Hi, I've been reading up on "network segregation" at Ezlan. I just have a few questions though... and I don't have that much experience with networks, so please bear with me a little bit.
I'm thinking of going with the following configuration: dsl modem > wireless router (front network) > yet-to-buy wired router (shielded network). I'm planning to connect my laptop (wireless), gaming computer and the family computer to the front network and my work computer to the shielded network (I'll be setting the wired router's firewall to block all ports except for port 80, which should be all I need). The most likely "intrusions" are probably going to happen in the form of malware/spyware on the family computer (less computer-savvy family members) or someone getting on the front network via the wireless connection.
If someone gains (unauthorized) access to the front network, is my work computer going to be adequately protected? It will be behind the wired router's firewall (all ports blocked except for 80), a software firewall and with File Sharing and Client for MS Networks disabled. Can that intruder also discover details like my ISP login name and password from the router?
Can the intruder on the front network "see" the existence of the shielded network? I ask this because of how it was mentioned at Ezlan that the relationship between the shielded network and the front network is similar to the relationship between the internet and the front (unsegregated) network, and AFAIK it is common practice to "stealth" the network in the latter's case.
Is it also possible to have a front network followed by two shielded networks?
e.g. modem > router 1 (front network) > router 2 (shielded), router 3 (shielded)
I'm thinking of going with the following configuration: dsl modem > wireless router (front network) > yet-to-buy wired router (shielded network). I'm planning to connect my laptop (wireless), gaming computer and the family computer to the front network and my work computer to the shielded network (I'll be setting the wired router's firewall to block all ports except for port 80, which should be all I need). The most likely "intrusions" are probably going to happen in the form of malware/spyware on the family computer (less computer-savvy family members) or someone getting on the front network via the wireless connection.
If someone gains (unauthorized) access to the front network, is my work computer going to be adequately protected? It will be behind the wired router's firewall (all ports blocked except for 80), a software firewall and with File Sharing and Client for MS Networks disabled. Can that intruder also discover details like my ISP login name and password from the router?
Can the intruder on the front network "see" the existence of the shielded network? I ask this because of how it was mentioned at Ezlan that the relationship between the shielded network and the front network is similar to the relationship between the internet and the front (unsegregated) network, and AFAIK it is common practice to "stealth" the network in the latter's case.
Is it also possible to have a front network followed by two shielded networks?
e.g. modem > router 1 (front network) > router 2 (shielded), router 3 (shielded)