Link to home
Start Free TrialLog in
Avatar of clifford_m71
clifford_m71Flag for United States of America

asked on

VPN alternative

We have a small company with several branches. These branches connect back to the main office through a Watchguard VPN to a SQL database and Exchange server. We have a mixture of DSL and Cable internet service in all of our offices. My problem is VPN's are not always stable, especially when it comes to the SQL database. If an office loses connection for even a couple of seconds, they get disconnected from the database and have to log back in. This does not sound like a huge deal but when it happens several times a day it starts to interfere with business.

I got into networking about 10 years ago I have only worked with VPN's. I don't know anything else. My question is what other options are there for connecting our offices? How do large corporations keep their connections up and reliable?

I realize this is a general sort of question with multiple possible answers, but any advice would be greatly appreciated.
Avatar of dr_linux
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Ernie Beek
Depending on the distance between the office and the branches there are several options.

The ones I'm familiar with are

-dark fiber: you rent a glass fiber from a provider which will make a connection between the locations. The monthly costs are lower but you have to set up and manage the equipment (switches, fiber modules) yourself.
-managed fiber: same as above but the provider also takes care of the connecting equipment. Monthly costs are higher though.

The fiber solutions are for distances up to ~70 kilometers.

-Leased line: a provider will connect two or more locations using a VPN over it's own infrastructure, not over the internet, thus being able to provide a constant quality (well that's how they do it over here).
Avatar of patterned

There are also point to point T1s that can provide you with local access.
I had to set up the routers and CSU/DSU settings, but I think most companies do this for you now.

Also see if your local telco can provide Metro-E connections.
Though, in my experience with T1s, some software hates communicating over them (time out real quick, bigger packet size, etc) and some do just fine.

I agree with the first comment.  Terminal Services is probably your best bet in this scenario.  Less work; less money; more consolidated, centralized management; and faster service.
If you can get by with what you've got right now (as far as bandwidth is concerned) terminal services WILL work for you.  Just bring to management the costs of some terminal licenses compared to what they would spend on one T1 ($200-$600 depending on location).  They'll gladly concede to terminal services.
Agree with both here.

Personally, I would prefer the RDP option and setting up a terminal server to terminate the connections and then use them to connect to the SQL server.

Dedicated lines are also favourable, as these normally are provided with decent SLAs and any interruptions to VPNs are normally fixed quite quickly.

I would tend to try to get to the bottom of the VPN issues to resolve this, as VPN is definitely a good solution here.  If one provider fails to give the support you want then go get another provider.  Bit also note, that for DSL, even if you change provider, you may still end up using copper from the same telco exchange (in the UK, you end up using all BT copper - no matter who the SP is)
I'd go with using Terminal Services in application mode, this will also give you at least two positive side effects, 1/ because the SQL traffic will be going over the LAN instead of the WAN, application performance should be better 2/ because you can provide this over a HTTPS "tunnel", you could provide access to the application from "anywhere" not just the remote offices, this would enable home workers etc to be able to use it.
Avatar of clifford_m71


Thank you to everyone for their input. Terminal Sevices was something I was looking at but I wasn't sure if there was some other "magic" solution out there. Terminal Services it is!