Solved

Branch Office File Replication or LAN type speeds to WAN files

Posted on 2006-06-20
12
866 Views
Last Modified: 2008-01-09
This is my first question on ee, so please bear that in mind as we move forward.

First, a brief overview-

The Network:

I have one central set of servers here in our central office (lets call them Chicago1 (file server), Chicago2 (email server), Chicago3 (terminal server), Chicago4 (backup/scans/console/printserver).  All of my servers run MS 2003 Server (Fully updated, release 1).  

I have several branch offices with NO remote servers.  Lets call the branch offices Oregon, Minnesota, California, Florida, Oklahoma, etc etc, you get the point.

Each office (branch and central) has 2 T1 lines coming into a Cisco 2800 series router that also provides a permanent VPN tunnel between them all.  Some smaller offices may just use a PIX for this, but that isn't the issue right now.

I have 100 users, which will be expanding to 200 quickly, most of which are in these branch offices, and most of which are constantly-on-the-road laptop users.

For file sharing and backup to our central server, we use group policy to redirect and sync mydocs and desktop folders for each user.  Each user has exclusive rights to their mydocs/desktop, which is located on Chicago1 and synced via offline files to their laptops.

We also use mapped drives back to server shares on Chicago1.  These are not persistent (they are used via group policy set logon script) and not synced.  Users must be in a branch office or connected to the Cisco VPN software back to our Chicago office to get these mapped drives.

The issue:

After many registry tweaks and QoS hassles the branch offices are "ok" as far as mapped drive file browsing, and offline files synchronization.  However it is still not satisfactory.  To open, for instance, a 1.5mb excel file on the K:(mapped) drive takes longer than my branch users are willing to tolerate.  When they are in the Chicago office, however, they open the file without complaint.

When someone from marketing opens a large PDF file (60 megs or so sometimes) or a large powerpoint (20 megs or so sometimes) it might take 10, 30 mins, or sometimes an hour or more to open.  

I realize that this is a limitation of bandwidth/dropped packets/everything else, involving the WAN.  

The question:

I have looked into many solutions, such as MS Server 2003 R2 with DFS and/or FRS, Cisco WAFS, and various other "High Availability" and "File Replication" solutions by third parties, but none have really satisfied me.  The MS solution does not have write protection, so would only be useful for the mydocs/desktop redirection, but the hardware, licensing, research, and setup time and costs are all too high.  Most 3rd party solutions are only for Desaster recovery, or are Citrix type solutions I do not want (and I'm trying to get away form Terminal Server for everything except our financial software, which is dictated by higher ups).

The Cisco WAFS seem promising (but most hardware seems to be reaching end of life), but even after reading whitepapers and data sheets, I'm still unsure if they are right for me.  This is where I am leaning, but would its myriad of QoS and prediction things do the trick?

So the question really boils down to, how can I get as close to LAN speeds, on WAN accessed files, from a central server, and have these central files be available and write protected, in several locations at once?  And how can I do this with minimal dent in my IT budget?
0
Comment
Question by:DEoff
  • 6
  • 4
  • 2
12 Comments
 
LVL 9

Accepted Solution

by:
NYtechGuy earned 500 total points
ID: 16956043
DEoff-

I think Citrix is a great solution, but if it does not work for your environment and you must do it this way you have to optimize your WAN connection.

I've seen these products in action, and frankly they are AMAZING.  The packeteer iShared may be your best bet, but the HP has a lot of nice features.

If you can throw your weight around a bit, get a demo device from each company and see which you like best.


Packeteer - Packet Shapers & iShared Devices
http://packeteer.com/products/

HP Wan Accelerator
http://h18006.www1.hp.com/products/storageworks/efswanaccelerator/index.html

0
 
LVL 18

Expert Comment

by:carl_legere
ID: 16959001
My advice is each office needs at least a local server, and use DFS.  R2 is not necessary, although it gives you more tools for managment of DFS.  Tell managment it adds to the redundancy.  Reliance on backups become a thing of the past when you use several geographically separate servers, different ISP's and DFS/FRS.  You and your users will have access to at least as many replicas of data as sites you have, plus VSS copies.

Microsoft does not offer write protection... what do you mean by this?

You have insufficient bandwidth to expect so much browsing and over the wire file access.

The other way to do this without all that hardware is to switch to a 2000 terminal server based system.
0
 

Author Comment

by:DEoff
ID: 16959672
NYtechGuy,

Thank you, I will be looking into those products and possible "proof of concept" demo's over the next few days.

Carl,

The drawbacks I see to remote file servers are remote maintenance, as well as the write protection.  What I mean by this is, in the MS whitepapers I have studied, there is no write lock if a person in Oklahoma gets on a file on the K: (mapped) drive, and changes that file, and a person in Chicago does so at near the same time.

That person in oklahoma is accessing the file on their branch file replication server, while the chicago user is accessing the central file server (as are people on the road).  They both open it with no problem (I don't feel like hunting down the article again, but it's in technet somewhere, or possibly in a channel partner area, im not at work right now, but could quote the printout when I get there).  However when they save the file, the last person to save (the latest timestamp) actually overwrites the first person to open it, because the FRS/DFS system does not recognize to lock the file on both servers as if it is the same file.

As for bandwidth.  Actually, traffic tests show that currently, at no site, do we reach peak bandwith during normal operation.  

