Topic: 2 networks and 1 photocopier

[mercyh]

And I thought my explanation was too complex.......

Sal,
Didn't you get this working with the scanner on one network and a share mounted on the other network??

What we have done will work for the scanning. As it is a share on the scanner's side mounted on the server.

[electroman00]

And I thought my explanation was too complex.......

Since there's not much about vlan's on the internet I figured it can't hurt.

Bottom line is everyone now has a choice of solutions if nothing else.

One or the other or both.

Since it appears to hurt some, I'll just go hibernate in my work here in the orifice.

Have a good one...

[mercyh]

touchy, touchy..........

Since it appears to hurt some

Actually didn't hurt a bit....

And I thought my explanation was too complex.......

this is a comment not a criticism.

I should know much more about this then I do. I have used vlan only as a bit of a security measure within my lan.
(For sending radiology scans directly to a specific server so I can Guarantee to a picky radiologist that his precious pictures have not been touched in any way en route to his repository.)

PS> after your explanation I know more about it then I did before and that can never hurt.

Thanks for taking the time to explain

[sal1504]

Electromann00

From what I am understanding in your example from the scanner you can send a scanned document to anyone on the network, lan1 or lan2. What I need to do is isolate the scanner so if lawyer from lan1 scans in a document it can NOT be sent to anyone on LAN2. The printing function I understand because you are going from the individual lan's to the shared S/C but on the scan side how do you isolate the scanned image so it goes to either lan1 or lan2 but not both. Example a lawyer from the law firm on lan1 goes to the scanner and scans a document, what is to prevent that document from accidentally being sent to a lawyers computer on lan2? In my case I have two law firms that want to share the S/C that the purchased together, but need to keep complete seperation between the two law firms.

Sal

[mercyh]

From what I am understanding in your example from the scanner you can send a scanned document to anyone on the network, lan1 or lan2. What I need to do is isolate the scanner so if lawyer from lan1 scans in a document it can NOT be sent to anyone on LAN2.

This is impossible to do at the network level. How does the copier/network card know which organization the lawyer standing in front of it works for?

I would think that your copier supports departments, (where each user has to login with a password and the expense can be billed to the correct department.) Does it support different scanning locations per department?

The networking goal we are trying to achieve is that the Copier can talk to both networks but the networks cannot talk to each other.

[electroman00]

but on the scan side how do you isolate the scanned image so it goes to either lan1 or lan2 but not both

Thats done at the scanner, it's the source and need to be told for all scans where to send the scan.
Some of these units can buffer the scans until a client requests them for download.

what is to prevent that document from accidentally being sent to a lawyers computer on lan2

Nothing

I hope that's not to much of a complex answer.....LOL.

I know my lawyer is smart enough to be able to instantly tell you if a contract is verbal or written, however he's probably
not smart enough to make sure he's sending the scan to the right system/place every time.

I never said this was an idiot proof solution, nor did you make that a requirement.

However depending on the scanner you may be able to reduce that risk, not eliminate it.

[electroman00]

I might add it will never be sent to both networks at the same time, one or the other, not both.

If scan is sent to network1 then that's where it goes, you may have to rescan to send that same scan to the other network.
Your scanner may buffer it and send the scan and maintain the sent scan in it's buffer for a resend later.

[sal1504]

Electormann and MercyH

There lies the problem. With Sarsbane-Oxley and HIPAA the need for complete isolation between the two companies is a mandate. The company that sold them the S/C (which is a Sharp Copier/Scanner) misrepresented the capabilities of the S/C and from what I can tell has no networking or security training. One of the law firms IT person said no problem we'll just put everyone on the same network. The second law firm told them that HIPAA requires complete isolation between the two companies. I was called in to see if there was a solution. The copier does NOT support departments and we can't even password the individuals in the address book. My recommendation to the law firms was to return the copier. After all the research I have put into this I feel that it is the company that sold the copier responsibility to make it work to HIPAA standards or take it back and provide a copier with more advanced features. Thanks for everyone's input and sorry this got so off track.

Sal