Has anyone set up a scalable network for the home or small office?

With past small offices I used wireless or RJ45 Cables with hub and worked from this with a couple of laptops or PCs and one PC holding the core programs and data.

The wireless was far to slow when trying to run office programs like Quickbooks ect through the network. Currently there are only 2 of us so we have set up a direct Firewire connection between the 2 laptops as it was the fastest we could get it. Problem is scalability - how do we increase users on the network???

Does anyone know if Firewire Hubs work so we can add further PCs/Laptops into the Network. Or is there a better low cost option for adding Users onto a network without sacrificing speed of programs to much.

Another option was to put in a server and proper small office network in. The problem with this is I take a lot of work away with me so I like the core data to be portable so it has always been on my laptop. Another possible solution again was to just run it all off an external harddrive - and maybe into a server and off to the network when in the office - or if I need to take it out of the office it comes with me or anyone else.

Does anyone have recommendations on a low cost small network option - with speed and portability??

It's all a matter of trade offs.

To be honest, I doubt you're going to find something that's low cost AND fast (I'm guessing here that 100Mbit isn't good enough) AND portable.

You'd probably be better using something like gigabit. Some serious CAT6 cabling (buy it in a large drum & keep it somewhere safe, it's cheaper in the long run), and some RJ45 connectors. Depending on how many cables you're going to make, it might be worth buying an RJ45 crimp tool. If this isn't justified, I have one I can post to you, but I'd need it back. I can also give you all the advice you'll need about making the cables up.

The problem there is you'll need to shell out on gigabit network cards, and probably a hub. This means it wouldn't be exactly cheap. However, as I'm sure you're aware, firewire cables aren't that cheap either.

For portability, a gigabit lan really isn't. I prefer cables to be neatly hidden inside trunks, and that's a pain in the rear to rip out & re-fit etc. It depends what you want in terms of 'portability.' Do you want multiple OS' seemlesly integrated? Or do you mean that you want to me able to move the laptops around freely? If it's the latter, then about your cheapest option would be a single machine with a Wifi USB stick, that can share the connection to any other machine that happens to use Wifi. Be careful here, because wireless networks are NEVER secure against a determined attacker. Risk assessment needed.

EDIT: I've proven in the past that if you seperate a wired network from a wireless one, using a switch as opposed to a hub (I can explain the difference if anyone needs it) that your data is in no way shape or form safe. The people I proved this to was a law firm, and I was sat in their car park. Needless to say, they were shocked. The only real solution is the same as pregnancy, either don't do it, or invest in some decent barrier protection. Encryption is just the same, not considered safe. PLEASE PLEASE don't upset me by allowing anything you'd consider remotely sensitive access anywhere near a Wifi network, you're only asking for trouble. [/EDIT]

Let me know specific details of what you want to achieve, and I'll give you all the pointers I can. Handy thing is that I used to be a self-employed IT consultant, and gave it up pretty much solely because I hated the 18 hour+ days. I'd rather have time with my family than the money I was earning.

Any tips you need on phyiscal layout, or security you'd need to impose, I'm sure there's others on the forum besides me with the knowledge to help out :)

What wireless standard did you use previously? 802.11G runs at 54Mbps (5 times faster than older 802.11b) so might be up to the job for a small office.

If speed is essential, wired is the way forward. Most small hubs run at 100Mbps, but a little more cash will get you a 1Gbps Hub. This is lightning fast.

Just remember that both wireless and Ethernet will run at the speed of the slowest connected client. So if going the wireless route, make sure all wireless adaptors are 802.11G. All wired (ethernet) clients should have a 1Gbps network card to get maximum benefit.

All wires used should be of high quality and at least to CAT5E standard and routed away from sources of EMI.

