anupam_sam
OSNN Newbie
- Joined
- 5 May 2006
- Messages
- 3
Hello there,
i am not so expert in practical network implimentations so please help me out to draw this scenario.
we have a head office and several branch offices in diff cities. till now we are
using a peer to peer model but coz of security reasons and ease of office
operation we want a client server model.
all branch offices also have DSL internet connectivity and its own private lan,
no branch office to head office connectivity. branch send the daily or weekly
operation data and its is merged in the head office data.
but now we will be using sql server in both head office and branch office and
which will replicate the data over the internet between them ( SQL Server
Replication )
But i am afraid of loose security and how will the SQL server replicate the
data, when both the head office and branch office SQL server are in the private network. in branch it can be in the same machine having the DSL.
here is what i have in the head office:
1. one win 2003 domain controler, file server
2. one SQL server ( may be on the above DC )
3. 25 local lan client machines
4. DSL internet connectivity
My issue is where to place what in what sequence AND do i need any Public IP. right now we don't have any.
the win 2003 DC and SQL DB Server may be in the same SERVER Machine.
the server machine will have 2 NIC, 1 is connected to the internet through the DSL and the other is to the private lan.
what i figured at the first sight was:
private_LAN --- 2003DC/SQL --- Internet ------ Branch
But it is very unsecure for the shared file and the sql server data on the
2003DC/SQL machine connected to both, the Internet and Private network.
ONLY SQL SERVER NEED TO COMMUNICATE OVER THE INTERNET.
what is confussing me is
1. if the sql server do have a public ip for it to be accessed from the branch
it is very unsecure any body can access that machine which should not be.
same with the branch SQL server machine as to have public ip to be accessed from the head office sql server.
2. if i place the DC and SQL server within the private network then how could
they talk with the branch sql server and vice versa.
private_LAN,2003DC/SQL --- Gateway --- Internet ------ Branch
the inter branch communicatin came into scene only coz of sql server replication otherwise its not needed. every thing is settled with private network only.
can ISA server can help me out. we need to share internet on private network also but only to 4-5 machines.
where the DMZ comes in my case? if public ip is needed; whom to assign them to?
Please suggest what could be the best scenario
Thanks
i am not so expert in practical network implimentations so please help me out to draw this scenario.
we have a head office and several branch offices in diff cities. till now we are
using a peer to peer model but coz of security reasons and ease of office
operation we want a client server model.
all branch offices also have DSL internet connectivity and its own private lan,
no branch office to head office connectivity. branch send the daily or weekly
operation data and its is merged in the head office data.
but now we will be using sql server in both head office and branch office and
which will replicate the data over the internet between them ( SQL Server
Replication )
But i am afraid of loose security and how will the SQL server replicate the
data, when both the head office and branch office SQL server are in the private network. in branch it can be in the same machine having the DSL.
here is what i have in the head office:
1. one win 2003 domain controler, file server
2. one SQL server ( may be on the above DC )
3. 25 local lan client machines
4. DSL internet connectivity
My issue is where to place what in what sequence AND do i need any Public IP. right now we don't have any.
the win 2003 DC and SQL DB Server may be in the same SERVER Machine.
the server machine will have 2 NIC, 1 is connected to the internet through the DSL and the other is to the private lan.
what i figured at the first sight was:
private_LAN --- 2003DC/SQL --- Internet ------ Branch
But it is very unsecure for the shared file and the sql server data on the
2003DC/SQL machine connected to both, the Internet and Private network.
ONLY SQL SERVER NEED TO COMMUNICATE OVER THE INTERNET.
what is confussing me is
1. if the sql server do have a public ip for it to be accessed from the branch
it is very unsecure any body can access that machine which should not be.
same with the branch SQL server machine as to have public ip to be accessed from the head office sql server.
2. if i place the DC and SQL server within the private network then how could
they talk with the branch sql server and vice versa.
private_LAN,2003DC/SQL --- Gateway --- Internet ------ Branch
the inter branch communicatin came into scene only coz of sql server replication otherwise its not needed. every thing is settled with private network only.
can ISA server can help me out. we need to share internet on private network also but only to 4-5 machines.
where the DMZ comes in my case? if public ip is needed; whom to assign them to?
Please suggest what could be the best scenario
Thanks