SBS remote office > Exchange head office...?

TheMSsForum.com: The Microsoft Software Forum

Hi all,

Theoretical set-up - looking for advice on feasibility and/or potential
problems [indeed, if this is workable!]

Remote Office:
6 users
Currently running bog-standard W2K Server
Outlook clients connecting directly to individual POP3 mailboxes at ISP - NO
internal mail whatsoever
Broadband connection via Broadband Router on LAN - 512k ADSL

Head Office:
W2K Server
Exchange2K Server
Cisco 1700 Router
Cisco PIX 515E Firewall
Mailsweeper
Websweeper
McAffee EPolicy Orchestrator
McAffee Virusscan
Broadband is 2Mb SDSL

Customer is looking to have the Remote Office link with the Head Office in
the following way:
1] ALL email either incoming or outgoing to go via Head Office - they [at
present] are looking for all internal mail within the Remote Office to also
pass via Head Office, but I'm dubious as to whether this is the most
efficient method of achieving things for them
2] 'Constant' VPN access during working hours to allow file/document sharing
between sites

We've [thus far] told the customer that they've got the following basic
options:

1] Set-up the constant VPN connection between the offices either
server-server or router-router and configure all the Outlook clients at the
Remote Office as offline clients of the Head Office Exchange Server -
downside is that all the internal mails are sent to the Head Office then
back to the Remote Office which is pretty bandwidth inefficient.

2] Go SBS at the Remote Office - this will provide firewalling at the Remote
Office [at present its just the NAT on the Router!], internal mail at the
Remote Office stays within the Remote Office while external email can be
forwarded to a Smart Host of the client's Head Office Exchange Server and
incoming mail can be downloaded from the Head Office Exchange Server via
POP3 [or SMTP?]

Reasoning for SBS:

1] If the VPN link to Head Office goes down, the client in the Remote Office
still has internal mail and we could [if the outage were a long one]
configure them to send outgoing emails directly out via DNS. They'd get ISA
to protect their network [and adding a 2nd NIC] in order to provide FAR more
security than relying on the existing router's NAT. Basically to provide a
degree of fault-tolerance in addition to ease of remote administration and
increased security.

Reasoning for non-SBS [more from customer's perspective than ours]:

1] Cheaper - perhaps slightly tighter integration with their Head Office
existing set-up

Notes:

1] Client does NOT wish to go W2K3 at this stage - therefore it would need
to be SBS2K if we went down that route

Anyone got any pointers/advice/potential pitfalls?

Regards,




David
Top

Re: SBS remote office > Exchange head office...? by Mark

Mark
Wed Dec 10 11:20:19 CST 2003

with SBS just 1 exchange server so you have to modify your plan. A couple
options would be a hub-spoke layout with the VPN OR go to 2003SBS which
gives you RPC over HTTP and sharepoint

--
Sincerely,
Mark Mancini, CCA, CCNA, Master CIW&CI, CNE 4&5, MCSE+I 4&2000
www.MCSE2000.com
www.AppLauncher.com



