A friend of mine works at a school that is part of a member/community based ISP and I am trying to understand the security risks that could stem from it. My main curiosity has to do with the connectivity between different schools on the network.
I'll share the information that he provided and try to get this to make sense:
The ISP provides access to the Internet using ring topology
There are several different organizations (I think just schools) that are part of this state-wide community that are, as they describe, "on the same network 'loop' built by that provider."
Traffic between the members is not on the public Internet.
The members do not share public IP space and maintain their own firewalls and VPNs.
I believe the primary purpose for them using this is to essentially function as a National Research & Education Network
My question is, could one member be a risk to another member if they experienced a breach or malware that spread over the network? (Example: Say School A has a virus that is spread over the network, wouldn't it just be able to move to School B or School C part of the same network?) When he brought this up to me it seemed like it could be a huge risk area and it got me thinking.
submitted by /u/Envowner