Solved

site setting

Posted on 2012-03-27
10
137 Views
Last Modified: 2013-10-21
My headquarter is running an AD and a developer software is running on ServerA. Now we are going to setup a site office consist of ServerB with 4 workstation. What is the best network design I need to provide in order to let the site office people to use the developer program which share the same database. this means when a salesman make a booking of a condo unit at site, then the headquarter will able to see it, headquarter people can't make an order on that particular unit anymore. The sales people might also want to make a booking at anytime and any where, not necessarily he is at site only.
1)Do I need to set up a DMZ to duplicate the database?
2)Do I need to create a VPN tunnel ?
3)How the AD is going to control those computers/server at site? Need to create the forest?
4)Subscription of leased line is must in order to get the online data at both side?
0
Comment
Question by:swpui
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Robert Sutton Jr
ID: 37772275
How much bandwidth do you expect to use? I don't think you'll need a "Leased" line. You should be able to get DSL or Cable with a high class of service (Higher speeds) and I would advise on getting static Ip addresses on both ends. A small SOHO router on both ends should suffice. You will need to create a site to site VPN tunnel to allow the remote site secure access back to your HQ office. This will allow you to setup who has access to what at HQ from your remote site. Hope this helps.
0
 

Author Comment

by:swpui
ID: 37774705
What about those salesman that not inside headquarter or site office, they are at some where might want to access to see which unit of condo had been occupied........do I need to created another domain at site?
0
 
LVL 15

Assisted Solution

by:Robert Sutton Jr
Robert Sutton Jr earned 500 total points
ID: 37774794
Simple, install a VPN client software on those PC's that would need it and point them back to your HQ office static Ip address. This will allow them the access to resources at your HQ site. They would obviously need Internet access no matter where they are in the world. Hope this helps. No other domain is necessary.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 

Author Comment

by:swpui
ID: 37774866
Is that secured enough? How to limit the users to only access to a specific programs using VPN client software?
I do not need create a forest at site office? How am i going to control the users using my AD policy?
0
 
LVL 15

Assisted Solution

by:Robert Sutton Jr
Robert Sutton Jr earned 500 total points
ID: 37774939
Yes, it is secure using VPN for remote access. To control users can be done via the server login credentials or via TS login script if you just want to specify a certain application. There are several ways to do it which would be completely up to you. But, remotely this would be a feasible solution with low cost.
0
 

Author Comment

by:swpui
ID: 37775551
Will Terminal Service better than VPN?
0
 
LVL 15

Accepted Solution

by:
Robert Sutton Jr earned 500 total points
ID: 37776218
No. TS is just an option along with many others to restrict user access to certain resources. Again, there are several ways to do this and achieve the same affect. The VPN tunnel will allow remote users a "secure" way to communicate with the local resources at the HQ site. Once you are connected via the VPN, the information sent over the tunnel will be secure. Furthermore, once connected via the VPN back to HQ, it is assumed that you would be sitting on the "trusted" side of your HQ network. Therefore, any requests for info would be coming from a trusted user/source since it already has accessed the trusted network.
0
 

Author Comment

by:swpui
ID: 37850493
What about RODC?
0
 

Author Comment

by:swpui
ID: 37959610
whatif I set the pc and join domain at my HQ then later bring the pc to site, then the pc will inherit with the existing domain policy, the I send the pc to the site for the user to use.
The problem is if I have any changes in policy at HQ, how am I going to gpupdate the pc? Any idea? By connecting to the vpn, will I manage to update?
0
 

Author Closing Comment

by:swpui
ID: 39587099
Thanks for the recommendation
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
OpenView NNM: Global Manager to Regional Manager connection fails 7 95
Change management best practice 2 171
Node.js 11 76
igmp snooping in layer 2 switch 4 34
Transparency shows that a company is the kind of business that it wants people to think it is.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question