"David Elders" <david.elders@akdsystems.co.uk> wrote in message
news:OFDgerwvDHA.3216@TK2MSFTNGP11.phx.gbl...
> Hi all,
>
> Theoretical set-up - looking for advice on feasibility and/or potential
> problems [indeed, if this is workable!]
>
> Remote Office:
> 6 users
> Currently running bog-standard W2K Server
> Outlook clients connecting directly to individual POP3 mailboxes at ISP -
NO
> internal mail whatsoever
> Broadband connection via Broadband Router on LAN - 512k ADSL
>
> Head Office:
> W2K Server
> Exchange2K Server
> Cisco 1700 Router
> Cisco PIX 515E Firewall
> Mailsweeper
> Websweeper
> McAffee EPolicy Orchestrator
> McAffee Virusscan
> Broadband is 2Mb SDSL
>
> Customer is looking to have the Remote Office link with the Head Office in
> the following way:
> 1] ALL email either incoming or outgoing to go via Head Office - they [at
> present] are looking for all internal mail within the Remote Office to
also
> pass via Head Office, but I'm dubious as to whether this is the most
> efficient method of achieving things for them
> 2] 'Constant' VPN access during working hours to allow file/document
sharing
> between sites
>
> We've [thus far] told the customer that they've got the following basic
> options:
>
> 1] Set-up the constant VPN connection between the offices either
> server-server or router-router and configure all the Outlook clients at
the
> Remote Office as offline clients of the Head Office Exchange Server -
> downside is that all the internal mails are sent to the Head Office then
> back to the Remote Office which is pretty bandwidth inefficient.
>
> 2] Go SBS at the Remote Office - this will provide firewalling at the
Remote
> Office [at present its just the NAT on the Router!], internal mail at the
> Remote Office stays within the Remote Office while external email can be
> forwarded to a Smart Host of the client's Head Office Exchange Server and
> incoming mail can be downloaded from the Head Office Exchange Server via
> POP3 [or SMTP?]
>
> Reasoning for SBS:
>
> 1] If the VPN link to Head Office goes down, the client in the Remote
Office
> still has internal mail and we could [if the outage were a long one]
> configure them to send outgoing emails directly out via DNS. They'd get
ISA
> to protect their network [and adding a 2nd NIC] in order to provide FAR
more
> security than relying on the existing router's NAT. Basically to provide a
> degree of fault-tolerance in addition to ease of remote administration and
> increased security.
>
> Reasoning for non-SBS [more from customer's perspective than ours]:
>
> 1] Cheaper - perhaps slightly tighter integration with their Head Office
> existing set-up
>
> Notes:
>
> 1] Client does NOT wish to go W2K3 at this stage - therefore it would need
> to be SBS2K if we went down that route
>
> Anyone got any pointers/advice/potential pitfalls?
>
> Regards,
>
>
>
>
> David
>
>


Top

Re: SBS remote office > Exchange head office...? by David

David
Thu Dec 11 02:42:37 CST 2003

So the POP3 connector in SBS can't collect mail from an Exchange Server
elsewhere...? I would have assumed it could collect from any POP3 server be
it Exchange or anything else.

David



"Mark Mancini" <info@NOSPAMmcse2000.com> wrote in message
news:uAVViH0vDHA.1996@TK2MSFTNGP12.phx.gbl...
> with SBS just 1 exchange server so you have to modify your plan. A couple
