IT Strategy (infrastructure)

Posted on 2005-05-03
Medium Priority
Last Modified: 2008-03-10

Need your expertise on some IT strategy or infrastruture (Advice).

Our company has three different location as in Singapore, Malaysia and Thailand and each country has their own set of network and server. These 3 locations currently are not linked.

Meaning to say, each country has their own exchange server, SQL server and a domain controller.

Is there any good IT strategy that i can adopt (implement) so that i could have more cost effective and simple ways to manage these locations.

Is there any strategy and technology i could get in the market?

Please help!


Question by:whsean

Expert Comment

ID: 13916174
well. why not using the INTERNET to link them together
lets say if you keep SQL server in Each country to store temp records and at specific time they connect to the internet and upload all the temp records to a Server located on the internet to be saved permenently
this way you can improve your work as well to be able to make a web based application for read/write records later on if its neccery
LVL 27

Accepted Solution

pseudocyber earned 560 total points
ID: 13916622
You could use a Virtual Private Network (VPN) over the Internet to link them together.  I would recommend some kind of reduncant solution such as two different Internet Providers for each location.  You could advertise each location's network with BGP so that it could be reached via either provider.  Then you could have your VPN tunnels running and connect each location virtually.  On your servers and your network equipment, you could connect Terminal Servers which could be reached via IP so that you could remote console to any server, network box.  You can do this with Windows, Unix, or Network Gear such as Cisco or Nortel.

Hope this helps.

Expert Comment

ID: 13917110
I agree with pseudocyber, not sure if this is what he ment, but...

I would have the VPN connections connect to a central location. Like the office your at, if you are going to be managing the network.

This way you could replicate the SQL servers to a central office, thus if you need to restore you can do that remotely from the central office.

Everything he said is right on the money...

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

LVL 27

Expert Comment

ID: 13917135
A "hub and spoke" would work - but I was thinking with 3 locations of doing a "full mesh" - a triangle.

Expert Comment

ID: 13917230

Yes and no, I think we need to know if he wants each location to have access to the other locations... We have manafacturing plants in each of those contries also, and there is no way we want them to have access to each other. It would be very bad...


LVL 27

Expert Comment

ID: 13917253
Hmm.  OK, well given the specs of "more cost effective and simple ways to manage these locations." that's what I was recommending.    Also, there's no indication as to which is the Headquarters - where a hub would be.  The question sounds like all three sites are equals.

As far as limiting access, there's no difference in topologies between hub and spoke and mesh.  It's a matter of access control.  If that's important, then a centralized hub with the other two connecting in with ACL's or Firewalls in between perhaps.
LVL 26

Expert Comment

by:Leon Fester
ID: 13917297
Same as what pseudocyber said.

Your ultimate solution would be a VPN, here some people would disagree about Terminal Servers connection, and suggest that you rather have Leased Line connections. Depending on your Company budget, data security concerns and such, it may decide that it would be a safer option, to use Leased lines. These are fixed digital lines that you're Company would lease. Here cost is a factor, but unlike the Internet you will not be governed by other peoples Internet traffic.  Your local Telecommunications provider should be able to assist with cost and other options. Generally when looking for a wide-area VPN solution you need to consider the impact of other traffic and the sensitivity of the data being transported around the Network.

Another problem that you'll only realise, usually too late is that your ISP generally won't manage your Internet Connection. Your Local telecommunications company should have a solution that offers you management of your link, with a guaranteed uptime. Another reason to choose a leased line is also, should something go down, your ISP is gonna be dependant on his upstream provider as well as the local telecom co, to assist and suppose. But since they do not own any of the equipment or line,(remember most ISP, rent bandwidth from the local telecom co's), they can't do much. If you've got a manage Leased line option from your Local telecom company then you have a binding contract for them to ensure you network availbility.

Personally, my suggestion, is that if it's just for site support, and not mission critical data. Then you can use the Internet.

For anything of a sensitive nature, then explore the local telecoms offerings for managed leased lines.

Your final solution would incorporate a site-to-site VPN that triangulates all your locations,i.e. Location 1 links to 2&3, location 2 links to 1&3, location 3 links to 1&2 will ensure that you have redundant links. Using the VPN to create two-way trust between the locations so that if Site 1 trusts, site 2 then automatically it will trust site 3 since site 2 is already trusted. This ensures passthrough authenication to the other remote sites.

And if this doesn't help....then I'm gonna bill you for plasters, 'cos I just typed alot :)


Expert Comment

ID: 13919569
As stated above, VPN is the way to go.

We have a similar situation to you - I have offices in Aus, Singapore, Europe, USA etc....all linked via Cisco VPN products. I manage centrally and can allow or deny access from any site to any site.

I would look at a Cisco PIX maybe as you only have 3 sites. You can do PIX to PIX sessions easy enough on the PIX so traffic goes direct from site to site - if you want it to.

There are loads of sample configs out there for Pix's.

LVL 10

Assisted Solution

plemieux72 earned 560 total points
ID: 13951393
...and if you need to have multicast traffic over the VPN, use GRE IPSec tunnels like in a DMVPN:

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

755 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question