Tirla Adrian wrote:
Hello, I`m currently one of the network administrators of a 3000+ students and i have some issues maintaining security, authentication ... and quality of service ...
1. For authentication you may use something like: http://horatio.sourceforge.net 2. Block outgoing connection on ports like: 25, 445, 137-139, block multicast, broadcast and bogons.
3. To save bandwidth use transparent proxy.4. Limit each IP to a maximum bandwidth using HTB and especially limit NAT translation per IP to a reasonably small amount ( 32 should be fine if you are not allowing P2P).
-- Best regards,Adrian Minta MA3173-RIPE, MA314-ROTLD, www.minta.ro