# Office Building Network Share Security Question



## Galdarn (Jan 4, 2011)

I have a client who’s office is in a building where the internet access is provided for everyone through the building network,( I would guess using an enterprise class router), each office only has Ethernet ports no router allowed. The clients subnet is 10.X.X.X address range.
They want to share files with each other but we are not sure if other offices would have access to the shares (reduced security or potential security issue) . I do realize that any sharing should be done using user account and passwords also, but I would like to understand how this type of network would typically be setup. For example would they simply dump everyone into the same subnet for the entire building with no restrictions to for traffic between offices? If not what is the mostly likely setup they have implemented, (security that keeps each office separate)? Office management is IT illiterate and not very helpful, they want to charge $50.00 per month :4- for a secure v-lan if that tells you anything.

Thanks


----------



## Galdarn (Jan 4, 2011)

Calling all network guru's. :grin:
I'll try and get things started here:
How about v-lans? Wouldn't that be the most likely way to setup separate offices on one network and keep the traffic separate? I cant imagine them actually just dumping everyone into the same network.


----------



## sramm (Dec 22, 2010)

Agree, Vlan would be an ideal option to keep traffic separate and make sure have manageable switches . on firewall could also do bit on bandwidth management, something to think abt.


----------



## Dave Atkin (Sep 4, 2009)

Hi there,

In most cases (Depending on the size of the company) VLANs are normally the most cost effective way of seperating traffic on the same physical network. 

Dumping everyone into the same network probably wouldnt be an option because of security reasons.

A possible way of doing it would be to create a new VLAN and assign it to the required ports. This would allow the specified clients to communicate with each other without the rest of the building having access.

Dave


----------

