Re: Branch Office Setup

From: Sarbjit Singh Gill (
Date: 11/11/04

Date: Thu, 11 Nov 2004 13:00:03 +0800

For Windows 2003:

Welcome to Designing and Deploying Directory and Security Services of the
Microsoft Windows Server 2003 Deployment Kit.

Remember to design with security in mind right from the beginning. Hence the
above Guide includes security. Also since you are going to be dealing with
VPN, security comes into the picture again.

Also with VPN, go ahead and look at ISA2004. It is going to automate a lot
of the VPN-Active-Directory-Branch-Office connectivity" scenarios.
Here is just a sample of ISA 2004 stuff which relates to AD deployment.

(Site-To-Site VPN with ISA 2004).

Sarbjit Singh Gill

"Sarbjit Singh Gill" <> wrote in message
> Are you on Windows 2003 or Windows 2000 ?
> "Johnny Chow" <> wrote in message
> news:eNI6OC5xEHA.3096@tk2msftngp13.phx.gbl...
>> Hi,
>> I am still newbie. My company want to setup a branch office aboard.
>> They want to setup VPN tunnel between headquarter and China branch
>> office.
>> In this scenario, should I create new domain as subdomain or another new
>> domain that trust headquarter domain. The branch office has a slow
>> broadband connection, will this hurt the replication and reliability? I
>> am
>> appreciated your inputs.
>> Thank you in advance.
>> Johnny Chow

Relevant Pages

  • Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
    ... This set of steps is redundant in many places, and it's also enormously expensive, since you're using no less than three different expensive bits of networking hardware (AP, PIX, VPN Concentrator), in addition to a bunch of x86 server hardware, windows server licenses, and at least one ISA license. ... Your computers necessarily don't have full access to your network infrastructure when they aren't logged on, so GPOs, software updates, etc can't be applied at the times you want them to be applied. ... Turning on, enabling, and implementing every possible security setting and device you think of is not defence in depth, and will probably only have two effects - your users won't use your wireless network, and you'll burn so much cash you won't have any left to spend on *useful* security measures. ...
  • Re: Firewall advice required please
    ... 2./ How do you provide "SECURE" access without a VPN? ... suggesting you are achieving as-good-as security using a standard SSL, ... > and air-gap is the only product we carry. ... > no other firewall can touch. ...
  • RE: Re: Secure Intranet?
    ... need to have a minimum level of security that is in line with your policies. ... Sygate has a product that does security policy enforcement for VPN called ... Sygate Secure Enterprise. ... Sygate Secure Enterprise Data Sheet ...
  • Re: PPTP or L2TP/IPSec?
    ... Security is always a cost benefit ratio, measured in either time, money, agro, or all of the above. ... I think your distrust of the SBS RWW is misplaced, and recommend it over VPN, but that is your call and your comfort level, as all of this discussion really. ... Regarding "attack of the password" given enough time and effort, any one device can be breached, or the financial insitutions, the defense departments, etc would not have such a difficult job. ...
  • RE: VPNs - Firewalls and Security
    ... we turned off sysopt connection permit ipsec and then added the ... VPN connections. ... VPN's - Firewall's and Security ... You had configured that vpn users access internal network, ...