network design and security

[galloshes]

we are a UK based SME opening a small branch office in Eire. My question relates to network deisgn and firewall. Our current setup has our network sitting behind a firewall which has both a private WAN (to our US network) and a public internet link outside it. Our Dublin office is to have a BDC on site for local authentication and print services but is to come back to us over a 128k line for Exchange. The Dublin office will also require remote access which can come in fine through our firewall as currently. I am wondering what the best solution is for our Dublin office as far as how we give them access to our network whilst protecting both us and them. Currently I am favouring the 128k line coming in to our PIX firewall and insisting that remote access for them also comes through our Firewall. An ideas suggestions anyone? many thanks

 

[sleipnir214]

Have you thought about a VPN?

Have the Dublin office connect to the internet just as your office does -- firewall, protected zone, etc. But set up an encrypted VPN that connects the two sites.

Traffic going from the Dublin office to the internet will not have to affect your network at all.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[rmb1905]

VPN is hot at the moment. There IS a big BUT: you need a fast i-net connection to make it perform. I don't know the situation in UK/ireland but in Holland and Belgium DSL connections are relativly cheap and provide the capacity you need to use VPN.
Be sure you know how you want to deal with encryption, this is an ABSOLUTE must when using VPN over an i-net connection.

 

[Lequang]

rmb1905 is right. but VPN/IPSec depend on the Banswith you get with Internet ISP.

Another solution is IPVPN with third party carrier (BT or ...)
With this solution you don't need to monitor the line, but ony assume the routing