(Okey, I realize that this question involves MANY questions, and perhaps should be asked in many different posts. But I felt that it would be easier for you guys to give a qualified answer with a good overview of the situation. So I would be VERY grateful if you could take the time and help me out!)
My company is about to completely reorganize its network environment and I am hoping to get some expert opinions about how a good setup would look like. At the moment these two offices are not connected in any way, except that the main office hosts both public websites. We are about to join these two offices in a integrated Active Directory environment.
As I work in the "smaller" office I actually have very little knowledge at
the present moment about their setup - so my concern is mostly about how the
setup will be at the small office.
I am still a newbie at servers and networking, but my idea of the setup is something like this:
Both offices in a single "forest" (sharing a global catalog)
Question 1 = As the two offices are not especially dependant on each other, is it perhaps better to have two different forests, and set up a cross-forest trust? I dont know how this works, but wont that lower the need for replication traffic between the two?
Two different "sites".
Question 2 = Would we benefit in just having one site for the two domains?
Question 3 = Do we gain something by having a central emailmanagement (using exchange server) only at the main office. Except for perhaps a little less administration work at the small office? By that I mean, that perhaps it is better to try to keep the numbers of "roles" to a minimum on the only server at the small office - because we are only ten people working there.
Question 4 = The followup question then becomes, is it adviceble to configure the small office server as a domain controller, fileserver, mailserver, DNS, DHCP? Or should we invest in more servers to lower the burdain.
As the small office is in the need for extending storage capability, we are considering to either buy a simple NAS, or perhaps to use some of the storage in the upcoming SAN, which supposedly will happen in the near future.
Question 5 = As the network connection at the smaller office is only about 1.7 Mbit/s (up) and 9 Mbit/s (down) - is it a bad option for us to use the SAN at the main office for our day to day storage needs?
Question 6 = Lets say we decide upon a single forest, with two sites. What is the best way of accessing shared assets between the two offices? Is it advicable that we set up a VPN-connection? Or is it perhaps enough just to authenticate via AD's Kerberos? We do not have any extremely top secret industrial information that we send across...
Question 7 = At the moment, the small office has a dedicated windows 2000 server, acting as the network firewall. Isn't it more adviceable to use dedicated hardware firewalls, for example from Cisco?
Some specifications for the present situation:
Located in Denmark
AD domain: company1.dk
Webserver for both offices, public websites
Dedicated Exchange mailserver
(Are thinking about investing in a SAN)
Located in Sweden
AD domain: company2.se
One Small Business server 2003 which has the following roles:
Active Directory : domain controller
Fileserver (almost no space left)
Microsoft Exchange 2003 (only for local emailtraffic)
A dedicated Windows server 2000, acting solely as the network firewall
ISP-Speed of internet connection = Up (1.7 Mbit/s), down (9 Mbit/s)