Frequently Asked Questions
On this page... (hide)
- 1. PC Equipment
- 2. Dealer Management Systems
- 2.1 What types of Dealer Management Systems (DMS) are there?
- 2.2 How should a Dealership prepare for working with a DMS provider?
- 2.3 What are Issues to Consider when Choosing a Network Provider?
- 2.4 How long should a service contract be?
- 2.5 Should a Dealership Migrate or Integrate?
- 2.6 What issues need to be considered regarding Support?
- 2.7 What issues need to be considered regarding Contracts?
- 2.8 What issues need to be considered regarding Compatibility?
- 2.9 What issues need to be considered regarding Usage?
- 2.10 Are the applications that will run across the Internet critical to business operation?
- 2.11 What issues need to be considered regarding Cost?
- 3. Dealership Security
- 3.1 What are the MINIMUM tasks that MUST be performed by security tools like a firewall, virus protection and router?
- 3.2 How do modems on individual PCs affect network security?
- 3.3 How can a dealership test a security plan?
- 3.4 What benefits are there in using a Proxy server to communicate over the Internet?
- 3.5 What are security recommendations for a wireless LAN?
- 3.6 How often should a dealership back-up data?
- 3.7 What are the features to look for in a good back-up and recovery system?
- 4. Internet Access Methods
- 5. Internet Content Filtering
- 5.1 Should I choose a hardware or software content filtering system?
- 5.2 What is recommended for general maintenance of hardware based system?
- 5.3 What are the common issues associated with hardware-based content filters?
- 5.4 What are the issues / solutions associated with software based content filters?
- 5.5 What are the things that a dealer should look for when considering any type of Internet Content System?
- 5.6 What are common Internet search terms to use to find Internet Content Filtering information and vendors?
- 6. Multimedia Delivery
- 6.1 How will Rich content delivery affect my network performance?
- 6.2 How will it affect my computer performance?
- 6.3 What things should be considered when using a subscription service for a multimedia product?
- 6.4 What Types of plug-in are available?
- 6.5 Are automatic updates necessary with plug-ins?
- 6.6 What is Active X?
- 6.7 Is it okay to use beta software?
- 7. Network Design Framework
- 8. Network Peripherals
- 8.1 What are things to consider when choosing any Network Peripherals for your network?
- 8.2 How do you decide what peripherals should be on the network and what peripherals should be connected to individual workstations?
- 8.3 How can you diminish security risks associated with printers and faxes?
- 8.4 Should a business consider a simple All-In-One-Device (Printer/Copier/Scanner/Fax)?
- 8.5 What are the most critical (but sometimes overlooked) network peripherals and why?
- 8.6 What are the BASIC characteristics to look for in back-up and an uninterpretable power supply (UPS)?
- 8.7 What are some of the advantages and disadvantage to including VoIP Phones Service on a network?
- 9. Private and Virtual Private Networks
- 10. Safeguarding Customer Information
- 10.1 What kind of information do I need to protect?
- 10.2 What is due diligence?
- 10.3 Does the law state what it takes to be compliant?
- 10.4 Why don’t I see more detailed information in chapter 4 of the Dealership Infrastructure Guidelines?
- 10.5 What are the primary objectives for the new Safeguards Rule?
- 11. Traditional Network Infrastructure
- 12. Wireless Networks
- 12.1 What version of wireless should I use?
- 12.2 What type of encryption should I use?
- 12.3 Should I broadcast my SSID?
- 12.4 Mac Address Filtering(Media Access Control) – Should I use this?
- 12.5 How many users are typically allowed per access point?
- 12.6 Should I allow customer to access my wireless network?
When considering PC and terminal purchases take into account other items besides the computer. Consider the following:
- Surge Protectors and/or Universal Power Sources should be used to protect PCs, modems and Ethernet ports from power spikes.
- Surge protectors that also have jacks for the telephone and network lines need to be Underwriters Lab (UL) 1449 Listed and/or CSA Certified.
- Line conditioners, and/or isolated electrical circuits may be appropriate for some situations when power requirements have a narrow operating range.
- Plug and play technology that incorporates the Universal Serial Bus (specification 2.0 or USB 2.0) allows multiple external devices to be connected.
- Multi-function drives that support reading from and writing to compact disks (CD) and digital versatile disks (DVD). Check with your OEM to determine if you may receive software or data only in a DVD format – that would require a DVD or multi-function drive.
- Flat panel displays require less space than traditional cathode ray tubes (CRT’s) of the same screen size. However, flat panels may require a DVI (Digital Video Interface) interface card, so check the video connector options on the PC to ensure compatibility with the flat panel display.
Several factors should be taken into account when deciding when and where to add Personal Computers (PCs) or to replace a green screen terminal with another. If an employee only uses green screens, the application will not be changing, and the application’s vendor will continue to support the application for a number of years there may not be a need to replace the green screen terminal with a PC. On the other hand, if the applications employees use are accessed with an Internet browser then consider the replacement of the terminal with a PC.
