Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.
Connecting two offices in San Diego and Las Vegas: VPN the solution?
The Situation: I have two offices, one in San Diego and one in Las Vegas.
The Problem/Goal: Get the two offices connected together in a way that resembles a LAN. Basically if you're in the Las Vegas and use a network program such as Timeslips, you can run the program from SD without ever realizing the server is about 400 miles away. Also so that the IT person can manage the users like they are all in one local network. And, since the server in San Diego has mapped network drives to store globally accessable documents, have the employees in Las Vegas save to the network drive just like it was on the local network.
The Proposed Solution: Get two VPN/Firewalls and place one in each office. Set up those VPN/Firewalls so that whenever a user logs into the local area network, they can also communicate with the local area network in the other office as well.
What I need to know: What kind of internet connection does this require (if sending small files such as documents and slips from Timeslips)? Is the setup too complicated for a DIY project? The pros/cons? And other solutions that can resolve this problem.
The Problem/Goal: Get the two offices connected together in a way that resembles a LAN. Basically if you're in the Las Vegas and use a network program such as Timeslips, you can run the program from SD without ever realizing the server is about 400 miles away. Also so that the IT person can manage the users like they are all in one local network. And, since the server in San Diego has mapped network drives to store globally accessable documents, have the employees in Las Vegas save to the network drive just like it was on the local network.
The Proposed Solution: Get two VPN/Firewalls and place one in each office. Set up those VPN/Firewalls so that whenever a user logs into the local area network, they can also communicate with the local area network in the other office as well.
What I need to know: What kind of internet connection does this require (if sending small files such as documents and slips from Timeslips)? Is the setup too complicated for a DIY project? The pros/cons? And other solutions that can resolve this problem.
Who is Participating?
Many companies have found that this is quite competitive with leasing a WAN connection between the two sites, especially if they also both need to have Internet access.
You'll need a static address on each end, and it will be helpful to have someone at the toher end when you're trying to go live, so you can test and adjust as necessary. On some models, it's as simple as giving them each the other's static address and a shared "secret" (password/encryption key).
You'll avoid some problems if your private ranges at the locations don't overlap. You may find it helps to have a WINS server at each site, configured to synchronize with each other.
You'll need a static address on each end, and it will be helpful to have someone at the toher end when you're trying to go live, so you can test and adjust as necessary. On some models, it's as simple as giving them each the other's static address and a shared "secret" (password/encryption key).
You'll avoid some problems if your private ranges at the locations don't overlap. You may find it helps to have a WINS server at each site, configured to synchronize with each other.
https://www.iswest.com/index.html
Check them out, top notch quality and they will be able to help you figure out your needs.
Check them out, top notch quality and they will be able to help you figure out your needs.
DIY = Do It Yourself
New restrictions: We already have two ISPs at both ends so the leased lines won't work. Plus, they're too expensive. If this is installed, will it affect the two LANs at all right now? This project needs to have minimal downtime and we're not looking to reconfigure every single computer on the network. But if it is necessary, we might as well have a pro come out and do it.
New restrictions: We already have two ISPs at both ends so the leased lines won't work. Plus, they're too expensive. If this is installed, will it affect the two LANs at all right now? This project needs to have minimal downtime and we're not looking to reconfigure every single computer on the network. But if it is necessary, we might as well have a pro come out and do it.
MY advice, since I have never done anything like this, is to call and pick the brains of the people at iswest and see what they have to offer. Never hurts to ask.
Why not have a private network between the two offices? It would be easier to configure since you don't have VPN crap to go through. And if it goes down, you just make a phone call and someone else gets it back up and working. BTW, my last company had 56k connection at doctors offices through the phone company on a private network. All of the Internet traffic came through our office's firewal also so we could monitor the network. To me, a private network seems less troublesome than all of the VPN headaches if you have never done it before.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
Don't really know what a DIY project is, but it can be quite simple. You can use a simpel Linksys router to create a Tunnel between both locations, but if you want to do it right, choose to have Cisco routers and make sure they have tunneled encryption (kinda like VPN, but's it transparant to users, they don't need to do anything).
The kind of lines you need is quite hard to say. The site that needs to send files (and not only receive) needs to have an SDSL connection in stead of ADSL (SDSL has same up and down speed). This setup isn't really complicated, only thing is you need to create the tunnel between both Cisco's (which is quite hard to do). Bute they are cheaper to buy than Pix firewalls (or something like that)..