Hi,

We're planning on making our own enterprise with my friend. Basic firm providing IT-support and stuff like that. It would come to be my responsibility to build the office network and configure and administrate it and I don't have experience about these sort of issues so I'm needing little help

I need to figure how many computer we need and all. Basic idea would be to have the following:

- store customer information and work history and similar
- host a webpage and secure email to employees
- have workstation on where to do the work

How many computers would be enough and how powerfull machines do I need? I think some low-end machines would do just fine but as I said, I don't have experience on running servers 24/7 so any advise would be good. Anything I should note when purchasing them? Cooling and all?

I have heard and think it would be wise to keep the customer info and email/webpage server machines separate to make it more secure. Customer data only accessible from own intranet?

Should I use a separate computer to act as firewall / routing or is this just futile?

The office itself would just have like a one or two workstation. One idea is to have two offices, one in each town so how would this be achieved? Direct cable line isn't quite solid option This is just a theoretical situation but it would be a good option to figure this out now so it will work smoothly later on.

Which would be good operating systems or do these matter much? It would be nice to use OpenBSD but I have zero experince using it so it could cause some problems. I probably stick with Slackware as I have most experience running it and it is stable and familiar enough.

Any services I should get familiar with? I thinking samba to access files, mysql database to store the info. Do I need proxy? What about the email? What service should I use for it? DNS-server?

What about backups? Is RAID worth it?

Should I grant some sort of SSH connection to access the info from outside? Access routed to workstation and that can then access rest of the network?

Any good place to fetch material from internet?

you're asking a huge amount of questions there, you may want to ask more of the non-network questions in other forums. if you do (assuming no one else answers them here before) please remove them from this thread for clarity. thanks.

if you are not looking to spend a large amount on networking in general i would suggest that you look towards a linux firewall such as ipcop (or maybe something on bsd lke pfsense) to manage port fowarding, filtering, proxying etc... you would take a server, or multiple servers, and place them in a logical DMZ off of the firewall, on a seperate interface and use this to isolate your workstations from any internet connected server. i would certainly look to keep your .com presence and associtated extranet services like webmail seperate from customer data, but this would depend on the interactions between the two. if there are none, then i would probably connect the sensitive server like a normal workstation on the LAN (on what ipcop would call the green interface) or you coul dgo further still and create a seperate private server subnet which only green hosts (workstations) can get to but still via the firewall service.

how many boxes? well as above we have 1) a firewall box (low power, low performance) 2) a internet server and 3) a private server, but you could easily combine the servers if you wish. you could also replace the linux firewall with a cisco router or such, but that's probably heading in a less desirable direction.

in terms of what services you present to the outside world, obviosuly try to limit as much as possible, but in a realistic world there is a point where your working life will be hampered. you may want to look towards a vpn solution (another thing ipcop can provide) in order to establish secured connections from the internet in order to allow other more sensitive serivces to reach the network. this would be very much preferable to opening ssh to a server etc... no matter how secure your ssh instance is. if nothign else it's a bit messy. obviosuly the VPN would also cover the two office scenario really well, two ipcop boxes talking to each other should work right off the bat.

i'm referring to ipcop a lot as i know it and like it. other solutions exist, don't necessarily get steered in any given direction from others personal preference.