> options would be a hub-spoke layout with the VPN OR go to 2003SBS which
> gives you RPC over HTTP and sharepoint
>
> --
> Sincerely,
> Mark Mancini, CCA, CCNA, Master CIW&CI, CNE 4&5, MCSE+I 4&2000
> www.MCSE2000.com
> www.AppLauncher.com
>
>
>
> "David Elders" <david.elders@akdsystems.co.uk> wrote in message
> news:OFDgerwvDHA.3216@TK2MSFTNGP11.phx.gbl...
> > Hi all,
> >
> > Theoretical set-up - looking for advice on feasibility and/or potential
> > problems [indeed, if this is workable!]
> >
> > Remote Office:
> > 6 users
> > Currently running bog-standard W2K Server
> > Outlook clients connecting directly to individual POP3 mailboxes at
ISP -
> NO
> > internal mail whatsoever
> > Broadband connection via Broadband Router on LAN - 512k ADSL
> >
> > Head Office:
> > W2K Server
> > Exchange2K Server
> > Cisco 1700 Router
> > Cisco PIX 515E Firewall
> > Mailsweeper
> > Websweeper
> > McAffee EPolicy Orchestrator
> > McAffee Virusscan
> > Broadband is 2Mb SDSL
> >
> > Customer is looking to have the Remote Office link with the Head Office
in
> > the following way:
> > 1] ALL email either incoming or outgoing to go via Head Office - they
[at
> > present] are looking for all internal mail within the Remote Office to
> also
> > pass via Head Office, but I'm dubious as to whether this is the most
> > efficient method of achieving things for them
> > 2] 'Constant' VPN access during working hours to allow file/document
> sharing
> > between sites
> >
> > We've [thus far] told the customer that they've got the following basic
> > options:
> >
> > 1] Set-up the constant VPN connection between the offices either
> > server-server or router-router and configure all the Outlook clients at
> the
> > Remote Office as offline clients of the Head Office Exchange Server -
> > downside is that all the internal mails are sent to the Head Office then
> > back to the Remote Office which is pretty bandwidth inefficient.
> >
> > 2] Go SBS at the Remote Office - this will provide firewalling at the
> Remote
> > Office [at present its just the NAT on the Router!], internal mail at
the
> > Remote Office stays within the Remote Office while external email can be
> > forwarded to a Smart Host of the client's Head Office Exchange Server
and
> > incoming mail can be downloaded from the Head Office Exchange Server via
> > POP3 [or SMTP?]
> >
> > Reasoning for SBS:
> >
> > 1] If the VPN link to Head Office goes down, the client in the Remote
> Office
> > still has internal mail and we could [if the outage were a long one]
> > configure them to send outgoing emails directly out via DNS. They'd get
> ISA
> > to protect their network [and adding a 2nd NIC] in order to provide FAR
> more
> > security than relying on the existing router's NAT. Basically to provide
a
> > degree of fault-tolerance in addition to ease of remote administration
and
> > increased security.
> >
> > Reasoning for non-SBS [more from customer's perspective than ours]:
> >
> > 1] Cheaper - perhaps slightly tighter integration with their Head Office
> > existing set-up
> >
> > Notes:
> >
> > 1] Client does NOT wish to go W2K3 at this stage - therefore it would
need
> > to be SBS2K if we went down that route
> >
> > Anyone got any pointers/advice/potential pitfalls?
> >
> > Regards,
> >
> >
> >
> >
> > David
> >
> >
>
>