HTH

I have 3 PCs, a couple of old laptops, a printer & a wireless adsl router (11g)

The wireless adsl router also has 4 ethernet ports (100mb) so my pc plugs into this, an other cable (Cat5 jobbie) goes through a hole in the wall into my daughters bedroom (don't tell Mrs Toad I've drilled through the wall) and my son's pc uses the wireless connection from upstairs. Printer is attached to my pc, and is accessable as long as my pc is switched on, ie. you don't have to log in. Some folders have been set up to share with other users, so we can share files, photos, etc.
The laptops use plug in USB Wireless sticks (about £11 iirc) for when we need to use those

Hey presto, a small network at virtually no cost :notworthy:

My house is pretty much the same as Mr. Toad, except that my kids use my machine as they're not old enough.

I've only recently added wireless networking to the mix as I'm going to be working from home 1 week out of 6 soon, and don't want to be in the lounge with kids TV on. That's a royal pain though, but an automated process means that I can almost securely use wireless (40k RSA key pairs on top of MAC-only access WEP Wifi and then, wifi connections are only allowed to connect to work, not my printer or file shares, not even google). From there I can use connections out to clients. Risk assessment means work are happy for me to use wifi at home like this, most people in the company aren't allowed to.

But then, my situation is different to most peoples, and we have stupid things like time access VPN (password changes over time, seemingly randomly) and you need to know that password for a 5 minute window in order to login.

Horses for courses, but I'm just overly paranoid about security.

Baph, Currently we run a couple of Toshiba Laptops so the main problem with this would be having to replace the network cards or replacing the Laptops??

Being Portable for me just means taking all office data (accounts, emails ect) home for the evening so I can work.

The current Firewire connection runs at 400mbps - and even 100 mbps feels slow when going back to standard CAT5 cables on the lan. Do you know if its possible to run a multi-user Firewire network??

Luckypants, How can I tell how fast my current Network Cards will run (if we went down the speedy 1GB Hub Route)? I have a feeling it also max's out at 100mbps.

Firewire networking is limited to 15ft. Anything more than that & you should expect to see some serious drops in transfer rate (due to noise) unless you use a repeater. With a decent repeater, you're looking at a max of around 240ft.

Also, firewire is only for IP, so you can forget expanding to NetBEUI IPX etc should that be needed at any stage.

Firewire networking is also limited to the latest versions of windows, unless you use UniBrain (http://www.unibrain.com/products/ieee-1394/firenet.htm).

I've never seen more than two machines connected in a firewire network, but in theory, it's all good. Each machine would have a static IP, and the internet connection could even be shared by ICS.

If speed is more of an issue than cost is, it's possible to get a firewire-fiber-convertor, so the only part about firewire LAN I'm not sure about, is the hub. A fiber hub works the same way an RJ45 does. I think a firewire should do the same, but you'd need to be careful, as a USB hub doesn't (USB hubs have their own ID etc). However, USB networking still isn't out of the question, and offers 480Mbps, but is still limited at around the same as firewire.

No need to replace the Tosiba built in eth sockets, main problem there is you couldn't (if it's built in). PCMCIA is the answer here. PCMCIA (Cardbus etc) gigabit networking card addition, and you don't have to replace the laptops either.

It depends on how many users, what expansion plans you have in the future. If its just for a few home pc's etc.

First thing I would personally do is scrap the idea of using firewire for a network. Ethernet is the standard for a good reason, it works and is relatively painless to use.

If you’re looking at something fairly cheep, I would look at a netgear gigabit switch. You can run this at 10/100/1000. A 5port one i.e. GS605 can be had at about 25quid.

You can then look for network cards on your laptops, depending on your price range you can get either 100mb or gigabit cards. Both can be had fairly cheaply, just a quick look on dabs shows cardbus gigabit cards for between 25 - 30quid. Again the same for desktops, ethernet cards are dirt cheep.

Buy a bit of cat5(e), stick it all together, and you have a simple network.

Of course, you can then go down the route of installing sockets by your desk and running it all back to a central location and then using patch leads. It does make things neater, but if you’re doing things on the cheep its unneeded.