Another situation to consider replacing terminals with a PC would be when one PC could replace multiple terminals. Dealership staff who need to access email and other browser-based applications, or require use of multiple computer applications are candidates for PCs.
The schedule for the business system providers to convert to browser-based applications is also an important consideration. The useful life for PCs is three to five years. Then it should be considered for replacement or possibly to be upgraded to match the growth in its frequent use during the time period.
New PCs have a warranty though the duration and terms vary. Vendors may provide carry-in, mail-in, and/or on-site repair service options. In business situations the downtime and the extra expense of delivering or shipping a computer out for service for several days may be unacceptable. On-site repair plans with reasonable (up to eight) response times are usually preferred. Service providers and corresponding service plans targeted at home users will usually not provide an acceptable level of service for more demanding dealership operations.
Workstations: Like personal computers, most workstations are single-user computers. However, workstations are typically linked together to form a local-area network, although they can also be used as stand-alone systems.
STAR recognizes two distinct DMS types. The first is the traditional configuration which usually locates all hardware and data on the network within the dealership. The second is an ASP DMS which links to the dealership over the Internet or through private connections. The table below outlines the characteristics of both systems:
|Item||Traditional DMS||ASP DMS|
|SECURITY||Hardware and data are physically located in the Dealership accessed locally.||Hardware and data are located in remote data center. Typically accessed via encrypted network connection. Security policies vary by supplier.|
|SERVICE||Hardware support done on site, subject to availability of local resources.||Centralized hardware support at the data center. Subject to reliability of Internet or data line connection.|
|UPDATES/BACKUP||Typically performed locally by the Dealership personnel.||Typically performed at remote data center by the service provider.|
STAR has created a Need Assessment Worksheet which is located in the appendix of the DIG. Completing this worksheet will better enable Dealerships to evaluate their existing infrastructure and their current and future computing needs. The information gathered can then be used to generate comparable solutions from multiple suppliers and possibly save money and time. Some of the items included in this worksheet include:
- Dealership DMS Provider Issues
- How many DMS terminals (green screens) are in the Dealership?
- How many DMS terminals will be replaced by PCs?
- What peripherals (printers, etc.) of the DMS will work on the Dealership LAN?
- Will additional client Personal Computers (PCs) be added to access the DMS?
- Are additional DMS ports or access licenses needed?
- Is the DMS Ethernet LAN (hardware and software) ready?
- Does the DMS require Domain Name Server (DNS)?
- If so, how will DNS be handled on the Dealership LAN?
- How will the DMS be handled in a Dynamic Host Configuration Protocol (DHCP) environment?
- How will static IPs for Servers, Printers, and other network devices be handled?
- Is the DMS system onsite or hosted externally Active Server Pages(ASP)?
- Does the Dealership control the network (wiring, hardware, and management)?
- Will installed wiring remain intact and be usable at the end of a lease?
- Will the Dealership have the option to own the equipment at the end of a lease?
- What are the terms of the contract? Do the network offerings require a long-term contract?
- Does the offering support the latest, most cost efficient technologies such as DSL, Cable, Wireless, etc?
- Does the supplier provide voice and data integration services? If so, to what extent?
- Can modifications be made to accommodate Dealership specific requirements such as port assignments and services on routers and firewalls?
- What are the charges for modifications or additions?
- Does the Dealership require a web server, mail server, DMZ, etc.?
- Are proxy services available?
- Can the Dealer control decisions regarding access authentication and authorization?
- Is the DMS onsite or hosted externally (ASP)
Technologies are changing at a rapid pace. Dealers should not be locked into long-term contracts. Internet Service Provider (ISP) offerings should be limited to one year. Network equipment and wiring offerings should be limited to three-year contracts.
Dealers creating a single LAN environment will have a choice between integrating with their current DMS environment or migrating the DMS environment to a new LAN. Migrating requires the configuration of DMS servers and devices to conform to the new network design. Integrating requires the configuration, and some times the installation, of network equipment in order to support the specific requirements of the DMS. Migrating the DMS onto the Dealership LAN is the ideal scenario since it can offer significant advantages in terms of control, flexibility, and economics. The OEMs strongly recommend migration as the preferable path to building a Dealership environment.
Integration of the Dealership LAN and the DMS may be an alternative if all other methods are determined to be cost prohibitive. In order to integrate, the DMS provider may require the purchase of an additional router and firewall to be placed between the Dealership LAN and the DMS equipment. Although this method is considered to be unnecessary and undesirable it may serve as a last resort in order to retain current support policies by providing the DMS with its own, segmented network.