Top

Re: SBS remote office > Exchange head office...? by Mark

Mark
Fri Dec 12 08:35:04 CST 2003

oh, sorry....didn't realize you were going to POP for it....thought you
meant replicate. You can but if all you were using were pop for that remote
office then why not just outsource the whole thing?

--
Sincerely,
Mark Mancini, CCA, CCNA, Master CIW&CI, CNE 4&5, MCSE+I 4&2000
www.MCSE2000.com
www.AppLauncher.com



"David Elders" <david.elders@akdsystems.co.uk> wrote in message
news:%23qJH1K8vDHA.3216@TK2MSFTNGP11.phx.gbl...
> So the POP3 connector in SBS can't collect mail from an Exchange Server
> elsewhere...? I would have assumed it could collect from any POP3 server
be
> it Exchange or anything else.
>
> David
>
>
>
> "Mark Mancini" <info@NOSPAMmcse2000.com> wrote in message
> news:uAVViH0vDHA.1996@TK2MSFTNGP12.phx.gbl...
> > with SBS just 1 exchange server so you have to modify your plan. A
couple
> > options would be a hub-spoke layout with the VPN OR go to 2003SBS which
> > gives you RPC over HTTP and sharepoint
> >
> > --
> > Sincerely,
> > Mark Mancini, CCA, CCNA, Master CIW&CI, CNE 4&5, MCSE+I 4&2000
> > www.MCSE2000.com
> > www.AppLauncher.com
> >
> >
> >
> > "David Elders" <david.elders@akdsystems.co.uk> wrote in message
> > news:OFDgerwvDHA.3216@TK2MSFTNGP11.phx.gbl...
> > > Hi all,
> > >
> > > Theoretical set-up - looking for advice on feasibility and/or
potential
> > > problems [indeed, if this is workable!]
> > >
> > > Remote Office:
> > > 6 users
> > > Currently running bog-standard W2K Server
> > > Outlook clients connecting directly to individual POP3 mailboxes at
> ISP -
> > NO
> > > internal mail whatsoever
> > > Broadband connection via Broadband Router on LAN - 512k ADSL
> > >
> > > Head Office:
> > > W2K Server
> > > Exchange2K Server
> > > Cisco 1700 Router
> > > Cisco PIX 515E Firewall
> > > Mailsweeper
> > > Websweeper
> > > McAffee EPolicy Orchestrator
> > > McAffee Virusscan
> > > Broadband is 2Mb SDSL
> > >
> > > Customer is looking to have the Remote Office link with the Head
Office
> in
> > > the following way:
> > > 1] ALL email either incoming or outgoing to go via Head Office - they
> [at
> > > present] are looking for all internal mail within the Remote Office to
> > also
> > > pass via Head Office, but I'm dubious as to whether this is the most
> > > efficient method of achieving things for them
> > > 2] 'Constant' VPN access during working hours to allow file/document
> > sharing
> > > between sites
> > >
> > > We've [thus far] told the customer that they've got the following
basic
> > > options:
> > >
> > > 1] Set-up the constant VPN connection between the offices either
> > > server-server or router-router and configure all the Outlook clients
at
> > the
> > > Remote Office as offline clients of the Head Office Exchange Server -
> > > downside is that all the internal mails are sent to the Head Office
then
> > > back to the Remote Office which is pretty bandwidth inefficient.
> > >
> > > 2] Go SBS at the Remote Office - this will provide firewalling at the
> > Remote
> > > Office [at present its just the NAT on the Router!], internal mail at
> the
> > > Remote Office stays within the Remote Office while external email can
be
> > > forwarded to a Smart Host of the client's Head Office Exchange Server
> and
> > > incoming mail can be downloaded from the Head Office Exchange Server
via
> > > POP3 [or SMTP?]
> > >
> > > Reasoning for SBS:
> > >
> > > 1] If the VPN link to Head Office goes down, the client in the Remote
> > Office
> > > still has internal mail and we could [if the outage were a long one]
> > > configure them to send outgoing emails directly out via DNS. They'd
get
> > ISA
> > > to protect their network [and adding a 2nd NIC] in order to provide
FAR
> > more
> > > security than relying on the existing router's NAT. Basically to
provide
> a
> > > degree of fault-tolerance in addition to ease of remote administration
> and
> > > increased security.
> > >
> > > Reasoning for non-SBS [more from customer's perspective than ours]:
> > >
> > > 1] Cheaper - perhaps slightly tighter integration with their Head
Office
> > > existing set-up
> > >
> > > Notes:
> > >
> > > 1] Client does NOT wish to go W2K3 at this stage - therefore it would
> need
> > > to be SBS2K if we went down that route
> > >
> > > Anyone got any pointers/advice/potential pitfalls?
> > >
> > > Regards,
> > >
> > >
> > >
> > >
> > > David
> > >
> > >
> >
> >
>
>


Top

Re: SBS remote office > Exchange head office...? by David

David
Fri Dec 12 12:30:49 CST 2003

Client's wishes. It's the customer's wish that EVERYTHING comes in through
their Head Office now rather than anything going direct to/from any of their
local offices. We've already noted that this set-up is somewhat inefficient
and provides next to no fault-tolerance as opposed to having SBS handling
the remote office but hey-ho...

