We regularly setup small networks for clients in different locations to allow them to work on different products now the question what should be the best security practice.

Currently we have a wifi enabled with WPA2 and most laptops connect to this but some will connect to a cabled switch connecting to the router.

We are thinking on what we should do to increase the security on our small networks - We do have have security on the laptops so you can share directly to the other persons drive by a simple Windows user account.

Some suggestions are:

1. We get a LAN switch with ACL control and mac filtering for the hard wired connections?

2. We get acl working on the wifi via a good Cisco router?

3. ipSec policies on all machines?

4. IP filtering and fixed IPs?

I suppose people are worried that anyone can plug into the switches and get the access to the network .

Summary:

Maintain a level of decent security that can be replicated easily to every setup that we do for clients