New Dealerships have the distinct advantage of entering into new contracts with DMS providers and network suppliers. In this case, Dealers may use the proposed scenario of a single Dealership controlled LAN as a negotiation tool. DMS providers MUST be compliant with the Dealership Infrastructure guidelines if they hope to be competitive among DMS providers and Network suppliers alike. It is imperative that all parties agree to the network design before the Dealership enters into any contracts.
Completing the Needs Assessment in Appendix D will help dealerships weigh the pros and cons of each scenario.
- Exactly how will the support model change if the DMS is placed on (migrated to) the Dealership LAN?
- Exactly what is supported and what is not supported?
- If the DMS remains on it’s own LAN, what can the Dealer expect in terms of support and fees to integrate that LAN to the Dealership LAN? Will there be additional fees in the future when configuration changes are required on the networks
- Is there a cost advantage to the Dealership if the DMS provider changes their support level to accommodate the new network?
- How does the ASP model raise or lower my expenses?
Contracts play a large role in decision-making. As explained above a new Dealership, or a Dealership looking to extend an existing contract, has a distinct advantage when negotiating. By having DMS providers and network suppliers agree to a common network design and management, the Dealer is able to reap the benefits of a single LAN. Dealers who are currently in a long-term contract MUST work with their network supplier to ensure coordination with their DMS provider, if they are separate suppliers. The questions to ask about contracts are the same as the Dealership considers when deciding whether to stay with their current DMS provider.
- Does the offering completely comply with the open standards in the Dealership Infrastructure document?
- If there is reuse available from the Internet connection, will infrastructure be compatible with all intended uses?
- How does the solution work for a DMS that is on-site or a DMS system that is hosted externally?
- What are the immediate needs for Internet access?
- Are there Dealership goals that an Internet application or service may solve?
- What are the internal host requirements desires (website, e-mail, etc.)?
- What volume of usage is expected?
- If an ASP model is chosen, how do the above questions change?
Cost is obviously a very important issue. It is also a difficult one to evaluate because of so many variables and so much speculation. Because many Dealers are not familiar with how to calculate the actual cost versus benefit formula, this document will highlight some areas of impact. The expense of an asset like a network infrastructure is a new one to many Dealerships. The Dealer MUST understand that there are initial costs, recurring costs, and ad hoc costs.
Except in the case of a completely leased solution, a Dealership more than likely will incur an up front cost when implementing an Internet enabled LAN. It is not always clear if a low installation cost is a good deal. Like many purchases, there can be significant discrepancies in up front costs. Sometimes installation costs are dwarfed by the ongoing recurring costs or ad hoc charges after installation. The total expense of ownership should be considered over the term of approximately three years. The business decision of weighing short-term expenditure versus recurring costs and long-term benefit is the Dealers.
3.1 What are the MINIMUM tasks that MUST be performed by security tools like a firewall, virus protection and router?
To protect the dealership IT equipment and business information the security tools need to:
- Scan all Internet traffic, email, and file attachments
- Remove viruses before they invade the dealership computer network, and repair damaged files
- Conduct periodic anti-virus software scan of the memory and the hard drive of both servers and desktop PCs
- License an anti-virus solution that includes mechanisms to assure the quick application of a cure for any virus found. The anti-virus software should:
- Scan and deliver all clean traffic (emails and file attachments)
- Immunize or destroy known viruses and quarantine anything else that shows symptoms of known viruses
- Scan compressed-file formats
- Generate comprehensive reports to track all actions related to the scanning process and identify equipment that had viruses or still contains suspected emails and files.
Unfortunately an all too easy method to bypass dealership security barriers is for an employee to connect a modem to a networked personal computer. Use of modems should be closely monitored and only used to connect to devices used for remote support and Internet access backup where appropriate security measures in place. All PCs connected to the Local Area Network (LAN) should have their modems disconnected and removed. Hackers can detect the presence of modems and use them to access or destroy Dealership data.
Hackers are moving targets that constantly search for new ways to attack your dealership LAN. A good security plan should include frequent testing, reviews of the tests and audits by a third party to insure that any holes discovered are plugged. Attempts should be made to break into the Dealership’s network. One way is to dial all dealership telephone numbers to see if an unauthorized modem answers. Consider the use of outside auditors on a regular basis (at least yearly). Many consulting firms and CPA’s now offer these kinds of audits. An audit MUST test every aspect of network security. All servers should be audited including those supporting firewalls, email, Domain Name Server (DNS), domain, web access, and File Transfer Protocol (FTP).
Proxy servers provide additional security by protecting against unauthorized access to dealership networks. All communication between the network goes through the proxy server. In a Dealership environment, the PCs communicate with the proxy server, and the proxy server in turn communicates with the Internet. Data going to the Internet is “repackaged” with the IP address of the proxy server, so that intruders are not able to determine the true source of the data (desktop PC or server). Proxy servers can be configured to provide the following security features:
- Authentication — the process of identifying and verifying an individual attempting to gain access to a network
- Authorization — the process of determining whether an individual has the right or authority to use a dealership application or access dealership business data.
