=================================================

Network Administration in the Small Business Environment

Written by Patrick Walsh

California Polytechnic University, Pomona

Computer Science

============================================

At home, it might be possible to plug in your computer and have it work, but workstations and servers must be configured to meet the needs of the business. According to a London-based security company, Sophos, if a computer is unprotected, it wouldn’t take but twelve minutes for it to become infected. Security is the first priority when setting up a computer-based business environment. After that, it’s keeping employees from browsing the internet, which can be a challenge.

              Security being the first priority, an Anti-virus solution must be implemented.  I’ve worked with Norton AV Corporate and highly recommend it. Installation and management can be performed remotely from the server. The problem is keeping employees off the internet. It’s hard to prevent an attack when they unknowingly seek potentially dangerous material. Online games, IM clients, they aren’t always free of threats. Through browsing, they can pick up viruses and spyware. It’s an everlasting battle; the only way to stop it would be port filtration, standard on most routers.

              Spyware - it’s nasty, it tracks, and it records. What if you run a pharmacy with Gigs of customer data stored on a server and an employee manages to infect one of the workstations in communication with that server? Yea, that would be devastating. First, don’t allow employees to use the server and second, perform spyware scans on every computer on the network frequently.

              Another helpful solution is Static DHCP, which is somewhat ironic… static/dynamic… It’s a feature on most routers. It’s a good idea to have the server remain at the same address permanently. Another way to do this is to disable DHCP altogether and manually assign each computer an IP, which is a bit more laborious. If workstations have software that depends on services from the server, a change in IP address could kill productivity. This way, computers are assigned IPs based on their MAC address. In the event of a power failure, or anything for that matter, on restart the IP will be the same.  Consistency is always a good thing.

              A tool I have yet to try is content filtration. Some routers are equipped with this feature and even have a schedule that can be set.  Content can often be filtered by keyword and domain.  This is useful when blocking known sites. Usually, employees have no business checking their mail, the news, or playing games while on the job.

              I don’t know how many people take advantage of this, but if you have a Windows 2000 or 2003 server, it has Terminal Services, which means you can use Remote Desktop to work away from work, provided you want to. It’s simple - just open up port 3389 on your router and direct it to the ideally statically addressed server and you’re in.

              I’ve seen a new technology emerge that I believe uses Terminal Services to run multiple virtual workstations from one server. One manufacturer named their system WinTerm. Workstations with only input devices, no drives or storage, will log in to the central server and act like a separate computer. It’s quite amazing, but I don’t know yet how cost effective it is. A problem could arise that could cripple the entire system: If the server fails, all the workstations go down with it. Overall, it seems to be a good solution.