Networking & Wireless forum

Question

Distributed Network Integration and monitoring

by kiransdusk / August 11, 2012 9:38 AM PDT

Hi,
The issue goes like this. We have offices all over the world and each office has about 5 to 20 computers installed. All of them are connected to the internet using a broadband connectivity. Almost all the branches have a static IP assigned as well.

We have found that the staff accesses websites not related to our business and i want to block this centrally. I am looking at a solution which will help me monitor the traffic from our head quarters in India and manage it remotely. By the word managing i mean, giving access to new users, revoke access to existing users, block unblock websites, find out the traffic usage statistics, communicate to the users directly, release circulars, send bulk messages etc.

Discussion is locked
You are posting a reply to: Distributed Network Integration and monitoring
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Distributed Network Integration and monitoring
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Clarification Request
So you want them to be on your VPN?
by R. Proffitt Forum moderator / August 11, 2012 9:48 AM PDT

Sounds like a classic VPN system to me. If you are new to VPNs then sit down with your IT staff and ask them why they didn't use that solution.
Bob

Collapse -
Another item folk use.
by R. Proffitt Forum moderator / August 11, 2012 9:55 AM PDT

Windows Terminal Server is also noteworthy. Ask your IT Team for a demo.

All Answers

Collapse -
Answer
budget
by bill012 / August 11, 2012 10:55 AM PDT

All depends how much money you have to spend. The functions you want will require you to place a device at each location. You basically have 2 different requirements. One to identify and limit traffic and another to connect all your machines together.

The second is you standard corporate network which as robert pointed out is a VPN solution. The other in its most basic form is provided by a device that is generally called a intrusion detection prevention system.

Both these function can be provided by most commercial firewalls. Juniper,cisco,fortigate as well as many other sell a wide range of devices. You most likely will pay at least $500 per unit and even more for large sites with 100's of users. Many of these devices are licensed by number of sessions. Many offer the ability to purchase filter lists so you can just say "no porn sites" and not have to build the ip lists yourself.

If you are talking a large number of offices you may want to pay someone to help you before you go out and buy stuff. You get into the huge issue of having to maintain and monitor all these devices so you keep constant policies.

Collapse -
sounds great to me if moneywas not a constraint
by kiransdusk / August 11, 2012 2:29 PM PDT
In reply to: budget

Is there a web based solution we can think about. Like having a centralised server through which all the traffics are routed.

Collapse -
central server
by bill012 / August 11, 2012 9:00 PM PDT

Yes there are many and some are free if you have the skills to configure the server. You could either use a single large version of the firewall filter or you might be able to use a proxy server.

The key here is the word "Routed". How do you get all this traffic to a centralized server. You still need some form of VPN box at each location to take it all back to a central location. You have the addition issue of bandwidth in your central site being large enough to take all the traffic from the remote site and then send it back to the internet if it is allowed. Then you have the performance issue of having the traffic flow all the way to your central location which causes huge issues when you sites are in countries all over the world.

Now you could try to avoid the VPN hardware by using only a central proxy server but then you must trust the users to set the proxy in their browsers correctly and this only works for browser based traffic, things like games or bit torrent would not be restricted. You still have all the capacity and performance issue of a centralized solution.

There really is not a cheap way to do this. This is one of the key reasons corporate networks cost so much to implement. Would be nice if employees would just follow the rules.

Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.