- Caching — the storage of recently accessed web pages for quicker retrieval
- Logging — the automatic generation and storage of service requests including those who access to the Internet
- URL filtering — the ability to prevent employees from visiting undesirable websites
- Create a Virtual Private Network (VPN) tunnel by installing a VPN client on each client device and configuring the VPN device, which is placed behind the access point. Note: not all VPN client software is compatible and/or interoperable with other VPN products. Consult a qualified professional before installing any VPN client software.
- Configure the firewall, which is placed between the access point and the wired LAN, to allow only VPN traffic and deny all other traffic
- Install a user authentication system, which requires a user name and password for any device to access the network as well as applications, servers, etc
- Attach access point to a VLAN capable switch – allows for multiple VLANs to be defined for specific user groups and OEMs
- Install uni-directional vs. omni-directional antenna where appropriate.
The most important predictor of a dealership’s ability to recover from a hacker’s attack is the degree to which it prepared for that attack. Information that is important to the dealership operation should be backed up nightly. Large Dealerships with several geographic locations should consider consolidating their business data on a central server. This would simplify the time and effort to backup up their data. Also, it is wise to keep several generations of the nightly backups in case one or more of the files on the server are lost or damaged prior to the backup and it is not discovered for several days.
Compression: Compression allows you to reduce the number of storage media needed for each nightly backup. In general the larger the compression ratio the less storage media space needed to store backed up data.
Encryption: Encryption is critical to ensure protection of sensitive business and customer data. Most backup software products offer password-protected archives but varying levels of encryption. Recently available backup programs include the use of the Advanced Encryption Standard (AES 256 bit algorithm). Note, encrypting will increase the amount of time to backup dealership data.
Automatic Scheduling: Automatic Scheduling applications allows the backup process to run at specified time intervals allowing data to be backed up automatically and at times convenient for the dealership.
Data Volume: This relates to the amount of data on a dealership server that can be backed up and stored on one or more storage media. The software products usually have no limitations and can process volumes of over 1 terabyte (1 trillion characters) of data.
Validation: A back-up system needs to ensure the integrity of the data. With advanced levels of validation such as bit-level validation, the backup software itself tests the integrity of the data down to the bit level (by creating a test restore right after each backup is performed). This may increase the time it takes to complete the backup but it increases the reliability and restorability of the server from the backup storage media.
Full and Incremental Backup: A Full Backup indicates all the data on the servers are backup up to tape or disk storage media. Full backups should be performed at least weekly. An Incremental Backup will only backup data that has changed in a specified timeframe.
Restore: The software product that backups the dealership data must allow the data to be selectively restored meaning one or more files as needed to the required server.
Reporting and Fault Logging: Reporting and fault logging is a program that monitors the backup and the restore processes and provides information on the success or problems encountered with each occurrence of these activities.
Traditional network access has been offered in the form of dial-up, leased, satellite, or Integrated Services Digital Network (ISDN) products (ISDN has moved to more of a backup strategy, but is still a viable option) There is widespread availability of these methods.
Their capacities have range from low-speed 28.8Kbps dial-up (about 29,000 bits per second) to moderate speed 1.5Mbps leased lines (about 1.5 million bits a second).
Emerging technologies can be found in newer products such as Digital Subscriber Line (DSL), aggregate dial-up, cable modems, wireless access, and enhanced satellite. These new products provide high capacity, ranging up to 10Mbps, at costs that rival older technologies. However, since development and deployment of these technologies is ongoing, availability is often poor and suppliers have difficulty matching products to needs.
For more information see the Dealership Infrastructure Guidelines
When connecting your business to the internet today you will need to pay a great deal of attention to the Service Level Agreement (SLA) that you receive with the Internet connection. The SLA will detail the Quality of Service (QoS) that the provider offers with their service.
A few items to look for in the SLA are:
- Up time (amount of time the server is guaranteed to be operational). A good point would be 98% of up time
- Do they have weekend service and support?
- What are the back-up options for their connection?
For more information see the Dealership Infrastructure Guidelines Are satellite connections still competitive?
No. For more information go to:
While most connection outages are very short in duration, a backup for that connection is still a requirement. This backup should be a dialed connection attached to the router.
For smaller dealerships whose total bandwidth is not much more than the minimum 128Kbps, a dialed backup providing 56Kbps is sufficient. Dialed connections with lesser bandwidth may work but performance will be noticeably downgraded. Larger dealers that require primary connections well above the 128Kbps minimum may need to explore the use of ISDN, DSL, or dialed backup connections. The greater the bandwidth on the primary connection, the greater the backup bandwidth should be.
How much bandwidth you need is determined by several factors. Some of these factors include:
- How many users will be accessing the internet?
