Happy New Year!
I'm setting up an office. When it's up and running there will be about 30 users. There will be no servers. There is 1 office printer. All our work is online.. we use Google workspace and slack.
My networking kit is a UniFi Dream Machine pro and 2 x 48Port UniFi Poe switch. I have 9 UniFi POE cameras. I'm also using UniFi Access for 2 doors,.. so there are 2 POE controllers.
At the minute I have 2 networks: Company - All users, Cameras, Internet and door access. Company Guest - WiFi only, Isolated to see only the internet.
I have 3 wireless access points that have the above SSIDs Company and Company Guest.
My questions are:
-
Should I have a separate VLAN for the Cameras and a separate VLAN for the Door Access?
-
Is there anything else I can do to make the network more secure?
-
Should I be asking employees to connect their BYOD devices (mobile phones etc) to the Guest network.. or possibly set up a new network "Company BYOD"?
-
Should I lock the "Company" WiFi down so it's only company owned / managed devices allowed by using Mac Filters etc.
Many thanks
Edit: Apologies.. neglected to mention.. - All company owned devices (laptops etc) are Windows 10 Pro - I'm not using Active Directory as such, I'm using Google Endpoint Management / Enhanced desktop security for Windows. This allows me to manage the devices (users log in to their device's using their Google credentials) and patchs etc. - Endpoint Security.. each device had a cloud controlled endpoint protection / antivirus installed that I Administor centrally in the cloud.
No comments:
Post a Comment