Solved

What are the steps to set up new offices Lan windows firewall router exchange and connect via wan to each other

Posted on 2006-11-22
4
252 Views
Last Modified: 2010-03-18
Hi , This is an interview question that i was asked recently and would like some views on the steps to assess situation and steps to resolve problem.

"We have multiple branches width indivdual lans that all communicate via WAN for emails and document sharing etc.  There is a new branch, tell me the steps you would follow in setting up the new network, what information would you gather , hardware/software used use and how you would ensure security and correct permissions"

I know and understand various technologies and have worked in a network environment with Windows Server 2003 so use as much techy info as you like. Please detail info about how could Active Directory, Group policies, security, DNS, and exchanges be managed accross multiple sites be implemented, as i know there seems to be multiple ways of doing things and i am getting confused which is the best path. Include info on why you should implement something one way rather than another

Please note this is the first question posted here so, give feedback if i am using the best approach or awarding enough points

Cheers
Damo
0
Comment
Question by:damothedude
  • 2
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
tim1731 earned 125 total points
ID: 17995649
First,

how are the offices connected

1.VPN Tunnel, mpls,point to point lines,eps 8,etc
2.If firewall what model and settings

Then what is the setup in other offices, are all files held in HQ and rdp to other offices or is the remote office a child domain,or its own OU

Do you need traffic shaping

Then how many desks,people, for number of nodes (network ports) what networking equipment are you going to do VOIP (PBX local or remote)

number and type of printers, model and type of desktops IE DELL sx280, do you have a gold image, what type of web filtering device,software do you use

Thats a start
0
 

Author Comment

by:damothedude
ID: 17996700
Hi, thanks for the info, thats the problem , interview wise , its just an open ended question, not much info given but let me make some assumptions

1. 20 users on each site , using xp , widtch a printer for each 5 people
2. confidential info needs to be shared and permission and security is a must
3. It is a busy environment and needs to be reliable with plently of backup, speed
4. it has a dsl connection
5. There is a server for the remote site for local file storage and profiles

So i have a choice between 1 domain, where the remote site is an OU and contains sub OU's containing the sites stations and users and auth/group pol/ permissions over a tunnel

or
2 domains and the remote is a child domain width its own AD that synz with the HQ active directory so that all
Group policies

6 Both sites have to connect to the internet so let me assume they have a high speed dsl connection and work via VPN, so
they need a router and a firewall. Let me assume that it has a cisco router and a windows based firewall 'checkpoint'

7 They have 'ms exchange' : you can connect to the 1 exchnage server at HQ via the vpn or an exchange server at each location and the exchange servers synz over the vpn

8. I can get the dhcp set up locally on each site or make dhcp happen over the vpn witch one dhcp in the headquarters

9. There are a dns server on each site and each station points to the one closest first and then remotely to find a certain station

Ok thanks some more details , my problem i  understand a number of thing a bit but would like them put all together.  For the above points a have given 2 sides but you give me details why i would use one  than the other and why should i choose VPN over another tunnell protocol

Also should i consider having Document database functionality for examples the ability to check document in and out, or have a central file server that both sites can access

Thanks again

ps. i do not mind you tellling me if i am talking balls or off on the completly wrong direction

0
 
LVL 9

Assisted Solution

by:tim1731
tim1731 earned 125 total points
ID: 17996830
Ok,

if you DSL and not leased line you need to look at the reliabilty of the link hence no link somethings dont work if this is the case use child domain or point a DC,dns,and global cat server in remote office if good link look at ishared from packeteer http://www.packeteer.com/products/ishared/ this will cut down on traffic across the wan and allow the logon script to pick up the hone folders drive like its on the local lan we help we backup as changes sync at the byte level.

did they give a budjet for this
0
 

Author Comment

by:damothedude
ID: 18002216
Nope, no info what so ever, its a very open question i assume to see if you understand the principles. Looked at the ishard looks interesting.

What about group policies and security accross the 2 domains, if the remote has a dc will the AD and group policies syzn if set up in the trust?

What if the company wanted to control the access to the web to reduce virus and misuse ,  should i create a filter on each site or one at HQ and route all http traffic via HQ

The same could go for spam for email access should i have a barracuda spam filter at HQ and let the remote exchange synz with HQ or have separate 2 barracuda

Cheers
Damo
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question