- What will you be using the internet for? (downloading files, uploading files, entering information, VPN)
- If your not using a dedicated line (see the DIG for more detail) how many other businesses or people in the area will you be sharing access with (this may slow down service dramatically)?
Each OEM may have specifications on the amount of bandwidth they require a dealership to have. Before purchasing your connection please check your OEM’s addendum.
For more information on this and other areas of dealership infrastructure, please download the STAR Dealership Infrastructure Guidelines
(Please note that this is a zip file. You will need to have WinZip installed on your computer to open the file and to extract the DIG document.)
A hardware system routes web traffic through an external specialized server that filters and blocks unwanted material prior to reaching individual workstations. A software based solution performs similar tasks but is installed directly on the workstation.
Both systems work well. Decisions need to be made based on individual dealer’s needs and budgets. Consult with your IT manager or your vendor when making this decision.
- It is STRONGLY RECOMMENDED to have a dedicated, secure, climate controlled room with a back-up power supply.
- vendor Service Level Agreement (SLA) for maintaining the appliance that includes:
- Configuration Changes
- Adding applications.
- Choose hardware that allows for future growth and also allows you to determine your capacity usage regularly.
- Different vendors provide different hardware solutions; therefore, if you switch vendors they may require the purchase of their hardware resulting in higher cost.
- You may have to contact vendor to configure the system to allow additional applications. This service should be included in the vendor SLA.
- In most cases the vendor should handle any changes or updates to avoid problems. To avoid conflicts with your business needs make sure your vendor has acceptable response time for service.
- Hardware-based content filters come with a factory warranty that will expired after a certain amount of time depending on the manufacturer. In some cases extended warranties may be added at the time of purchase. In either case once the warranties period has passed it will be difficult or costly to get service or support on the product.
- Systems that do not have properly upgraded operating systems can have compatibility issues. If this occurs review the help files or contact the software manufacturer.
- It is important to understand the length of the subscription and what is included in it. Look for a package that offers software updates in addition to the database files to ensure the product stays current. Some subscriptions will allow updates to a newer version if one becomes available.
- Ensure that the application cannot turn off by users at individual PCs by giving control of the software only to the administrator.
5.5 What are the things that a dealer should look for when considering any type of Internet Content System?
- Automatic Updates
- Centralized Administration
- Category Based Products
- Reporting Capabilities
5.6 What are common Internet search terms to use to find Internet Content Filtering information and vendors?
- Content Filtering
- Internet Content Filtering Vendors
- Content Filtering Appliances
- Content Filtering Software
- Internet Security Products
- Internet Filtering Hardware
- Internet Filtering Software
- Internet Solutions
- Computer Filtering
For more detailed information on this subject refer to Internet Content Filtering in the Dealer Infrastructure Guide (DIG).
The main issue with a network is that a limited amount of bandwidth is being shared with multiple users. If numerous bandwidth intense programs are being accessed simultaneously by individual PC users, bottlenecks can occur and slow the entire network.
The requirements for multimedia functionality will vary depending on the number of users and the desired applications. There are three things that need to be considered when determining your network needs:
- Bandwidth - How much bandwidth do the network multimedia applications demand and how much bandwidth can the network infrastructure provide?
- Quality of service -What level of service does the network multimedia application require and how can this be satisfied through the network?
- Multi-casting - Does the network multimedia application utilize bandwidth-saving multi-casting techniques and how can multi-casting be supported across the network?
In regards to a network, bandwidth has two components. Throughput which is the amount of information that can be transferred over a connection in a given period of time; and latency which is the amount of time it takes for a response to return from a request. Latency and throughput together determine the perceived speed of a connection. Video and similar multimedia products require high-bandwidth. When multiple applications of this type are running, a system can reach the upper limit of its bandwidth capacity. The result is more latency across the network, which can lead to all processes being slowed down.
Dealers need to be aware that some ISP providers will sometimes cap bandwidth of customers who regularly saturate their connections and the resulting bandwidth speed may be lower than the advertised rate. Because of this, a defined Quality of Service may be required for certain types of network traffic. Network customers and providers typically enter into a Service Level Agreement which guarantees the ability of a network/protocol to give guaranteed performance/throughput/latency bounds based on mutually agreed measures, usually by giving priority to certain traffic through the use of bandwidth throttling.
Dealers OEMs, and DSPs can work together to determine the best solution for individual company’s needs. Bandwidth solutions are available to accommodate most business requirements.
However, even if a network is designed to adequately address multimedia business needs there are outside factors that can strain the network. One area of concern to many businesses is the effect of access to entertainment, multimedia on the Internet. It is now common for sporting events and full length programming to be broadcast live over the World Wide Web. Allowing widespread access to these memory hungry venues not only affect employee productivity but network performance as well. Use of Internet Content Filters and Firewalls can alleviate the problem by preventing access to unauthorized sites and ensure that network resources are used for their intended purpose. For more information on this subject, please refer to the DIG (Dealer Infrastructure Guide); Chapter 6: Dealer Security and Chapter 8: Internet Content Filtering.
