Problem solve Get help with specific problems with your technologies, process and projects.

How to create a secure network through a shared Internet connection

When setting up a corporate network through a shared Internet connection, security is of paramount importance. Learn best practices for creating this kind of network from expert Mike Chapple.

I am setting up an office network and have some security concerns. The office comes with a direct line from Qwest,...

which is shared with my office, another office and a house on the same property. I want to make sure I can use this line completely securely, without the risk of packet sniffing, usage monitoring, etc. Can you explain how to create a secure network through a shared Internet connection?

My best recommendation on how to create a secure network through a shared Internet connection is to treat the network on the property just like you would the Internet -- assume that anything you send over it unencrypted can be monitored. If you're sharing an Internet connection with others, there's really no way to stop them from seeing your network traffic. What you can do, however, is use online packet encryption, so when they eavesdrop, they won't be able to make heads or tails of it.

First, purchase a small firewall/router combination unit and place it at the point where your office connects to the property network. This simple step will stop others on the network from accessing the systems on your network. You should be able to pick up one of these devices for less than $100 at any electronics store.

Next, encrypt any traffic that leaves your office network headed for the Internet. The easiest way to do this is through the use of a Virtual Private Network (VPN). If the office is a satellite office of a larger company, you can probably connect to a corporate VPN, preventing those on the property network from decrypting your Internet traffic.

If a VPN is not an option, you'll need to encrypt every service you use. For example, when browsing the Web, be sure to connect only to secure websites that begin with the https:// prefix. Similarly, configure your connection to your email server to use SSL-secured connections. If you're using other services, consult the documentation to determine how to configure encryption for them as well.

Really, your situation isn't much different from that of anyone purchasing an Internet connection, other than the fact that you know the people who may attempt to eavesdrop. Taking a few simple security measures should allow you to use the shared Internet connection privately.


This was last published in April 2009

Dig Deeper on IPv6 security and network protocols security