Servers in Different Locations

Hello,

A small company with about 30 XP workstations has a native Window 2003
domain with several servers (separate boxes for ISA, Exchange, file,
application and Sharepoint Team Services/intranet.) File servers act as DCs
and DNS servers.
We would like to move the Exchange Server, the file and application
servers and the Sharepoint box to a data center. They will retain a file
server and ISA on-site. ISA provides DSL internet access for all
workstations. VPN (PPTP) is configured for remote users.
Currently, we are working on the premise that a DC, with DNS server,
will be retained on site and VPN (via ISA) will be used to access the
off-site servers - data and applications (unless those are web apps.) Is
that the right way to do this?
Is there a white paper for separating servers like this or can you
advise us as to how to go about it?
Several questions are . . .
1. Is VPN the way (correct way, only way) to access the off-site
servers?
2. What do we need to do before moving a DC to a remote site?
Demote it?
3. If VPN is right, what can we do to maximize throughput for best
performance.

Thank you very much for any suggestions,
TLW

> Hello,
>
> A small company with about 30 XP workstations has a native Window 2003
> domain with several servers (separate boxes for ISA, Exchange, file,
> application and Sharepoint Team Services/intranet.) File servers act as DCs
> and DNS servers.
> We would like to move the Exchange Server, the file and application
> servers and the Sharepoint box to a data center. They will retain a file
> server and ISA on-site. ISA provides DSL internet access for all
> workstations. VPN (PPTP) is configured for remote users.
> Currently, we are working on the premise that a DC, with DNS server, will
> be retained on site and VPN (via ISA) will be used to access the off-site
> servers - data and applications (unless those are web apps.) Is that the
> right way to do this?
> Is there a white paper for separating servers like this or can you advise
> us as to how to go about it?
> Several questions are . . .
> 1. Is VPN the way (correct way, only way) to access the off-site
> servers?
> 2. What do we need to do before moving a DC to a remote site? Demote
> it?
> 3. If VPN is right, what can we do to maximize throughput for best
> performance.
>
> Thank you very much for any suggestions,
> TLW

a VPN to the data center is no luxury regarding data security, so YES
to VPN
set up a hardware VPN between routers, meaning the ADSL router will
provide a transparent link to the router at the data center
the guys over there are acustomed to such a setup and can provide you
with al the correct settings
that way you are not dependant of the ISA server for routing (in case
of failure or restart)

strange remark of moving the DC since you write that a DC will be
retained onsite, are you moving it or not?
anyway, you don't have to demote it, just move the server to the other
site using the MMC console AD sites and services

remember to change the DNS records for the servers you are moving
off-site
just put in static records pointing to the new IP addresses of the
moved servers
clients won't notice anything that way, they can keep on using the name
of the servers in UNC paths and mappings, and so on
same for your mail clients, the exchange server name will be resolved
by your own DNS and point the off-site network
provided IP routing is OK, the move will go fine

grtz