Most late model computers are designed to handle the requirements of multimedia applications. However, older computers with less than 256 MB of memory, a slow hard drive, and/or a dial-up connection may have problems with some video and graphic intensive applications.
Using multimedia applications involves some risk. Make sure that security software and patches are updated regularly to prevent viruses, spyware and other malicious intruders.
It is important to understand the length of the subscription and what is included in it. Look for a package that offers software updates in addition to the database files to ensure the product stays current. Some subscriptions will allow updates to a newer version if one becomes available.
A plug-in is hardware or software module that adds a specific feature or service to a larger system. There are hundreds of plug-ins. However, the most common are the ones that add video, audio, graphics, text display, and desktop search capabilities in various Internet browsers. Below are the most popular in each category:
Video/Audio: Media Player, QuickTime, RealMedia, Flash and IPTV Graphics: Shockwave Text Display: Adobe Reader Search: Google Desktop
Automatic updates are not always necessary. Some updates are created to add new features or to take advantage of new enhancements in browser and operating system technology. In these cases, if the lower version is providing the desired functionality there is no urgent need to change. However, upgrades are recommended when security and compatibility issues are involved.
There are times when an update will actually cause new problems. Because of this, it is important to keep track of what updates have been installed so any issues that arise can be resolved. Also, always check the OEM requirements for their software version requirements.
Active X is the next step in the evolution of the plug-in in the Windows environment. An ActiveX control can be automatically downloaded and executed by a Web browser and function similar to a Java applet. However, ActiveX controls are more powerful because they have full access to the Windows operating system which opens up the risk that the Active X control may damage software or data on individual PCs. To control this risk, Microsoft developed a registration system so that browsers can identify and authenticate an ActiveX control before downloading it.
Java applets can be written to run on all platforms, whereas ActiveX controls are currently limited to Windows environments.
It is not recommended for general use. Beta Software is pre-release software in the testing stage and, therefore, not all problems have been identified and addressed. Using Beta Software could damage your computer. However, there are times when pilot programs administered by internal IT Departments may be acceptable.
“Designing Internetworks for Multimedia” www.cisco.com April 10, 2002. April 15, 2006. http://www.cisco.com/univercd/cc/td/doc/cisintwk/idg4/nd2013.htm
Mike Ozburn “Setting Bandwidth Boundaries” www.wi-fiplanet.com. February 6, 2001, April 15, 2006. http://www.wi-fiplanet.com/columns/article.php/789191
“Browser Plug-Ins” www-rohan.sdsu.edu San Diego State University. May 20 2003. April 17.
“plug-in” www.webopedia.com. May 17, 2004. April 16, 2006. http://www.webopedia.com/TERM/p/plug_in.html
“Active X Control” www.webopedia.com. February 06, 2003. April 16, 2006. http://www.webopedia.com/TERM/A/ActiveX_control.html
“Comparison of latency and throughput” en.Wikipedia.org March 28, 2006. April 20, 2006. http://en.wikipedia.org/wiki/Latency_vs_Bandwidth
“Bandwidth cap” en.Wikipedia.org. April 19, 2006. April 20, 2006 http://en.wikipedia.org/wiki/Bandwidth_cap
“Quality of service” en.Wikipedia.org. April 24, 2006. April 24, 2006. http://en.wikipedia.org/wiki/Quality_of_service
|Specification||Cable Type||Maximum Length|
|10BaseT||Unshielded twisted pair||100 meters or 328.08 ft|
|10Base2||Thin coaxial||185 meters or 606.948 ft|
|10Base5||Thick coaxial||500 meters or 1640.4 ft|
|10BaseF||Fiber Optic||2000 meters or 6561.6 ft|
|100BaseT||Unshielded twisted pair||100 meters or 328.08 ft|
|100BaseTX||Unshielded twisted pair||220 meters or 721.776 ft|
The computer programs do not work correctly because the cable looses signal strength and may even become non-functional. Over allocating the cabling could result in errors on your network and loss of data during file transfers etc.
When determining where your server room should be it is important to understand how your dealership is going to be setup. Some of the things to consider are:
- Air circulation and cooling capacity available 24/7. It is NOT recommended to have your servers near excessive heat.
- Are you able to run cable under the floor or in the ceiling? If not how will you get your wiring to your PCs from the server.
- What are your room size requirements? Consider the server, monitors, cabinets, etc.
- What are your physical security requirements? Does it need to have a locked door, locked cabinets, etc?
- Are you implementing wireless technologies? Review the wireless section in the DIG for more information.
To understand if you need a router it is recommended that you review the detailed information in the DIG. Click on the link below to review the information.
