Many saw Windows 2000 as Microsoft's attempt to win the enterprise networking market. Now with Windows XP and all its enterprise-friendly features, the Small Office/Home Office (SOHO) network is back in the limelight. The Network Setup Wizard (called the Home Networking Wizard in the first betas) makes it easy to configure a small network and employ Internet Connection Sharing (ICS) to connect that network to the Internet. If you encounter problems along the way, the Home And Small Office Troubleshooter comes to the rescue. In this Daily Drill Down, I’ll take a look at the tools Microsoft has included in Windows XP Home and Professional editions to make SOHO networking a true no-brainer.
Welcome to easy SOHO networking
Windows XP’s Help And Support Center (the new and improved Help file) has an entire section called Welcome To Home And Small Office Networking that walks you through the processes involved in setting up a small network, from buying hardware to sharing your Internet connection. A handy checklist ensures that you proceed in a step-by-step fashion (see Figure A).
|Windows XP’s Help And Support Center provides a detailed checklist for creating a small network.|
Before you begin to set up your small network, you’ll want to determine the roles of each computer on the network, what resources will be shared, and which computers need Internet access. Other planning considerations include:
- Determining the topology and media type for your network: The topology is the shape or layout of the cabling; the media type refers to the type of cabling or wireless method used.
- Ensuring hardware compatibility: The network interface cards (NICs) in all the computers must have Windows XP drivers. (See the Hardware Compatibility List.)
- Selecting a computer to be the ICS host: This is the computer that will connect directly to the Internet via modem, ISDN terminal adapter, DSL, or cable modem.
Off to see the wizards
Windows XP is full of wizards to guide you through the various setup processes. Like Windows 2000, XP includes a New Connection Wizard for setting up connections to the Internet, virtual private networks (VPNs), and LAN connections. New to XP is the Network Setup Wizard, which can be used to configure all the computers on your small network for peer-to-peer file and printer sharing, along with Internet connection sharing.
|The Network Setup Wizard can be run on XP, Windows 98/98SE, and Me computers.|
You must be logged on as an administrator to run the Network Setup Wizard on a Windows XP Professional computer.
You can run the Network Setup Wizard (see Figure B) from the Windows XP CD-ROM on computers running the following operating systems:
- Windows 98 and Windows 98 SE
- Windows Me
- Windows XP Home or Professional Edition
When you insert the Windows XP installation CD, select Perform Additional Tasks from the splash screen. Then click Set Up Home Or Small Office Networking to start the wizard.
To run the wizard from inside Windows XP, click Start | Control Panel | Network Connections | Common Tasks | Network Setup Wizard. During the process, you can choose to create a floppy disk to run the Network Setup Wizard on the other computers on your network. On the other computers, you’ll just run the Netsetup.exe command from the floppy.
When you run the wizard, it automatically searches for a shared Internet connection on your network, as shown in Figure C. Thus, you must connect the ICS host computer to the Internet and run the wizard on that computer before setting up the rest of the computers.
|The wizard searches for a shared Internet connection on your network.|
The wizard will even walk you through the process of enabling the Internet Connection Firewall and/or network bridging, both discussed later in this Daily Drill Down.
Troubleshooters to the rescue
Microsoft has included a whole squadron of troubleshooters in Windows XP to address networking and connection problems, including:
- The Internet Connection Sharing (ICS) Troubleshooter.
- The Modem Troubleshooter.
- The File And Printer Sharing Troubleshooter.
- The Drives And Network Adapters Troubleshooter.
Troubleshooters for Outlook Express and Internet Explorer are also included, along with a Home And Small Office Networking Troubleshooter to specifically address problems common to the SOHO environment.
These troubleshooters are accessible through the Help And Support Center. They’ll walk you through a series of questions designed to gather information about your networking problem and then suggest solutions or additional resources (as shown in Figure D).
SOHO security made easy
It’s convenient and saves money to have all the computers on your home or office network share a single Internet connection using ICS. And it’s great to be able to share your files, but it’s not so great if you end up sharing them with strangers to whom you never intended to give access.
When your small network is connected to the Internet, it is possible for outsiders to gain access to the data on your computers’ hard disks. Internal security may also be a concern in offices where certain files need to be kept confidential from some coworkers.
Microsoft anticipated this problem and included a new feature in Windows XP: the Internet Connection Firewall (ICF). Windows XP also offers new account management and password features to address internal security, in addition to carrying over Windows 2000’s support for file encryption of data on the hard disk.
Built-in personal firewall
The ICF is set up automatically on the ICS host computer when you run the Network Setup Wizard.
|You can use the Internet Connection Firewall with any Internet connection.|
ICF can be enabled on any computer that has an Internet connection configured, whether or not it is an ICS host.
To turn on the Internet Connection Firewall when creating a dial-up connection to an ISP in the New Connection Wizard, simply check the Turn On Internet Connection Firewall For This Connection check box, as shown in Figure E.
