Solved

site setting

Posted on 2012-03-27
10
132 Views
Last Modified: 2013-10-21
My headquarter is running an AD and a developer software is running on ServerA. Now we are going to setup a site office consist of ServerB with 4 workstation. What is the best network design I need to provide in order to let the site office people to use the developer program which share the same database. this means when a salesman make a booking of a condo unit at site, then the headquarter will able to see it, headquarter people can't make an order on that particular unit anymore. The sales people might also want to make a booking at anytime and any where, not necessarily he is at site only.
1)Do I need to set up a DMZ to duplicate the database?
2)Do I need to create a VPN tunnel ?
3)How the AD is going to control those computers/server at site? Need to create the forest?
4)Subscription of leased line is must in order to get the online data at both side?
0
Comment
Question by:swpui
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:The_Warlock
ID: 37772275
How much bandwidth do you expect to use? I don't think you'll need a "Leased" line. You should be able to get DSL or Cable with a high class of service (Higher speeds) and I would advise on getting static Ip addresses on both ends. A small SOHO router on both ends should suffice. You will need to create a site to site VPN tunnel to allow the remote site secure access back to your HQ office. This will allow you to setup who has access to what at HQ from your remote site. Hope this helps.
0
 

Author Comment

by:swpui
ID: 37774705
What about those salesman that not inside headquarter or site office, they are at some where might want to access to see which unit of condo had been occupied........do I need to created another domain at site?
0
 
LVL 15

Assisted Solution

by:The_Warlock
The_Warlock earned 500 total points
ID: 37774794
Simple, install a VPN client software on those PC's that would need it and point them back to your HQ office static Ip address. This will allow them the access to resources at your HQ site. They would obviously need Internet access no matter where they are in the world. Hope this helps. No other domain is necessary.
0
 

Author Comment

by:swpui
ID: 37774866
Is that secured enough? How to limit the users to only access to a specific programs using VPN client software?
I do not need create a forest at site office? How am i going to control the users using my AD policy?
0
 
LVL 15

Assisted Solution

by:The_Warlock
The_Warlock earned 500 total points
ID: 37774939
Yes, it is secure using VPN for remote access. To control users can be done via the server login credentials or via TS login script if you just want to specify a certain application. There are several ways to do it which would be completely up to you. But, remotely this would be a feasible solution with low cost.
0
Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

 

Author Comment

by:swpui
ID: 37775551
Will Terminal Service better than VPN?
0
 
LVL 15

Accepted Solution

by:
The_Warlock earned 500 total points
ID: 37776218
No. TS is just an option along with many others to restrict user access to certain resources. Again, there are several ways to do this and achieve the same affect. The VPN tunnel will allow remote users a "secure" way to communicate with the local resources at the HQ site. Once you are connected via the VPN, the information sent over the tunnel will be secure. Furthermore, once connected via the VPN back to HQ, it is assumed that you would be sitting on the "trusted" side of your HQ network. Therefore, any requests for info would be coming from a trusted user/source since it already has accessed the trusted network.
0
 

Author Comment

by:swpui
ID: 37850493
What about RODC?
0
 

Author Comment

by:swpui
ID: 37959610
whatif I set the pc and join domain at my HQ then later bring the pc to site, then the pc will inherit with the existing domain policy, the I send the pc to the site for the user to use.
The problem is if I have any changes in policy at HQ, how am I going to gpupdate the pc? Any idea? By connecting to the vpn, will I manage to update?
0
 

Author Closing Comment

by:swpui
ID: 39587099
Thanks for the recommendation
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now