Solved

New Network Setup ---- Your Thoughts.........

Posted on 2004-10-04
8
240 Views
Last Modified: 2013-11-30
Good afternoon everyone.  I am pretty new here and some what new to networking so forgive my ignorance on some of these questions.  I've just been assigned the wonderful task of designing and implementating a new project that will connect 4 different sites country wide.  Here is the concept.  There will be a main datacenter that will be the file repository of all the engineering files from all 4 sites (acutally another topic in the storage forum :) ).  Each site will have its own file/application server that the companies will use to analize their own engineering data.  Once the analizing is done, then the data will need to be replicated back to the datacenter for storage and future analization/collabration.  One thing to remember, is that each company has access to the network already and has been assigned different IP's  So, the stump factor here is how do I setup the network and/or servers to accomplish this?  Would I have the datacenter server act as the AD server and then just have the other servers join the domain through their existing network even if thats possible?  Or, do I need to buy a class C lets say or a block of IP's so that all of the servers are on the same ip string?  The other stumper is that each site will have 4-5 local computers that will need to access the local server.  So do all of these servers need AD loaded on them and the clients then log into their domain?  Its almost like a AD question but need help on the networking.....Was so use to the PDC / BDC thing and then MS has to go and do this to me :) ... tks everyone in advance.... hope this wasnt too stupid  :)...

0
Comment
Question by:D00Dness
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 2

Accepted Solution

by:
etracsupport earned 500 total points
ID: 12220923
Well first it I need to know How your WAN is designed. I would recommend some type of VPN solution to connect the sites together. Which can use there existing conncections to the internet. No all of the servers do not require Active Directory although it is extremely recommend having at least two servers with Active Directory & DNS for redundancy. But considering the scenario I would also recommend having at least 1 Domain Controller per site.
0
 
LVL 6

Expert Comment

by:JRaster
ID: 12220954
Do you currently have 4 physical locations that all have thier own network that need to connect another location (sight 5)?
0
 
LVL 6

Expert Comment

by:JRaster
ID: 12220964
Ment to type (site 5)  =)
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12222628
I would have the main data storage site be your (primary) domain controller, by this I mean it is the global catalog holder ie the first DC in active directory.  Then add each of the other servers as (child) Domain Controllers and you want to run DHCP and DNS from each location.  This way if you have internet trouble, your users can still log in and work =)

As stated above connection between the Sites depends on your connection, are you directly connected to each site, or are they going through the internet for connection?  A VPN is a MUSt for network connections transfering sensitive data across the internet.  You want to get a firewall or router at your main site that can handle at least 5 site-to-site VPN's and each remote site only needs to handle 1 site-to-site VPN.  You only need a couple of "live" IP's at each site, you don't need a full class C.  and if you can avoid it never assign your data server a LIVE IP =)


0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:D00Dness
ID: 12226569
To all -- Thank you for your response......Just got some more information this morning.  It seems that this netowrk will be a closed network and will not be touching the internet at all.  Think of it as an research and development network.  It has the basic setup as the internet but it never touches it.

@ JRaster -- Currently I have 3 sites remotly and then the datacenter making 4 sites all together....

@Mazaraat -- Understand about your first paragraph... Setup the datacenter as the main DC and then each of the other 3 remote sites set them up as Child DC to run DHCP and DNS off of from those locations.  Correct ?  Second paragraph -- We are not directly connected to each of the sites.  Each site can 'connect' to the RDT&E network, just like a user connecting to the internet so their connection is already established.  What I'm getting from everyone so far is eventhough this is a 'closed' network envirnoment, I might consider VPN?  

@ etracsupport -- TY

To add more confusion to the pot, it seems that there will be 4-5 workstations at each physical location.  I want to thank you all for the good information... I'd like to get more information / solution if possible.  If anyone has an IM program, please let me know if i can 'bug' them :) .. tks much....

0
 
LVL 2

Expert Comment

by:doswell
ID: 12227860
Ok, my first thoughts (brief);

1) Use a VPN to connect each of the sites together with the main data centre site, this will reduce any connectivity and possible security problems with connecting separate sites together. The VPN can either be setup via internet (which from your previous post is not an option),  Or setup a new network to the datacentre using ADSL/ISDN/T1 private conections (depending on required speed/cost) and firewalls between clients/datacentre (you can never haver too many firewalls ;) )

2) Setup a new domain at the data centre, use trusts to the client networks. Since each client network most likely has their own domains already in place, one way (or if neccesary two way) trusts - This depends on how access will be done. If only dedicated workstations will be using this domain then child domains (as mentioned previously) would be a better idea. The use of child domains also provides extra security between sites (since there are only trusts between the parent and child domains and none between each child by default) . One server at each site acting as a child DC with any neccesary services running on it.

0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12228586
After rereading your second comment I gathered that you should use VPN connections from site to site (site A router maintains a VPN connection to Site B router).  If they aren't directly connected the VPN is a must for security reasons.  Creating the VPN at the router level will allow all the computers at each site to utilize the VPN tunnel so the number of workstations isn't an issue.

Happy Networking!

0
 

Author Comment

by:D00Dness
ID: 12228633
Thanks again for all the replies so far....I am going to setup a mocc lab using Virtual PC to see how to do all of this..... I'll keep you posted... Thanks again and keep it comming.... :) .....
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

VM backup deduplication is a method of reducing the amount of storage space needed to save VM backups. In most organizations, VMs contain many duplicate copies of data, such as VMs deployed from the same template, VMs with the same OS, or VMs that h…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now