If you choose not to turn on the firewall when you create the connection, you can turn it on for this connection later by right-clicking the connection name in Network Connections (accessed via Start | Control Panel), selecting Properties, clicking the Advanced tab, and checking the check box under Internet Connection Firewall (see Figure F).
Once enabled, ICF monitors traffic that comes from the Internet to your private network or Internet-connected computer. It works by maintaining a table of the communications that were sent from the computer running ICF or the private network. When packets arrive from the Internet, they are checked against this table to determine whether the communication originated on your local computer or a computer on your private network. If not, the packets are discarded.
|You can configure the firewall to allow outside users to access specific services.|
If you want to allow traffic across the firewall that did not originate from within (for example, HTTP traffic), you can configure a service definition to allow that traffic in. Do this by clicking the Settings button on the Advanced tab to display the Services sheet, which allows you to select the services you want to open up to outside (Internet) users, as shown in Figure G. By default, none of the services are selected.
|You can determine whether to allow responses to specific ICMP requests.|
Using the Security Logging tab, you can have the system create a file called pfirewall.log to record information about dropped packets and/or successful connections from the Internet. You can also determine whether to allow responses to Internet Control Message Protocol (ICMP) requests (such as ping echo requests) using the ICMP tab (see Figure H).
User account management
Another important aspect of protecting your small network involves user account management. The XP User Accounts applet, accessed via Control Panel, has a new look, as shown in Figure I.
|The User Accounts management applet has a new look in Windows XP.|
If you prefer the old look of Windows 2000, you need only modify the Appearance tab of your Display settings to select Windows Classic Style instead of Windows XP Style.
A new feature in Windows XP is the ability to assign a picture to each user account. (This is available only for computers that are not members of a domain.) Also, in Windows XP Professional, the built-in Guest account is disabled by default. This protects the computer from logon by users who do not have a user account.
XP also provides a mechanism for switching between users without having to log off and log back on with the other account. With Fast User Switching, you can leave programs open and they will still be running when you switch back. This is another feature available only with peer-to-peer networks, not on computers that belong to domains.
One way to ensure that unauthorized users can’t log on with your account is to create a strong password, one that is difficult to guess or “crack” in a brute force attack. The problem with such passwords is that sometimes they’re so strong that even the authorized user can’t remember them.
|The Forgotten Password Wizard allows you to recover a forgotten password with a Password Reset disk.|
Windows XP allows users to create a Password Reset Disk, which can be used to access an account for which the password has been forgotten, using the (what else?) Forgotten Password Wizard, as shown in Figure J.
Windows XP also allows you to use the Stored User Names And Passwords feature to manage passwords, such as those used to access password-protected Internet sites.
Growing without pains
SOHO networks, like many other things that start out small, have a tendency to grow. Although it is unlikely that your home or small office network will grow to the enterprise level (though it’s also not completely impossible), there is a good chance that you will eventually add more computers, need more advanced capabilities, or otherwise reach a point where you’ll want to take advantage of additional networking features built into Windows XP.
Microsoft has included support for a couple of features that might represent the “next step up” for your network:
- Network bridging
- Wireless networking
Let’s take a brief look at each of these.
The network bridge
The network bridge lets you connect two local area network segments without routing. With Windows NT and 2000, you could enable IP forwarding and have the computer act as a router. With Windows XP, you can instead configure the computer to act as a bridge—a simpler connectivity configuration that does not require subnetting.
A network bridge can connect two different media types; for example, a thin coax network (10base2) can be connected to a UTP network (10baseT). Bridges also reduce broadcast traffic on the network. With Windows XP, you don’t have to buy a hardware bridge; bridging is built into the operating system.
If you have more than one network adapter installed on a computer and run the Network Setup Wizard on that computer, you will be asked whether you want to create a network bridge.
Windows XP offers much better support for wireless networking than its predecessors. This includes:
- 802.1x wireless
- Infrared wireless
The IEEE 802.11 and related specifications provide for implementation of wireless LANs, with provisions for authentication and encryption using spread spectrum radio transmission. Infrared connections use infrared light to transmit network signals and are often used for communications between computers and wireless peripherals such as keyboards and mice. Infrared communications are governed by the Infrared Data Association (IrDA) standards and protocols.
SOHO networking is booming as more and more small offices acquire multiple computers and recognize the advantages of sharing files, printers, disk space, and an Internet connection. As small offices become more sophisticated, they need more of the advanced networking capabilities previously found only in large networks, but in a simpler, easier-to-implement form.
Microsoft Windows XP was designed with the SOHO networker in mind. XP makes it easy to set up, maintain, troubleshoot, and secure a small network. Best of all, it includes support for more sophisticated capabilities that these networks will need to grow beyond the SOHO stage.