It is strongly recommended that you implement a firewall on your network. The firewall can be implemented either at the internet connection or on individual PCs. Review the information in the DIG details around firewalls.
There six are basic considerations for selecting any add-on to a computer network. They are:
- Ease of Use: Is the device easy to install and run with little vendor support, or does it need an extensive Service Level Agreement?
- Reliability: Does the product have a history of problems? Has it received favorable reviews from IT professionals and unbiased magazines? What warranties and service contracts are available?
- Performance and Speed: How does a particular product perform in comparison to other similar products? How will it affect the speed and performance of the network?
- Cost of Ownership: What is the initial cost and what is the cost over the lifetime of the product. Some products that are the least expensive in the beginning can be come very costly when consumables and service issues are factored into the equation.
- Depth of Feature Set: What features are necessary and what features are available?
- Implementation Issues: What operating systems is the item compatible with? What other equipment does the device affect?
8.2 How do you decide what peripherals should be on the network and what peripherals should be connected to individual workstations?
Whether Peripherals are shared or not is dependent on traffic load and privacy issues. A shared network device needs to be able to accommodate the needs multiple users without having a negative effect on other network functions. Because of this, there are times when a network device is not the best option. For example, if an individual employee typically has a high volume of documents to print or fax it may be wise have a unit exclusively dedicated to his PC. This will cut down on network bandwidth usage and free up the community machines for other users. Likewise, if an individual employee handles sensitive data that should not be publicly viewed; she should have her own printer or fax.
The following recommendations can help you diminish security risks that are associated with printers and their output:
- Avoid locating printers in places where unauthorized people can view it.
- Emphasize to system users the importance of protecting confidential printer output.
- Include your physical security decisions regarding printers in your security policy.
- Schedule the printing of highly confidential output and have an authorized person stay at the printer while it prints.
- In some cases, employees that need to print a substantial amount of confidential and/or sensitive data should have their own non-network printer in a secure location. (See preceding question.)
All-In-One-Devices are great for individual users and small offices. Only select machines that have enough multiple user capacity.
It is important for business to have a device to back up the files on your server and an uninterruptible power supply (UPS). The UPS will help to prevent both hardware and software damage which can result from fluctuating power levels and will allow any equipment plugged into it to run on its battery for a short period of time in the event of a power outage. The backup device will allow you to make copies of important files, separate from the server or other computers, to safeguard your company against loss of data which could result from computer failures.
8.6 What are the BASIC characteristics to look for in back-up and an uninterpretable power supply (UPS)?
Look for the following in a Back-up and Recovery System:
- A product that allows all data and equipment to be backed up and does not omit certain file-types and machines.
- A product that has reliable schedules.
- A product that has reporting and comprehensive fault logging capabilities that alerts an administrator or user when something goes wrong.
- A product that encrypts the backup archive with a minimum of 256 bit encryption.
- A product that has bit-level validation.
- A product that is easy to use and allows for easy data back-up.
Look for the following characteristics in an UPS:
- Sinusoidal power output. In general, the closer the AC output of the UPS is to a sine wave, the better the equipment. UPS that use square wave technology tend to have problems with power surges.
- A manual bypass switch that allow you to pass power through the device if it is broken or being serviced.
- The ability to monitor how much power (or percentage load) the equipment is drawing, how much battery life is left and indications of the input power quality. Expectations for the power back can range from 15 minutes to 8 hours. If more back-up is needed, solutions that include a generator should be considered.
- The capacity to communicate with their monitoring software via a network connection and SNMP.
- Make sure the wattage of the device and the power source are compatible. Look for VA rating.
- A good support/maintenance contract.
Note: Make sure that the UPS or other equipment that should not be turned of is not connected to a power source, such as a switch, that can inadvertently or easily be turned off.
- Less Expensive Phone Service: there is significant savings over traditional services.
- Affordable Long Distance and International Calling: Long distance is included in most plans and international calls are at a nominal rate.
- Free Calling Features: including voice mail, caller ID, call conferencing, call waiting and call forwarding. VoIP users can have their voice mail messages e-mailed to them for easy playback and referencing. Also, consumers can adopt virtual numbers so local numbers can be created from remote places
- Convenience: Customers have the ability to track their call activity, manage voice mail, view billing information, and change account information online at their convenience – 24 hours a day, 7 days a week.
- Mobility: Most VoIP providers allow users to take their VoIP service with them anywhere in the world. With a high-speed Internet connection and the VoIP phone adapter, callers can place and accept VoIP calls from any location at any time at no additional charge.
- Some VoIP services don't function during power outages without battery backup.
- Some VoIP subscribers must manually enter their current address to be identified by a 911 dispatcher.
- Poor broadband Internet connections can cause call quality problems. Also, if not set up properly it will put a severe strain on network bandwidth usage.
