Hi,
Security is very new to me so please be patient. Corrections are always welcome if I am not conveying correctly.

There is a small office on a small network (8 computers/1 NT server) that will be getting a T1. They will be using certain for data and certain channels for voice.

The company that is doing this initially informed me that they would be using a Cisco 2600 router so I looked up the router and there are many available security features with IOS v.12.

Well I just talked to the technician and he explained to me the only availbe security features will be NAT (which I understand that this means the entire network will hide behind 1 address and Packet Protector (Is this packet filtering or if not what is that?) So if this is packet filtering is this good enough even though I read that this still leaves vulnerable to spoofing.
I was told that the cisco router was actually not the actual 2600 but a derivative that was provided by cisco. (?) They said that no more security features could be implemented on the router anyway because it would mess up the voice over.
How much damage could spoofing do? If only to the router then that would be thier problem so it wouldn't be a concern.
The main concern is keeping someone out of the network (i.e. from tampering with the network).
So I know nothing is impenitrible but is this good enough to keep people from accessing the network?
If not what else should be done?

Thank you very much for your insight.

Have a nice day.

I'm not technically proficient enough to answer most of your questions but I can tell you this. If NAT is the only thing running you will want to get a firewall to run behind it. You might want to look into getting a copy of something like Checkpoint or some other decent firewall to protect your network.

You have the correct idea of what a NAT does and yes if people can run any attack on you could be in deep later on. Get a firewall to sit behind the router and make sure the machine it is on has all the latest security updates from the OS maker that you update on a continual basis.

Thanks for the info.

Get a Sonic Wall firewall.
<a href="http://www.sonicwall.com/" target="_blank">http://www.sonicwall.com/</a>

I'm withquiet thunder. My sonicwall helps me sleep at night......!

<steps on soap box>

Security is really one of those things that just “Depends.” NAT is Network address translation and really it just “Translates” from a public network to a private network. This provides no other security than hiding the IP address. This doesn’t prevent viruses from entering your network. There is really no one way or one solution for security. You have to start at the machine with anti virus software and group policies. Then move from there. I would suggest that you get a firewall. Your network should be fine with something small like a Netgear or Linksys router. These devices provide the ability to filter certain traffic at the firewall. Some of these devices can even filter the individual users from getting out to the internet or using ports like FTP or HTTPS.

I hear many people say things like, “I don’t have anything on my machine that a hacker wants.” I don’t either but I don’t want to spend 5 hours reloading my entire machine because some script kiddies deleted my system files.

<steps down/>