Also a file server, with setup and even minus maintenance time and cost (points of failure at each site are OS, many different hardware parts, etc) is more expensive than these WAFS type devices.

Terminal server does not solve the nature of our highly mobile workforce, at any given time 10% of our workforce is on a plane, and 25-50% of the time they are out of their main office.

I need to be able to provide good "hub/docking" sites, where they can expect to come in and get work done, for sure, but I also need some sort of WAFS or DFS no matter what, so that they can quickly (within an hour) sync their files locally, somtimes up to 2 gigs worth of new files.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 9

Expert Comment

by:NYtechGuy
ID: 16959754

DEoff-

I understand your situation a little better and see why DFS remote servers and/or citrix won't work for you - understandable.  

I'd like to stress my point again that the devices I have mentioned I have seen tested side-by-side with a standard WAN connection and they were SO much faster, and intelligent.  They got faster as time passed and more files were opened, caching redundant information at a low level (ie changed bits within a large file, etc) and serving it locally the next time.  This is especially helpful if your users are touching a lot of the same info again and again (templates, documents) and also speeds application/data access signifigantly.

best,

Justin
0
 
LVL 18

Expert Comment

by:carl_legere
ID: 16963217
re: file locking; ok I agree, however why would this happen?  Why would your file structure have even the slightest chance that a users's files be overwritten by another user?  My philosophy is to not have this happen via the way the heirarchy is setup.  To me that just means it is inappropriate for something like access database.

Agree the dedicated hardware solutions are very nice, however at 25k per box.... expensive.  How many boxes are needed?

0
 

Author Comment

by:DEoff
ID: 16963336
The Cisco WAF 512's will run me in tune to 5k, not 25k.

I have not looked into the solutions provided by Justin above, yet. (so very swamped)  To start I would need just the 2 boxes, to test (the one at our central site, and once branch office) but eventually, 5 for the initial rollout, and up to 10 in the next year or so, with more possible.

As I say, the Cisco solution seems to be inline with the costs of a dfs type file server.

As for why files are opened by more than one person at once.  It isn't that these mapped drives are for one user.  The Mydocs/desktop is for one user, yes, as said above.  But also as said above:

"We also use mapped drives back to server shares on Chicago1.  These are not persistent (they are used via group policy set logon script) and not synced.  Users must be in a branch office or connected to the Cisco VPN software back to our Chicago office to get these mapped drives."

These are community files.

Certainly something like sharepoint might be more practical for these type of files (there are about 120gb worth of them) but this is a dead horse, our users are executives, and it is a top down problem that I simply cannot get them to accept this solution.  Thus once again, back to DFS or WAFS soltuions.

So to recap, the dead horses in our org are:

Any Terminal serv/Citrix solution for file/app access
Any Webserver based file checking in/out solution (aka sharepoint, or that lotus one)

Other than those dead horses and the File Server or WAFS appliances, is there another possibility?
0
 

Author Comment

by:DEoff
ID: 16996338
These links were helpful and pointed me in some more directions other than Cisco WAFs.  Thanks for the input!
0
 
LVL 9

Expert Comment

by:NYtechGuy
ID: 16996398
DEoff-

You would need a box at each end of a connection for those solutions - but I believe only ONE (1) in the main location.

What do you think you'll be doing, out of curiousity - and for future reference

thanks!

0
 

Author Comment

by:DEoff
ID: 16996467
I'm working on getting some proof of concept (demo) rollouts from Cisco and Packeteer.  The cisco WAF is still tempting, if I can see it proven, as some of our routers would just need a module inserted to be ready.  And similar to your suggested solutions, would only need one piece of hardware at our main location.

But if Packeteer will provide an actual demo in both of our locations before Cisco (which is likely... as Cisco's old WAFS are reaching end of life, and their new ones arent out yet I dont think, plus they are a bit full of them selves and would just say "it will work") then I'll go with them.

I'm also going to be using webfolders (via sharepoint) from behind our VPN for smaller branch offices or home users.. and will maintain our current Terminal Server liscensing for our accounting software, to be used as an alternative to access the mapped drives if need be.

But I think, after showing the CFC the price of any solution such as this (File server, Citrix, WAFs) he gave me the green light to try to work with our already purchased Sharepoint.  Oh goodie, maybe I will be able to use our projectserver finally too!  (opens the can of worms)

SP will not decrese the time to download and open these files of course, but as it will not look like windows explorer, the users may (stress may) be willing to download and open the file.

In the end though, I think what I mentioned above, (a WAF at our main branches) with sharepoint in the smaller corners of our network, will be a good and workable blend.
0
 
LVL 9

Expert Comment

by:NYtechGuy
ID: 16996504

If the $$$ is there, you can combine the solutions.  WANs can always use optimization/packet shaping (Packetteer) in addition to filesharing/SP/TS...  see if they go for that :)

good luck!
0
 

Author Comment

by:DEoff
ID: 16996541
They are willing to let me put their money where my mouth is, so long as my solutions continue to satisfy.  So there's a good hope I can get the bankroll for it, though I'd still like to accomplish as much as possible with as little expense as possible.

Mouth don't fail me now!

0
 

Author Comment

by:DEoff
ID: 16996548
I'll try to remember to update this thread either way when this is resolved.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question