• Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

site-to-site VPN & DC at branch office

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Networking

View previous topic :: View next topic  
Author Message
Just Arrived
Just Arrived

Joined: 04 Oct 2010
Posts: 0


PostPosted: Mon Feb 07, 2011 11:32 am    Post subject: site-to-site VPN & DC at branch office Reply with quote

hi all, we recently moved premises & upgraded our network at same time to client server from peer-to-peer, upgraded internet connection to Leased line 10mbps up/down. i setup a site-to-site VPN between our UK (main) and USA branch office. still the USA users are complaining that the connection is slow and they want to have a local server in which data folder is replicated to the main server in UK. could some one please suggest me is this the best way to do or is there an alternate for this ?? USA they got interent connection 2mbps up/down. particularly sales folder has to synchronise more frequently. please let me know if you need more details. thanks
Back to top
View user's profile Send private message AIM Address
SF Staff
SF Staff

Joined: 15 Nov 2010
Posts: 0


PostPosted: Tue Feb 08, 2011 1:13 pm    Post subject: Reply with quote

My first reaction to your setup without giving it much thought is this: A 2mbps up/down Internet connection for syncing data and Internet browsing is not enough, actually it depends on the number of users and restrictions, if any are in place. I would suggest a cheaper Internet connection just for browsing and keep the dedicated connection for critical services such as the site to site VPN connection. Then , you would need a capable router/firewall to manage connections and route traffic!
Back to top
View user's profile Send private message Visit poster's website
Trusted SF Member
Trusted SF Member

Joined: 04 Jan 2003
Posts: 0
Location: WI, USA


PostPosted: Fri Feb 18, 2011 12:39 am    Post subject: Reply with quote

Some administrators prefer to have domain controllers at every branch. Some (seemingly crazy) have a policy of no domain controllers at branches. I choose a middle of the road methodology. If the branch is a) critical or b) anything bigger than small it gets its own domain controller. In your case I could almost add a c) on different continents gets a domain controller.

Very tiny sites/branches with only a few computers can easily get away with a site to site VPN with DNS resolution happening on DC's across the site to site VPN.

With properly configured sites, services, and subnets -- a DC at the branch will reduce certain kinds of WAN traffic -- namely authentication and DNS lookups to remote DC's. However, replication between the branch DC and other DC's exists.

This does not address your concerns about file replication. For that you should look to Distributed File System Namespaces (DFS-N) and Distributed File System Replication (DFS-R).

DFS-N (oftentimes called DFS) has been around for a long time and allows an administrator, in single hierarchical namespace, regardless of server names, server locations, etc. -- to maintain sanity in an organization's shared files structure as it grows.

DFS-R was released starting with Windows Server 2003 R2, replaces the seemingly archaic File Replication Service (FRS), which was itself a replacement for the truly archaic Lan Man Replication Service. DFS-R, using smarts like Remote Differential Compression (RDC) allows an administrator to maintain synchronization, smartly and efficiently, of files and folders. Even though DFS-R has DFS in the name, the use of DFS-N is *not* required to use DFS-R.

Technet: Overview of DFS System Solution
Technet: How DFS Works: Remote File Systems
Technet: DFS-R FAQ

Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Networking All times are GMT + 2 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter