RE: splitting up a network
From: David@cawdgw.netDate: 01/22/02
- Previous message: Daniel Pope: "I've been hurt by an e-mail virus ! What virus is it ?"
- In reply to: leon: "RE: splitting up a network"
- Next in thread: Scotty Perkins: "Re: splitting up a network"
- Next in thread: Andrew Jones: "RE: splitting up a network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: <David@cawdgw.net> To: "leon" <leon@inyc.com>, "'Matt Andreko'" <mandreko@ori.net>, <security-basics@securityfocus.com> Date: Tue, 22 Jan 2002 19:00:39 +0100
In w2k, sites are used to connect segments with lowbandwidth between them to
give granularity to the replication process and streamline logon, dhcp, etc
rather than have the slow connection inside of a site. Sounds like your
situation would be perfect for a set of sites. Domains complicate matters,
unless you want to decentralize permissions.
D. Weiss
MCSE\CCNA\SSP2
-----Original Message-----
From: leon [mailto:leon@inyc.com]
Sent: Monday, January 21, 2002 7:14 PM
To: 'Matt Andreko'; security-basics@securityfocus.com
Subject: RE: splitting up a network
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Why cant you have 1 domain and create the two offices as "sites".
I thought that domain can encompass multiple sites and a site can
encompass multiple domains. That was my understanding of how win2k
domains worked.
- -----Original Message-----
From: Matt Andreko [mailto:mandreko@ori.net]
Sent: Monday, January 21, 2002 8:38 AM
To: security-basics@securityfocus.com
Subject: splitting up a network
Hi there. I'm currently administering a network which is being split
in
half. Half of it is going to be placed on an OC3 where all our
servers
are, and the other half is our office, which is on a T1, going
through a
separate class C IP range.
I'm trying to figure out a good way to setup this NT/2000 network
with
active directory over the 2 networks. I'd prefer to have them all in
1
domain, so I don't have to deal with domain trusts and such. Is
there a
good way to do this, or do I need to setup 2 separate domains, one
for
each location, and do trust relationships between the 2? Netbios can
be
used through these 2 separate ip ranges, and is preferred (although
it
will be secured and audited regularly).
Also, is there a good way to firewall the office machines, but still
have them be part of the domain, but not publicly available (only to
a
certain group on the domain?). I would prefer to put all the
machines
behind a linksys or maybe even a cisco router, to keep them
protected.
The machines on the OC3 don't need firewall protection really.
Any help would be appreciated.
- --
Matt Andreko
On-Ramp Indiana
(317)774-2100
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBPExaW9qAgf0xoaEuEQJfEwCgxn1lGbzJYlTTuuqi2gS8yb3aFb4AoLRW
tsaYXp0XZNHOpxDUKrdAkpMD
=Hh4K
-----END PGP SIGNATURE-----
- Previous message: Daniel Pope: "I've been hurt by an e-mail virus ! What virus is it ?"
- In reply to: leon: "RE: splitting up a network"
- Next in thread: Scotty Perkins: "Re: splitting up a network"
- Next in thread: Andrew Jones: "RE: splitting up a network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