Great care should be taken when choosing a VoIP provider. There are two key considerations that outweigh cost factors:
- Performance: VoIP services provided by cable and telephone companies run over proprietary networks and therefore have less data packet interference and may have fewer problems.
- Service: Many of the very low cost providers only provide customer service by phone. It may be wise to pay a little more to have technical support that is available to come out and diagnose problems on-site.
For more detailed information regarding implementing Network Peripherals on your network see the Dealership Infrastructure Guidelines
No. Because the VPN connection shuts down access to your local network so the possibilities of a threat are minimal.
Yes but only if their PC is already infected or if they are still connected to their network when they access the dealership VPN. With a computer virus there are a few steps that you can take to ensure that a user cannot intentionally or accidentally cause harm to your network. The following list will help to minimize issues:
- Require that all users accessing the VPN have up-to-date virus and firewall software.
- Only allow trusted (dealership personnel are providing password and login ID management) users to access your network via VPN.
- Require the use of reputable VPN software not “home grown” technologies.
- Require them to disconnect from their network when they connect to the VPN. The software help files or your vendor support can help with this.
This will depend entirely on whether the users are completely remote or onsite. Because a certificate has to be installed on the PC utilizing the VPN it may be hard for remote users to accommodate this. For these users it is recommended that you use a password based login. Be sure to use common password rules:
- Each user has a unique password.
- Do not share your password with anyone.
- Consider instituting a required password change every 30 or 60 days.
- Do use your first, last, middle name or anything common knowledge to others.
- Passwords must be changed every 90 days.
For your on-site users it is recommended that you use a certificate based system. Check with your vendor for further details on how to implement this.
For more details regarding VPN review the current DIG document.
To find out all the information that you need to protect review the document posted at
I have completed at least the minimum requirements to be compliant
No. However NADA has taken steps to help address these issues. For more information go to
10.4 Why don’t I see more detailed information in chapter 4 of the Dealership Infrastructure Guidelines?
Because the detailed information relating to laws can change rapidly the DIG is only published every 6 months.
- First, insure the security and confidentiality of the dealership’s customer information.
- Second, protect against any anticipated threats or hazards to the security and/or integrity of the dealership’s customer information.
- Third, protect unauthorized access to or use of the dealers’ customer information that could result in substantial harm or inconvenience to any customer.
For more information on this and other areas of dealership infrastructure, please download the STAR Dealership Infrastructure Guidelines
There are various wiring and wireless options that you can utilize based on location, usage, etc. It is highly recommended that you review the wireless section of the DIG to understand the alternatives available and what you will need for each solution.
DIG Wireless chapter
11.2 How can I find more information about a complex IT infrastructure that is not mentioned in the DIG?
Your technology vendor or IT specialist could research the information you need through various internet sites and documents. However is it strongly recommended that you consult with a reputable IT consultant to get the necessary information you need.
An important step you should take before contacting an IT consultant is to collect some necessary information for them. This will help them make reliable estimates of your needs and it helps you to understand what your needs are. Some of the items you should document include:
- How many people will be accessing the network?
- Are there any remote users?
- What types of peripherals will be attached to the network (printers, faxes, etc)?
- Are there any dealership personnel that require privacy for their documentation and documents.
- What computer applications will you be running?
- What do you currently have in place (server, PCs, etc)?
- What is your maximum budget you can spend?
- Does the IT vendor offer a Service Level Agreement (SLA)? (see SLA information in the DIG for details)
- Write down questions you have before hand so you don’t overlook them.
- Will there be multiple locations?
- Do you have any future expansion plans in place?
For more details see the appendix in the DIG.
This information is discussed in detail in the Dealership Infrastructure Guidelines.
NOTE: You will need a router if you are utilizing wireless.
There are two types of encryption WEP and WPA. WEP - is a scheme that is part of the IEEE 802.11 wireless networking standard to secure IEEE 802.11 wireless networks (also known as Wi-Fi networks). Because a wireless network broadcasts messages using radio, it is particularly susceptible to eavesdropping. (wikipedia.com)
WPA - is a class of systems to secure wireless (Wi-Fi) computer networks. It was created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. (wikipedia.com)
SSID – Service Set Identifier – Make sure to change this immediately and often. It is not recommended that you broadcast your wireless unless you are running a free dealer hotspot. See your product vendor for more details.
It is recommended that you utilize the extra security of the MAC address. This does require that each item that is going to access the wireless point has a MAC address assigned to it and that has been entered into the wireless connection point. This does increase setup time but it will help to reduce the possibilities of a hacker accessing your network.
This depends on several different factors, your internet connection speed DSL or Cable. What type time, amount of usage etc. Typically around 8 people per point can access but you will need to meet with your IT professional to obtain optimal placement and usage for each point.
This is NOT recommended. If there is a need for customers to gain access to the internet it is recommended that you place a wireless access point that is segmented from your network.