Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


What are the steps to set up new offices Lan windows firewall router exchange and connect via wan to each other

Posted on 2006-11-22
Medium Priority
Last Modified: 2010-03-18
Hi , This is an interview question that i was asked recently and would like some views on the steps to assess situation and steps to resolve problem.

"We have multiple branches width indivdual lans that all communicate via WAN for emails and document sharing etc.  There is a new branch, tell me the steps you would follow in setting up the new network, what information would you gather , hardware/software used use and how you would ensure security and correct permissions"

I know and understand various technologies and have worked in a network environment with Windows Server 2003 so use as much techy info as you like. Please detail info about how could Active Directory, Group policies, security, DNS, and exchanges be managed accross multiple sites be implemented, as i know there seems to be multiple ways of doing things and i am getting confused which is the best path. Include info on why you should implement something one way rather than another

Please note this is the first question posted here so, give feedback if i am using the best approach or awarding enough points

Question by:damothedude
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Accepted Solution

tim1731 earned 375 total points
ID: 17995649

how are the offices connected

1.VPN Tunnel, mpls,point to point lines,eps 8,etc
2.If firewall what model and settings

Then what is the setup in other offices, are all files held in HQ and rdp to other offices or is the remote office a child domain,or its own OU

Do you need traffic shaping

Then how many desks,people, for number of nodes (network ports) what networking equipment are you going to do VOIP (PBX local or remote)

number and type of printers, model and type of desktops IE DELL sx280, do you have a gold image, what type of web filtering device,software do you use

Thats a start

Author Comment

ID: 17996700
Hi, thanks for the info, thats the problem , interview wise , its just an open ended question, not much info given but let me make some assumptions

1. 20 users on each site , using xp , widtch a printer for each 5 people
2. confidential info needs to be shared and permission and security is a must
3. It is a busy environment and needs to be reliable with plently of backup, speed
4. it has a dsl connection
5. There is a server for the remote site for local file storage and profiles

So i have a choice between 1 domain, where the remote site is an OU and contains sub OU's containing the sites stations and users and auth/group pol/ permissions over a tunnel

2 domains and the remote is a child domain width its own AD that synz with the HQ active directory so that all
Group policies

6 Both sites have to connect to the internet so let me assume they have a high speed dsl connection and work via VPN, so
they need a router and a firewall. Let me assume that it has a cisco router and a windows based firewall 'checkpoint'

7 They have 'ms exchange' : you can connect to the 1 exchnage server at HQ via the vpn or an exchange server at each location and the exchange servers synz over the vpn

8. I can get the dhcp set up locally on each site or make dhcp happen over the vpn witch one dhcp in the headquarters

9. There are a dns server on each site and each station points to the one closest first and then remotely to find a certain station

Ok thanks some more details , my problem i  understand a number of thing a bit but would like them put all together.  For the above points a have given 2 sides but you give me details why i would use one  than the other and why should i choose VPN over another tunnell protocol

Also should i consider having Document database functionality for examples the ability to check document in and out, or have a central file server that both sites can access

Thanks again

ps. i do not mind you tellling me if i am talking balls or off on the completly wrong direction


Assisted Solution

tim1731 earned 375 total points
ID: 17996830

if you DSL and not leased line you need to look at the reliabilty of the link hence no link somethings dont work if this is the case use child domain or point a DC,dns,and global cat server in remote office if good link look at ishared from packeteer http://www.packeteer.com/products/ishared/ this will cut down on traffic across the wan and allow the logon script to pick up the hone folders drive like its on the local lan we help we backup as changes sync at the byte level.

did they give a budjet for this

Author Comment

ID: 18002216
Nope, no info what so ever, its a very open question i assume to see if you understand the principles. Looked at the ishard looks interesting.

What about group policies and security accross the 2 domains, if the remote has a dc will the AD and group policies syzn if set up in the trust?

What if the company wanted to control the access to the web to reduce virus and misuse ,  should i create a filter on each site or one at HQ and route all http traffic via HQ

The same could go for spam for email access should i have a barracuda spam filter at HQ and let the remote exchange synz with HQ or have separate 2 barracuda


Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question