because I wanted to play with it than for the church, but I can't justify the security problems, it just wouldn't get used. At this point they don't want to give out a public connection.
 
In case you didn't know, remember a church is a non-porfit and you do qualify for discount rates from Microsoft (Through a reseller, there are couple specific ones) I can find out for you if you need.
Get a firewall, to block incoming and out going. If money is an issue look at www.smoothwall.org it is a free Linux based firewall distribution that can run on lower powered PCs. Remember internal security, at my church we've had to deal with youth using a PC to helpout the youth pastor and also taking advantage of our high speed connection with Kazaa.
We use Symantec anti virus Corporate (you may want to check for the non-profit discount I think they have one also) it runs on the server and you can push the clients to each pc from the server or another pc with you log in as the admin. Then your updates are stored on the server, which can be set for updating a different intervals, and clients update themselves automatically. very slick..

One thing to think about is support, we have 2 people doing support right know and looking to add at least one more, we are all volunteers and it helps spread the load. I support the desktops and laptops and deal with some server issues and the other person deals with server and networking issues.

Think about budgeting, if there is not already a specific budget item for IT expenses there should be, it can be used as a planning to as you look to future upgrades and additions.

Dang 20 years ago when my dad had his last Church in Richardsville PA, he had a typerwriter and a copy machine.
 
So I take it the firewalls built into a sub $100.00 router is not sufficient? I had someone do some pricing for me, they said about $1500 for win 2k w/ 25 client licenses, does that sound right?


Thanks again!
 
if you want you should be able to use those little soho router/nat boxes without much problem. Although Smoothwall and other firewall OS distros can have there advantages.
 
Ampsonic said:
So I take it the firewalls built into a sub $100.00 router is not sufficient? I had someone do some pricing for me, they said about $1500 for win 2k w/ 25 client licenses, does that sound right?


Thanks again!
Click to expand...


sounds about right. If your going to use a dsl/cable router geta good one with a good firewall bult in. and just uplink your switch to it that way you use your good switch to handle the no internet traffic load. one of our sites has an older 3com office connect. Has firewall and can even do web content filtering if you pay the yearly sub scirption for 9which they do beacuse its a church). it discontinued i know for sure. you should see if they have a new model out. works great does nat/firewall/filtering.
 
Ampsonic said:
So I take it the firewalls built into a sub $100.00 router is not sufficient? I had someone do some pricing for me, they said about $1500 for win 2k w/ 25 client licenses, does that sound right?


Thanks again!
Click to expand...


I'll pm you the links for the suppliers for non-profits when I get them from the other guy I work with... It will save you alot...
 
thanks! this is all greatly appreciated. I'm looking into smoothwall, seems very slick. I wonder, should I have a router AND the linux box? that way if the box craps out we can resort to the router?
 
Also, I have a friend telling me to go linux instead of 2k. Is this really a smart way to go?
 
how good are you with linux? not a very nice thing to learn on prodction equipment. I'd say stick with what you know, but also you need to look at what netwrok services they need. file sharing, printing, server based app?
 
My temple has probably 30-40 computers. 3 Avaya 24 port switches, 2 LAN closets linked together via fiber. Library has two wireless PCs, fully automated system and web based library catalog. Servers are NT (PDC, Exchange, etc) and Win2K (webserver for library catalog and file server) They are slowly upgrading all the older computers from Win95/98 to Win2K.
 
jeffmoss26 said:
My temple has probably 30-40 computers. 3 Avaya 24 port switches, 2 LAN closets linked together via fiber. Library has two wireless PCs, fully automated system and web based library catalog. Servers are NT (PDC, Exchange, etc) and Win2K (webserver for library catalog and file server) They are slowly upgrading all the older computers from Win95/98 to Win2K.
Click to expand...
Who knew churches were so high tech :cool:
 
I find it hard to believe that no one has mentioned that he could save A LOT of money by just using a crossover cable instead of a new router. I would just do this unless you feel you need the extra ports.
 
Spetsnaz Op said:
I find it hard to believe that no one has mentioned that he could save A LOT of money by just using a crossover cable instead of a new router. I would just do this unless you feel you need the extra ports.
Click to expand...

I'm afraid I don't understand this. The ONLY networking hardware we have thus far is a hub, so some sort of router is required? Unless i'm crazy....
 
Absolutely, without a doubt, you need a router. No broadbad without a router. Its just not safe. Now, whether or not that is a server acting as a router, or a dedicated router is up to you. I would recommend a dedicated router, connected to a switch. You can probably get away with a little soho router like alot of us have in our homes since you only have 20 or so systems. My little linksys is supposed to support up to 254 clients, but you really should consider getting something better.

Check around. You should be able to get some older networking equipment at a really great price. A basic router with a 24 port switch would be a great start for your network. Follow that by an Active Directory/Exchange server and you're doing great. Centrally locate this equipment and document everything.
 
You must log in or register to reply here.
Back
Top