Blog Post

SOHO Networks

Jake Garratt4 September 2023Home, Security

One of the most common local-area deployments is the Small-Office / Home-Office LAN (SOHO). It is a small computer network usually built of one Ethernet switch, one router/firewall, and one or two wireless access points. Despite being a small network, many SoHo networks are implemented following poor practices and with security added as an after thought.

We have put together some key focus points for when setting a SoHo network up for the first time, or for reviewing your existing setup:

  • Ensure you have a speedy internet connection with a backup LTE (mobile data) connection
    • This is typically the main bottleneck of your network. Don’t let slow internet ruin your productivity
  • There are many routers on the market that can connect to your ISP (Internet Service Provider) and have a backup SIM tray
    • This will ensure seamless connectivity if your main ISP connection disconnects, the LTE SIM is then used
  • Connecting to your router will be your switches for your wireless access points, printers and any wired PC’s
    • Resiliency here can be optional but ensuring you have a good support contract 24/7×365 on a 4hr break-fix means losing a switch can be replaced swiftly
    • Cost permitting we would always recommend a switch-stack of two switches to allow for a single switch failure
  • Make sure your switch uplinks to the router are running at your purchased internet speed
    • For example if you have a 1Gbps internet connection, make sure your LAN is running at 1Gbps – Do not pay for 1Gbps internet but only have 100Mbps running on your uplink
  • Use some form of port-based security on your switches
    • Any exposed data socket in your office, store or restaurant could have an unsolicited device connected to it and have access directly onto your network
    • Use mac-address security or more robust 802.1X solutions that require additional resources like a RADIUS server
  • Lastly, make sure all your network devices are not configured with the vendor default access credentials
    • If you permit any form of remote management and expose your network devices externally, you are making it extremely easy for malicious actors to gain access to your network

Get in contact with JGC IT Services for an impartial review of your network infrastructure from analysing your topology through to best practice guides and checking your device configuration.

author avatar
Jake Garratt
See Full Bio

Recent Posts

Leave a Reply

Your email address will not be published. Required fields are marked *