Dan

My house is gigabit all over the place, each bedroom has 3 wall sockets, the lounge two, in the loft about 12 then into a 24 port patch panel and then a 24 port gigabit switch, the onward connection to my router/firewall is at 2 gigabit (duplex connection)

ok perhaps a waste for the printers that still run at 10mb, but all of my servers, pcs and even laptops are gigabit connected.

I get a moan from the kids as they want to use wireless, but if they can cope at 108mb then so be it. Personally I prefer the security, reliabilty and speed of wires.

Yes my wireless is secure, all mac addresses filtered, WPA encryption.

Yes my wireless is secure, all mac addresses filtered, WPA encryption.

I have more security on my wireless than that, and mine is not considered SECURE. Security is a concept, it only has to be good enough. If someone wants in, they'll get in.

EDIT: MAC's can be spoofed, WPA can be cracked.

I didnt think about the Network Cards :D I think this will be the way forward with the Gigabit wiring and hub - and then we can add any desktops or expand from this.

Yes my wireless is secure, all mac addresses filtered, WPA encryption.

I have more security on my wireless than that, and mine is not considered SECURE. Security is a concept, it only has to be good enough. If someone wants in, they'll get in.

EDIT: MAC's can be spoofed, WPA can be cracked.


of course stuff can be cracked. but I take the view first you have to crack my encryption keys, then you need to spoof one of the 3 mac addresses my access point will talk to.


Once on to my network, you then need to be able to get into my development server in order to get out, as this is the only one that my vpn firewall permits accross the vpn to work using a second network card on the server. (I do not run any routing on the server, so anything connected to the home lan cannot talk down the vpn). Iptables on all my servers prevents any communication between them and the wireless access point aand thus the only thing that a wireless connected box can talk to is network printers and the internet firewall.

My internet firewall has all network configuration turned off. I talk to it though a serial port. So you must be physically attached.

Ok, not totally secure, and even less now I have published on a public forum this information. However , I think you need to be a major player (MI5, NSA types) to have the were for all to mount a decent attack, that would give you access to nothing of commercial interest.

Even though my vpns use aes256 encryption and certicates for authentication I still use ssh over the vpn. I view this as fairly secure. So the wireless is the weak spot. but I feel I have taken all reasonable steps as all the kids want is the internet anyway..

Ok, not totally secure, and even less now I have published on a public forum this information.

Of course your response could all be smoke and mirrors work :P

We all know its the open unsecured connection on the router with the default username and password (and SSID) connected to the 128kbps 1Mbit/month download limit that we see if we sniff for wireless near your house :P

David

I had to laugh at the ASDL box I set up for my brothers company last week. When you connect a browser to it, the login dialog actually gives you the default username/password.

As you can imagine, defaults did not stay in place for longer than it took me find out how to change them.

I laugh when I pick up things like belken or voyager as the SSID. So you get an immediate clue as to what hardware and defaults are at the end of the wireless. just as bad is a family name etc. that then tells you where the bugger is. I prefer something non descript like "A4321bcd". Tells you nothing about what or where it is.

Ok, not totally secure, and even less now I have published on a public forum this information. However , I think you need to be a major player (MI5, NSA types) to have the were for all to mount a decent attack, that would give you access to nothing of commercial interest.

I'm no 'major player', but I'd need a laptop and maybe 3 binaries. IPTables or not. This would give all the information required to further edit my laptop configuration to at least talk to your firewall un-interrupted.

The VPN running AES256 would prove a little more tricky, in all honesty, probably a little beyond me. The 'major players' as you call it, would probably not have much difficulty. The other thing you have to consider in order to achive security is the other end of the tunnel as well.

Mind you, for a totally secure system, you'd have to be sat in a bunker with a lot of heavy metal near you. For those that know what it is, I've had the honour of playing with TEMPEST equipment. For those that don't, don't look it up, you'll only scare yourselves.

Like I said, security is a concept. You have to do a risk assessment on how much you're risking an attack, and act appropriately. Timwilky, your setup (if true - Soulkiss) is probably one of the more secure setups I've seen, including BIG businesses!