David


"Mark Mancini" <info@NOSPAMmcse2000.com> wrote in message
news:O3Phf0LwDHA.3436@tk2msftngp13.phx.gbl...
> oh, sorry....didn't realize you were going to POP for it....thought you
> meant replicate. You can but if all you were using were pop for that
remote
> office then why not just outsource the whole thing?
>
> --
> Sincerely,
> Mark Mancini, CCA, CCNA, Master CIW&CI, CNE 4&5, MCSE+I 4&2000
> www.MCSE2000.com
> www.AppLauncher.com
>
>
>
> "David Elders" <david.elders@akdsystems.co.uk> wrote in message
> news:%23qJH1K8vDHA.3216@TK2MSFTNGP11.phx.gbl...
> > So the POP3 connector in SBS can't collect mail from an Exchange Server
> > elsewhere...? I would have assumed it could collect from any POP3 server
> be
> > it Exchange or anything else.
> >
> > David
> >
> >
> >
> > "Mark Mancini" <info@NOSPAMmcse2000.com> wrote in message
> > news:uAVViH0vDHA.1996@TK2MSFTNGP12.phx.gbl...
> > > with SBS just 1 exchange server so you have to modify your plan. A
> couple
> > > options would be a hub-spoke layout with the VPN OR go to 2003SBS
which
> > > gives you RPC over HTTP and sharepoint
> > >
> > > --
> > > Sincerely,
> > > Mark Mancini, CCA, CCNA, Master CIW&CI, CNE 4&5, MCSE+I 4&2000
> > > www.MCSE2000.com
> > > www.AppLauncher.com
> > >
> > >
> > >
> > > "David Elders" <david.elders@akdsystems.co.uk> wrote in message
> > > news:OFDgerwvDHA.3216@TK2MSFTNGP11.phx.gbl...
> > > > Hi all,
> > > >
> > > > Theoretical set-up - looking for advice on feasibility and/or
> potential
> > > > problems [indeed, if this is workable!]
> > > >
> > > > Remote Office:
> > > > 6 users
> > > > Currently running bog-standard W2K Server
> > > > Outlook clients connecting directly to individual POP3 mailboxes at
> > ISP -
> > > NO
> > > > internal mail whatsoever
> > > > Broadband connection via Broadband Router on LAN - 512k ADSL
> > > >
> > > > Head Office:
> > > > W2K Server
> > > > Exchange2K Server
> > > > Cisco 1700 Router
> > > > Cisco PIX 515E Firewall
> > > > Mailsweeper
> > > > Websweeper
> > > > McAffee EPolicy Orchestrator
> > > > McAffee Virusscan
> > > > Broadband is 2Mb SDSL
> > > >
> > > > Customer is looking to have the Remote Office link with the Head
> Office
> > in
> > > > the following way:
> > > > 1] ALL email either incoming or outgoing to go via Head Office -
they
> > [at
> > > > present] are looking for all internal mail within the Remote Office
to
> > > also
> > > > pass via Head Office, but I'm dubious as to whether this is the most
> > > > efficient method of achieving things for them
> > > > 2] 'Constant' VPN access during working hours to allow file/document
> > > sharing
> > > > between sites
> > > >
> > > > We've [thus far] told the customer that they've got the following
> basic
> > > > options:
> > > >
> > > > 1] Set-up the constant VPN connection between the offices either
> > > > server-server or router-router and configure all the Outlook clients
> at
> > > the
> > > > Remote Office as offline clients of the Head Office Exchange
Server -
> > > > downside is that all the internal mails are sent to the Head Office
> then
> > > > back to the Remote Office which is pretty bandwidth inefficient.
> > > >
> > > > 2] Go SBS at the Remote Office - this will provide firewalling at
the
> > > Remote
> > > > Office [at present its just the NAT on the Router!], internal mail
at
> > the
> > > > Remote Office stays within the Remote Office while external email
can
> be
> > > > forwarded to a Smart Host of the client's Head Office Exchange
Server
> > and
> > > > incoming mail can be downloaded from the Head Office Exchange Server
> via
> > > > POP3 [or SMTP?]
> > > >
> > > > Reasoning for SBS:
> > > >
> > > > 1] If the VPN link to Head Office goes down, the client in the
Remote
> > > Office
> > > > still has internal mail and we could [if the outage were a long one]
> > > > configure them to send outgoing emails directly out via DNS. They'd
> get
> > > ISA
> > > > to protect their network [and adding a 2nd NIC] in order to provide
> FAR
> > > more
> > > > security than relying on the existing router's NAT. Basically to
> provide
> > a
> > > > degree of fault-tolerance in addition to ease of remote
administration
> > and
> > > > increased security.
> > > >
> > > > Reasoning for non-SBS [more from customer's perspective than ours]:
> > > >
> > > > 1] Cheaper - perhaps slightly tighter integration with their Head
> Office
> > > > existing set-up
> > > >
> > > > Notes:
> > > >
> > > > 1] Client does NOT wish to go W2K3 at this stage - therefore it
would
> > need
> > > > to be SBS2K if we went down that route
> > > >
> > > > Anyone got any pointers/advice/potential pitfalls?
> > > >
> > > > Regards,
> > > >
> > > >
> > > >
> > > >
> > > > David
> > > >
> > > >
> > >
> > >
> >
> >
>
>


Top