Dear Experts, we have 1000 users located at multiple sites.
- The Headquarter office includes 400 users, has Cisco Router 3925, not yet Firewall.
- Site A includes 200 users, has Sophos Firewall.
- Each of Site B, C, D, E has 100 users, only has Modem Internet, not yet Firewall
In Headquarter, the AD server (Win Server 2012R2) is ready but we are not sure about the method to join domain for ALL users. We have several questions as below:
1. MPLS-VPN leasdline and VPN connection, which one is better in terms of performance and cost?
2. In case we choose VPN connection, should we choose Site-to-Site VPN or Remote-Access VPN, and why? Which devices should we buy?
3. As my understanding, in VPN connection, the users who connected will use the Internet connection from VPN server, is it right? If so, will the VPN connection is suitable for 1000 users?
4. For the Domain diagram, which model should we use for high performance and availability? We intend to install Addition DC in Headquarter and RODC in each site? Is it okay?
5. In Headquarter, all servers are VM and we have Veeam 9.5 to backup, but in sites servers are physical. Which backup software is the best for physical AD machines?