Windows Domain for Work-At-Home Consultants

Question

We are a small consulting firm, with a need for a windows domain based network. Most of our consultants work either at home, or on-site.

What would be the best way to provide a domain centric infrastructure to our staff?

VPN would be used to connect to the infrastructure (hosted COLO), but this could be annoying if the user can't access the VPN due to on-site restrictions etc.

You could use a thin client like Citrix XenDesktop or VMware VMview. — Fergus, Dec 16 '10 at 07:16
Well, It depends on the Windows Version of the domain and the SO of the clients. If you have 2008 and windows7, there's some amazing new features for the problem. something like a VPN, but with the power of the GPO and all the corporative tools. If you have 2003 and XP, I think it will be better to buy a VPN appliance (Juniper, Sonicwall) and after they connect they can log on the domain. No easy response without more info. — Carlos Garcia, Dec 16 '10 at 10:03
Windows 7 and Windows Vista minimum (only 2 people with Vista, and we can change that), and Windows Server 2008 R2 for all servers. What do I need to look into? — Darbio, Dec 16 '10 at 11:28

score 1 · Accepted Answer · answered Dec 17 '10 at 00:19

1

I realize this is just vague hand-waving, but take a look at DirectAccess. This allows for VPN-like functionality (using IPsec and IPv6, IIRC) to access internal applications such as Exchange and AD without going through the VPN connection process. It prefers (only has documentation for) using a MS-based firewall solution such as ISA 2007 or the new Threat Management Gateway. As you're on the latest client and server OS, this may be a viable option (it requires Windows 7 on the desktop).

answered Dec 17 '10 at 00:19

Jeff McJunkin

1,342
1
8
16

A good thought, but there are quite a few servers needed to make DirectAccess happen. – SpacemanSpiff Dec 17 '10 at 03:10
How many servers are we talking? 1 dedicated running TMG and Windows Server 2008 R2? – Darbio Dec 17 '10 at 06:26
I believe it would require a TMG server and (preferably separate) a PKI server if you don't want to handle certificates manually. – Jeff McJunkin Dec 17 '10 at 17:00

score 0 · Answer 2 · answered Dec 16 '10 at 09:47

0

Is the windows domain even relevant to your requirements? More relevant I would say are the services you want to provide to remote workers. So...what services do your users need to be able to use off-site?

answered Dec 16 '10 at 09:47

cachonfinga

215
1
6

Yes we need a domain. We are also looking at having office based developmnt staff who would use the domain. – Darbio Dec 16 '10 at 11:28

Windows Domain for Work-At-Home Consultants

2 Answers2