I'm no longer working from home and just started in a new office. I'm paying extra for a static IP so I can bring in my home server (mainly file storage, nothing served external) and I also have three peripherals (Two computers, one fax/copier/printer/scanner).
I need to buy some device, preferably a firewall type device, where the external port comes into it, then my server and three other devices are DHCP'd into their own workgroup.
Cisco load balancing firewall with VPN ability, colo the server in a DC and setup a vpn tunnel between. Unless there is alot of traffic between the server and the users that would satturate your internet.
You could go for a static IP but you usually need a business DSL/Cable account to do that which is priced much higher then normal. I favor doing a cable and dsl behind the load balancer so you have failover and additional capacity. No static IP needed and no business account needed.
There are many differnt ways you can setup, just do it the way that works the best for your use and grab a switch that graphs each network port on the network so you know whos raping your bandwidth when they do because its going to happen.
██ COLO@ Colocation. Perfected.
██ Atlanta - Dallas - Phoenix - Weehawken - Los Angeles - Chicago Total Server Solutions - Servers - US Based Support - Server Management
The above recommendations for devices you can purchase are pretty good (Watchguard makes pretty decent firewalls, had direct experience with them), but a bit expensive for my taste. If you want to do things on the cheap, grab a box you have laying around, slap a NIC or two in it, and install m0n0wall or pfSense (the latter is based off of m0n0wall). Both great firewalls, I've personally used m0n0wall extensively and it's done pretty much everything I've needed it to do. Best of all, both are free =)
One way you could hook it up:
Net--->NIC1---NIC2--->L2 Switch (don't need anything fancy here)--->Devices
If you decide to go the software-firewall route, make sure to read through the docs of the firewall you'll be using; you'll be surprised at the flexibility and possibilities these projects offer.
I absolutely second doing MRTG if possible, but you'll need a managed switch past the firewall for that (by far the easiest solution). You can get HP ProCurve 2524s for pretty cheap these days, 100mbit 48-port and solid as hell; they'll do MRTG. Would probably be overkill for a small office setup, sure, but it's always nice to have =P (helps avoid huge ISP bills if someone somehow hacks your server and makes it part of a botnet).
I second pFsense. I use it here at home and its great. It FreeBSD based. Untangle as mentioned earlier is really nice. Unfortunately I was not able to install it to test it. Also Astaro is another software firewall applicance you can use. I have pfsense running on a P3 1GHz with 512MB of ram and it's running very nicely. You are able to set up proxy server, web filtering log all chats with IM's, you can see all connections etc. You can see/do much more with this then a dlink/linksys router.
Best part pfsense is free, and you do not need a high end PC to run.