[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

site setting

Posted on 2012-03-27
10
Medium Priority
?
140 Views
Last Modified: 2013-10-21
My headquarter is running an AD and a developer software is running on ServerA. Now we are going to setup a site office consist of ServerB with 4 workstation. What is the best network design I need to provide in order to let the site office people to use the developer program which share the same database. this means when a salesman make a booking of a condo unit at site, then the headquarter will able to see it, headquarter people can't make an order on that particular unit anymore. The sales people might also want to make a booking at anytime and any where, not necessarily he is at site only.
1)Do I need to set up a DMZ to duplicate the database?
2)Do I need to create a VPN tunnel ?
3)How the AD is going to control those computers/server at site? Need to create the forest?
4)Subscription of leased line is must in order to get the online data at both side?
0
Comment
Question by:swpui
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Robert Sutton Jr
ID: 37772275
How much bandwidth do you expect to use? I don't think you'll need a "Leased" line. You should be able to get DSL or Cable with a high class of service (Higher speeds) and I would advise on getting static Ip addresses on both ends. A small SOHO router on both ends should suffice. You will need to create a site to site VPN tunnel to allow the remote site secure access back to your HQ office. This will allow you to setup who has access to what at HQ from your remote site. Hope this helps.
0
 

Author Comment

by:swpui
ID: 37774705
What about those salesman that not inside headquarter or site office, they are at some where might want to access to see which unit of condo had been occupied........do I need to created another domain at site?
0
 
LVL 15

Assisted Solution

by:Robert Sutton Jr
Robert Sutton Jr earned 1500 total points
ID: 37774794
Simple, install a VPN client software on those PC's that would need it and point them back to your HQ office static Ip address. This will allow them the access to resources at your HQ site. They would obviously need Internet access no matter where they are in the world. Hope this helps. No other domain is necessary.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:swpui
ID: 37774866
Is that secured enough? How to limit the users to only access to a specific programs using VPN client software?
I do not need create a forest at site office? How am i going to control the users using my AD policy?
0
 
LVL 15

Assisted Solution

by:Robert Sutton Jr
Robert Sutton Jr earned 1500 total points
ID: 37774939
Yes, it is secure using VPN for remote access. To control users can be done via the server login credentials or via TS login script if you just want to specify a certain application. There are several ways to do it which would be completely up to you. But, remotely this would be a feasible solution with low cost.
0
 

Author Comment

by:swpui
ID: 37775551
Will Terminal Service better than VPN?
0
 
LVL 15

Accepted Solution

by:
Robert Sutton Jr earned 1500 total points
ID: 37776218
No. TS is just an option along with many others to restrict user access to certain resources. Again, there are several ways to do this and achieve the same affect. The VPN tunnel will allow remote users a "secure" way to communicate with the local resources at the HQ site. Once you are connected via the VPN, the information sent over the tunnel will be secure. Furthermore, once connected via the VPN back to HQ, it is assumed that you would be sitting on the "trusted" side of your HQ network. Therefore, any requests for info would be coming from a trusted user/source since it already has accessed the trusted network.
0
 

Author Comment

by:swpui
ID: 37850493
What about RODC?
0
 

Author Comment

by:swpui
ID: 37959610
whatif I set the pc and join domain at my HQ then later bring the pc to site, then the pc will inherit with the existing domain policy, the I send the pc to the site for the user to use.
The problem is if I have any changes in policy at HQ, how am I going to gpupdate the pc? Any idea? By connecting to the vpn, will I manage to update?
0
 

Author Closing Comment

by:swpui
ID: 39587099
Thanks for the recommendation
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question