EDIT: Whilst you're sniffing SSIDs, look at the data sent backwards & forwards too ;)

I had to laugh at the ASDL box I set up for my brothers company last week. When you connect a browser to it, the login dialog actually gives you the default username/password.

As you can imagine, defaults did not stay in place for longer than it took me find out how to change them.

I laugh when I pick up things like belken or voyager as the SSID. So you get an immediate clue as to what hardware and defaults are at the end of the wireless. just as bad is a family name etc. that then tells you where the bugger is. I prefer something non descript like "A4321bcd". Tells you nothing about what or where it is.

I use reverse psychology and call my wireless "default" :wink:

Also, firewire is only for IP, so you can forget expanding to NetBEUI IPX etc should that be needed at any stage.NetBEUI? When last did someone upgrade to NetBEUI :smt043

Each machine would have a static IP, and the internet connection could even be shared by ICS.
As soon as you enable ICS on the external adapter of the PC connected to the internet, ICS enables a DHCP service on the internal adapter. All PC's that want to go online throught the ICS machine will need to be DHCP clients.

Another option was to put in a server and proper small office network in. The problem with this is I take a lot of work away with me so I like the core data to be portable so it has always been on my laptop. Another possible solution again was to just run it all off an external harddrive - and maybe into a server and off to the network when in the office - or if I need to take it out of the office it comes with me or anyone else.
If you store the core data on a system at the office, and if you are using XP on your laptop, you can use a feature called Offline Files and Folders to make the data virtually available at all times.

You don't need a fully fledged server, but if you want scalability for the future it might be worth looking at Small Business Server.

As for the physical network, I'd go along with the recommendations for Gigabit Ethernet.


HTH
Terence

The problem with this is I take a lot of work away with me so I like the core data to be portable so it has always been on my laptop. Another possible solution again was to just run it all off an external harddrive - and maybe into a server and off to the network when in the office - or if I need to take it out of the office it comes with me or anyone else.


Man.. you better have some good backup/disaster recovery plan. I you are caught losing your data on transport (hard drive hits the floor, stolen laptop, etc..) you are going to be on deep troubles!!

A small cheapo computer working as office server and a DVD-RW is the way to go. Most people don't really need to be moving so much stuff around unless they work on graphic design/music... in that case, an external HD will do.

About scalability and security... Gigabit switch and some cabling is going to be the cheapest and more future proof solution.

Backup backup backup in any case... and off site backup...

The problem with this is I take a lot of work away with me so I like the core data to be portable so it has always been on my laptop. Another possible solution again was to just run it all off an external harddrive - and maybe into a server and off to the network when in the office - or if I need to take it out of the office it comes with me or anyone else.


Man.. you better have some good backup/disaster recovery plan. I you are caught losing your data on transport (hard drive hits the floor, stolen laptop, etc..) you are going to be on deep troubles!!

A small cheapo computer working as office server and a DVD-RW is the way to go. Most people don't really need to be moving so much stuff around unless they work on graphic design/music... in that case, an external HD will do.

About scalability and security... Gigabit switch and some cabling is going to be the cheapest and more future proof solution.

Backup backup backup in any case... and off site backup...

You are right with the back up - its quite and issue and my biggest concern already. Currently all data sits on my laptop and I back up onto a USB Stick as its quicker and easier than CDs. I tend to need access to everything hence the portability issue and thought with the external HD. Maybe your suggestion with the small PC/Server will work as a constant backup copy rather than the otherway around as you suggested??

Should you need some offsite backup. I may be able to help. It depends on what space you'd be needing.

argatxa, you forgot to tell him to backup! :lol:

Terrence, whilst it's true that ICS enables DHCP, so long as you're in the right hostmask, and if speed is the name of the game, DHCP adds overhead that isn't needed. It can safely be disabled on the adaptor.

As for NetBEUI, I never said upgrade to :loL:, I said if it was needed. I've come across situations in the past where it was, and although rare, it is still used. Hell, I know of a few places that still use co-ax for networking (still pretty popular in the US for example).

oh... thanks baph...

Don't forget to hmake backups!!! :P