Solved

site setting

Posted on 2012-03-27
10
133 Views
Last Modified: 2013-10-21
My headquarter is running an AD and a developer software is running on ServerA. Now we are going to setup a site office consist of ServerB with 4 workstation. What is the best network design I need to provide in order to let the site office people to use the developer program which share the same database. this means when a salesman make a booking of a condo unit at site, then the headquarter will able to see it, headquarter people can't make an order on that particular unit anymore. The sales people might also want to make a booking at anytime and any where, not necessarily he is at site only.
1)Do I need to set up a DMZ to duplicate the database?
2)Do I need to create a VPN tunnel ?
3)How the AD is going to control those computers/server at site? Need to create the forest?
4)Subscription of leased line is must in order to get the online data at both side?
0
Comment
Question by:swpui
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Robert Sutton Jr
ID: 37772275
How much bandwidth do you expect to use? I don't think you'll need a "Leased" line. You should be able to get DSL or Cable with a high class of service (Higher speeds) and I would advise on getting static Ip addresses on both ends. A small SOHO router on both ends should suffice. You will need to create a site to site VPN tunnel to allow the remote site secure access back to your HQ office. This will allow you to setup who has access to what at HQ from your remote site. Hope this helps.
0
 

Author Comment

by:swpui
ID: 37774705
What about those salesman that not inside headquarter or site office, they are at some where might want to access to see which unit of condo had been occupied........do I need to created another domain at site?
0
 
LVL 15

Assisted Solution

by:Robert Sutton Jr
Robert Sutton Jr earned 500 total points
ID: 37774794
Simple, install a VPN client software on those PC's that would need it and point them back to your HQ office static Ip address. This will allow them the access to resources at your HQ site. They would obviously need Internet access no matter where they are in the world. Hope this helps. No other domain is necessary.
0
 

Author Comment

by:swpui
ID: 37774866
Is that secured enough? How to limit the users to only access to a specific programs using VPN client software?
I do not need create a forest at site office? How am i going to control the users using my AD policy?
0
 
LVL 15

Assisted Solution

by:Robert Sutton Jr
Robert Sutton Jr earned 500 total points
ID: 37774939
Yes, it is secure using VPN for remote access. To control users can be done via the server login credentials or via TS login script if you just want to specify a certain application. There are several ways to do it which would be completely up to you. But, remotely this would be a feasible solution with low cost.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:swpui
ID: 37775551
Will Terminal Service better than VPN?
0
 
LVL 15

Accepted Solution

by:
Robert Sutton Jr earned 500 total points
ID: 37776218
No. TS is just an option along with many others to restrict user access to certain resources. Again, there are several ways to do this and achieve the same affect. The VPN tunnel will allow remote users a "secure" way to communicate with the local resources at the HQ site. Once you are connected via the VPN, the information sent over the tunnel will be secure. Furthermore, once connected via the VPN back to HQ, it is assumed that you would be sitting on the "trusted" side of your HQ network. Therefore, any requests for info would be coming from a trusted user/source since it already has accessed the trusted network.
0
 

Author Comment

by:swpui
ID: 37850493
What about RODC?
0
 

Author Comment

by:swpui
ID: 37959610
whatif I set the pc and join domain at my HQ then later bring the pc to site, then the pc will inherit with the existing domain policy, the I send the pc to the site for the user to use.
The problem is if I have any changes in policy at HQ, how am I going to gpupdate the pc? Any idea? By connecting to the vpn, will I manage to update?
0
 

Author Closing Comment

by:swpui
ID: 39587099
Thanks for the recommendation
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now