Solved

What are the steps to set up new offices Lan windows firewall router exchange and connect via wan to each other

Posted on 2006-11-22
4
250 Views
Last Modified: 2010-03-18
Hi , This is an interview question that i was asked recently and would like some views on the steps to assess situation and steps to resolve problem.

"We have multiple branches width indivdual lans that all communicate via WAN for emails and document sharing etc.  There is a new branch, tell me the steps you would follow in setting up the new network, what information would you gather , hardware/software used use and how you would ensure security and correct permissions"

I know and understand various technologies and have worked in a network environment with Windows Server 2003 so use as much techy info as you like. Please detail info about how could Active Directory, Group policies, security, DNS, and exchanges be managed accross multiple sites be implemented, as i know there seems to be multiple ways of doing things and i am getting confused which is the best path. Include info on why you should implement something one way rather than another

Please note this is the first question posted here so, give feedback if i am using the best approach or awarding enough points

Cheers
Damo
0
Comment
Question by:damothedude
  • 2
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
tim1731 earned 125 total points
Comment Utility
First,

how are the offices connected

1.VPN Tunnel, mpls,point to point lines,eps 8,etc
2.If firewall what model and settings

Then what is the setup in other offices, are all files held in HQ and rdp to other offices or is the remote office a child domain,or its own OU

Do you need traffic shaping

Then how many desks,people, for number of nodes (network ports) what networking equipment are you going to do VOIP (PBX local or remote)

number and type of printers, model and type of desktops IE DELL sx280, do you have a gold image, what type of web filtering device,software do you use

Thats a start
0
 

Author Comment

by:damothedude
Comment Utility
Hi, thanks for the info, thats the problem , interview wise , its just an open ended question, not much info given but let me make some assumptions

1. 20 users on each site , using xp , widtch a printer for each 5 people
2. confidential info needs to be shared and permission and security is a must
3. It is a busy environment and needs to be reliable with plently of backup, speed
4. it has a dsl connection
5. There is a server for the remote site for local file storage and profiles

So i have a choice between 1 domain, where the remote site is an OU and contains sub OU's containing the sites stations and users and auth/group pol/ permissions over a tunnel

or
2 domains and the remote is a child domain width its own AD that synz with the HQ active directory so that all
Group policies

6 Both sites have to connect to the internet so let me assume they have a high speed dsl connection and work via VPN, so
they need a router and a firewall. Let me assume that it has a cisco router and a windows based firewall 'checkpoint'

7 They have 'ms exchange' : you can connect to the 1 exchnage server at HQ via the vpn or an exchange server at each location and the exchange servers synz over the vpn

8. I can get the dhcp set up locally on each site or make dhcp happen over the vpn witch one dhcp in the headquarters

9. There are a dns server on each site and each station points to the one closest first and then remotely to find a certain station

Ok thanks some more details , my problem i  understand a number of thing a bit but would like them put all together.  For the above points a have given 2 sides but you give me details why i would use one  than the other and why should i choose VPN over another tunnell protocol

Also should i consider having Document database functionality for examples the ability to check document in and out, or have a central file server that both sites can access

Thanks again

ps. i do not mind you tellling me if i am talking balls or off on the completly wrong direction

0
 
LVL 9

Assisted Solution

by:tim1731
tim1731 earned 125 total points
Comment Utility
Ok,

if you DSL and not leased line you need to look at the reliabilty of the link hence no link somethings dont work if this is the case use child domain or point a DC,dns,and global cat server in remote office if good link look at ishared from packeteer http://www.packeteer.com/products/ishared/ this will cut down on traffic across the wan and allow the logon script to pick up the hone folders drive like its on the local lan we help we backup as changes sync at the byte level.

did they give a budjet for this
0
 

Author Comment

by:damothedude
Comment Utility
Nope, no info what so ever, its a very open question i assume to see if you understand the principles. Looked at the ishard looks interesting.

What about group policies and security accross the 2 domains, if the remote has a dc will the AD and group policies syzn if set up in the trust?

What if the company wanted to control the access to the web to reduce virus and misuse ,  should i create a filter on each site or one at HQ and route all http traffic via HQ

The same could go for spam for email access should i have a barracuda spam filter at HQ and let the remote exchange synz with HQ or have separate 2 barracuda

Cheers
Damo
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now