Three location networking solution.

I am needing to recommend a basic networking solution for a physician working from three different offices.  The starting point is PC's and broadband connections at each location.  He has basic needs for sharing scheduling and perhaps billing applications.  What would be a robust but cost effective (not expensive) solution to get him started.  Thank you.
Who is Participating?
Since he has broadband at each location, I'd put something at each that can do VPN across the Internet to the other(s).  (This could be a Windows server running RRAS, a Cisco 30xx VPN concentrator, or a small firewall with VPN feature.  The latter is *probably* the best fit for price, capacity, and ease of installation, and with HIPAA he needs firewalls anyway.)

Each location should have its own range of private addresses.  For instance, Office 1 could be 192.168.10.*/24, office 2 could be 192.168.20.*/24, and office 3 would be 192.168.30.*/24.  I've deliberately avoided suggesting 192.168.0.* and 192.168.1.* because these are popular and/or default choices which you might come into conflict with somewhere down the road.

With the VPN boxes properly configured, it will look to clients like all three networks are hooked into a single central router.
Although there are many, there are two practical answers; in both cases, there should be at lest one system acting as a server (i.e. turned on all the time, connected all the time)...

So we might expect our physician to select one of the three locations it the main office (or so called Headquarters in network diagrams) and place server on that location. This is commonly the location he spends most of his time, as he would have direct access to the systems, without network delays on most of the time.

The term "server" means a system serving other computers and this can even be a desktop PC, standing on the table that he/she normally do the work when at that location;

Well, let me make the story short; two alternatives;

1. Use terminal services or RDP; if the "server" we mentioned is a Windows Server operating system Terminal Services might be a solution as it is scaleable. However, as you didn't mention about possible further users and the cost is and issue, s/he simply leave the Windows XP computer turned on all the time, with Remote Desktop (under right-click my computer/remote) and connect to that PC remotely from other locations to do the work.

2. If things a bit larger and we have a kind of network in the main location, VPN might be an alternative. VPN provides an authenticated and encrypted tunnel till the local network and depending to the configuration may let the end-user feels like s/he is working as if in the local office.

Please note an important point, in both cases, the main office we mentioned needs to be a considerable "upload" rate. So I would consider possible symmetric bandwidth solutions instead of asymetic ADSL options. It is ok if you have 8/1Mbps but, 2/256 M/Kbps might be a bad option depending on the application.

Hope this helps,


To add on to Penngwyn's advice.. I've done about 5 physician practices in the last 12 months, and it's not too difficult.

1. Try to get the number of users involved in each location, that way you can figure costs of hardware.
2. Try not to be too cheap on the workstations, they'll only break down quicker.  If cost is that important, the Dr. can always lease the equipment.
3. Push for the dedicated server.  This will help facilitate future needs such as an email server, etc...
4. The main office as suggested by Cagri should have a faster connection.  Best way to do this is to have the Office Manager work out a "bundle" with a local Data/Telecom provider.  Get a T1 line and phone lines can be "peeled" off the T1 for phone service.  This is cheaper than getting seperate lines from the phone company.
5. Make sure you have a firewall... does not have to have VPN built in as Windows Server can handle that for you.  Also, Firewalls with VPN solutions are usually at a per user cost, which could become expensive.  VPN will work better than Terminal Services.. The licensing costs for TS will drive the Dr. out of business.
6. The remote offices should all have adequate broadband connections.  All workstations would VPN into the Main Office to access data.
7. Make sure that you have followed through with all his software vendors that their applications will work over LAN/WAN connections.

Good Luck
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
I too have setup some doctor's offices and mortgage companies for this.  If you want a very cost effective solution with a minimum of administration, here is what I have found works quite well.

You can setup a Server at the main location, or how about a Windows XP Professional Workstation.  It will handle 10 connections if your needs are that small.  On the cheap, your server could be no more than a nice workstation with a built in RAID controller, ASUS is great for that).  So you could do a RAID 1 mirror with a couple of IDE drives and use a DVD-RW and a neat little program called Second Copy 2000 to do nightly backups to the DVD-RW.

Now, for connectivity, I have been using DSL or Cable.  In either case though, spring for the few extra bucks for a Static IP at each location and increase the bandwidth to the highest tier.  Where I am on cable that equates to 768k upstream and 3mb downstream.  To connect the locations, you can use a Symantec 100 VPN/Firewall appliance.  Each will run you about $350 and they will connect to each other via Gateway to Gateway VPN's.  No extra cost or client licenses to buy.  That can be up to ESP 3DES SHA1 encryption with automatic rekeys, so it will comply easily with HIPPA requirements.  You can also set them up to accept RDP (Remote Desktop), PCAnywhere, etc.

Anyway, that's it.  Easy, simple and very cheap.

For companies with less than 75 employees running Microsoft software, an entry-level server from your preferred vendor, running Small Business Server 2003 and a backup solution would provide the employees with MS Sharepoint Services for document, forum and general collaboration, Exchange email with Outlook and easy administration via remote access VPN and RDP.  The server would host the user accounts through Active Directory (AD) and therefore centralize administration.  For data backups, I'd suggest a separate NAS appliance.  This way, you never have to change tapes or other media like CD/DVD rewritable.  The SBS 2003 solution is also very affordable considering all you get with it.  Finally, find a solution to easily restore the SBS server if something happens to it.  If someone has ideas and thoughts on this, I'd like to know.

Like suggested above, site-to-site IPSec VPNs tunnels between the different locations would securely connect each private network using the existing public Internet DSL connections.
Becareful not to go on advice given here ONLY ... verify with your vendors that you have adequate licensing.

Microsoft Small Business Server comes with 1 software license to install the product and 5 CALS. (Client Access License)  You will need 1 CAL for each user connecting to the server in order to comply with Microsoft Licensing Rules.  As an example.. a 10 user CAL for SBS runs about $950 at CDW.

Make sure you inventory all users and needs before building this network.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.