MrGuvernment
Fully [H]
- Joined
- Aug 3, 2004
- Messages
- 21,865
Hello my fellow network pro-stars!
question for our work offices.
okay here goes, hope idont loose you.
we have 6 people in our office who work here
we have 13 servers, mostly MySQL DB's, 2 HTTP servers, a backup system storage system for people documents and such.
Now,
3 of the people in the office directly access the database servers from their workstations to pull queries and update tables and such.
3 other people dont, they use our web interface to get pre-made reports in PHP to get data they need.
Now i want to limit access to the MySQL DB's / http servers and all as much as possible (not just user / ip via MySQL db it's self)
Would setting up a VLan be useful for me since i have a dell 24 port and 16 port managed switches, just not using the managed part right now
We are trying to improve internal security, ideally so only myself and one other person can access "everything" and everyone else has access to what they need.
i know, probably thinking domain controllers and such, but for such a small office, it just seems alot of work, i have tried one before and it failed, so i am looking at some other options for internal security, i am not so worried about people's desktops, as i have alot of firewalling in place to block all the trouble causing crap...
Any input or suggestions?
(as for Inet we have 2x 4Mb /1Mb cable lines and a 4MB Fiber line coming in soon which i am going to try an untablge firewall box to manage it all (all 3 connections )on a nice system.. should do the trick no?)
question for our work offices.
okay here goes, hope idont loose you.
we have 6 people in our office who work here
we have 13 servers, mostly MySQL DB's, 2 HTTP servers, a backup system storage system for people documents and such.
Now,
3 of the people in the office directly access the database servers from their workstations to pull queries and update tables and such.
3 other people dont, they use our web interface to get pre-made reports in PHP to get data they need.
Now i want to limit access to the MySQL DB's / http servers and all as much as possible (not just user / ip via MySQL db it's self)
Would setting up a VLan be useful for me since i have a dell 24 port and 16 port managed switches, just not using the managed part right now
We are trying to improve internal security, ideally so only myself and one other person can access "everything" and everyone else has access to what they need.
i know, probably thinking domain controllers and such, but for such a small office, it just seems alot of work, i have tried one before and it failed, so i am looking at some other options for internal security, i am not so worried about people's desktops, as i have alot of firewalling in place to block all the trouble causing crap...
Any input or suggestions?
(as for Inet we have 2x 4Mb /1Mb cable lines and a 4MB Fiber line coming in soon which i am going to try an untablge firewall box to manage it all (all 3 connections )on a nice system.. should do the trick no?)