ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Merger

    IT Discussion
    9
    121
    29.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @StefUk
      last edited by

      @StefUk said:

      @scottalanmiller said:

      We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office?

      line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client.
      is that what you are asking ? everything is hosted at the main office

      Well that helps to explain why RDP is used, but it doesn't cover what the VPN is used for.

      If everything is hosted in the main office and RDP is used for the apps, what does the VPN do?

      Has the line speed been looked into? That's terribly slow.

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @hobbit666
        last edited by

        @hobbit666 said:

        @StefUk said:

        @scottalanmiller said:

        We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office?

        line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client.
        is that what you are asking ? everything is hosted at the main office

        Think what they are both trying to say is you don't need the VPN link to use RDP to the HO location. Open up the ports on the Firewall and allow access through the internet connection.

        The VPN link is not required for what you are using i.e. RDP

        And if the VPN is not fast, it can slow down the RDP, as well.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Dashrender
          last edited by

          @Dashrender said:

          @hobbit666 said:

          @StefUk said:

          @scottalanmiller said:

          We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office?

          line speed at each office is slow ( less then 10Mbps ) . Rdp ( remote desktop ) solutions is used to compress the data and make the application work at the branch offices. without the rdp the apps run too slow at think client.
          is that what you are asking ? everything is hosted at the main office

          Think what they are both trying to say is you don't need the VPN link to use RDP to the HO location. Open up the ports on the Firewall and allow access through the internet connection.

          The VPN link is not required for what you are using i.e. RDP

          Though, this only applies if the assumption is that there is no local access from the branch offices, only RPD access, which hasn't been confirmed.

          Which is what we are asking... what is the VPN for?

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @StefUk
            last edited by

            @StefUk said:

            ok maybe we don t need it but I don t have time to create more work for me .. it works and I don t need to change it . it doesn't cost anything and I don t have a problem with this .. ?
            i would like to know what i can do with the AD - exchange - LAN etc ..maybe i should post something more specific 🙂

            Is it saving you work? That's what we are asking. You are rolling out AD to these branches, right? Why? Is there any need for it or is the AD at the branches only serving to justify the VPN(s). And how there are two different VPN infrastructures, right? So unless I am missing something, the VPN is creating more work here. So we are trying to both save you work and help the company come up with the right way to do things. How does ignoring their needs make this easier given that there two companies merging so no unified VPN infrastructure? At least the one company would have no networking back to the main office, right?

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @StefUk
              last edited by

              @StefUk said:

              we are discussing why they use VPN when the VPN was never been mentioned as an issue here.

              You can't just isolate things to ignore like that. It's all one holistic system. We have to understand how the system all works to be able to help. We can't just pick up one isolated function and try to determine what to do when we don't know what it is for, if it is even needed or how changes ripple through the system.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @StefUk
                last edited by

                @StefUk said:

                ...I was just reaching out to understand how we can incorporate the apps of the two companies in to one without causing too much downtime.

                As were we. The VPN infrastructure and AD infrastructure are part of that picture and it sounds like they are likely creating an unnecessary amount of confusion and work involved for something that might be a lot simpler if the whole thing was looked at instead of the apps in isolation.

                But the VPN came up because you asked how to consolidate the apps and we were trying to determine what the apps even were.

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @Dashrender
                  last edited by

                  @Dashrender said:

                  What are the applications, specifically? Sometimes different apps have different requirements, so a blanket response will be of little help.

                  Yes, this is the one part where no information was given. The VPN we can discuss, the apps we have no way to give recommendations, really.

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @StefUk
                    last edited by

                    @StefUk said:

                    Company A and company B are merging on to company C with company B moving to company A . How can I get the two systems to work from company A premise in a short time as possible ?

                    Two RDP servers, no VPN. That's the fastest, easiest, I would guess. Do you see that by asking this question you make the VPN front and center as it appears to be the only piece presenting any barriers to the situation? If the VPN isn't what you are asking about, what's the answer? Just put the two app servers in the datacenter. Easy peasy.

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @StefUk
                      last edited by

                      @StefUk said:

                      Company A has an exchange company B has an exchange, when compnay B moves in to company A is there a way to make exchange from company B to talk to exchange in to company A and vice versa without migrating mailboxes to a new exchange .

                      I don't understand this bit - or more I don't understand the "why" of this bit. what is the goal in merging the email systems (before fully merging them?) Email systems talk to each other natively, that's what email does. What do you specifically want these email systems to do with each other?

                      StefUkS 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @StefUk
                        last edited by

                        @StefUk said:

                        @Dashrender said:

                        @StefUk said:

                        are not looking at saving money or justify expenditure I was just reaching out to understand how we can incorporate the apps

                        Are you merging the datacenters?

                        What are the applications, specifically? Sometimes different apps have different requirements, so a blanket response will be of little help.

                        both companies have a fully working infrastructure in house. In two months time company B will move in to company A. company B computers will be plugged in to company A data center ( infrastructure). at that stage, if the new merged company infrastructure ( company C ) is not ready how can i mitigate the move.

                        The core application are
                        specific legal - accounting package and document management. ( different for company a and b at the moment - the plan is to move company b to company A app)
                        Email - exchange ( one server for each company )
                        file and print server
                        AD
                        Remote desktop
                        SQL dictation package
                        a legal form package

                        and some other generic apps like antivirus - internet filtering etc

                        I guess the biggest question is... what is the end goal? One single AD, one email, one application or is the goal to keep operating as two companies? I get that you might not want to jump all of the way to a fully merged company on day one, but it sounds like almost as much effort to hold off on the merging of everything but the applications themselves than to just merge it from the beginning.

                        Why not just make a new AD system and a new Exchange system and move everyone equally to a single, new, pristine environment designed from the ground up for the operations of the new company?

                        StefUkS 1 Reply Last reply Reply Quote 2
                        • StefUkS
                          StefUk @scottalanmiller
                          last edited by

                          @scottalanmiller said:

                          @StefUk said:

                          @Dashrender said:

                          @StefUk said:

                          are not looking at saving money or justify expenditure I was just reaching out to understand how we can incorporate the apps

                          Are you merging the datacenters?

                          What are the applications, specifically? Sometimes different apps have different requirements, so a blanket response will be of little help.

                          both companies have a fully working infrastructure in house. In two months time company B will move in to company A. company B computers will be plugged in to company A data center ( infrastructure). at that stage, if the new merged company infrastructure ( company C ) is not ready how can i mitigate the move.

                          The core application are
                          specific legal - accounting package and document management. ( different for company a and b at the moment - the plan is to move company b to company A app)
                          Email - exchange ( one server for each company )
                          file and print server
                          AD
                          Remote desktop
                          SQL dictation package
                          a legal form package

                          and some other generic apps like antivirus - internet filtering etc

                          I guess the biggest question is... what is the end goal? One single AD, one email, one application or is the goal to keep operating as two companies? I get that you might not want to jump all of the way to a fully merged company on day one, but it sounds like almost as much effort to hold off on the merging of everything but the applications themselves than to just merge it from the beginning.

                          Why not just make a new AD system and a new Exchange system and move everyone equally to a single, new, pristine environment designed from the ground up for the operations of the new company?

                          i think that is the most sensible way forward instead of trying to figure out a way of integrating the two ..without VPN of course 🙂

                          scottalanmillerS 1 Reply Last reply Reply Quote 1
                          • scottalanmillerS
                            scottalanmiller @StefUk
                            last edited by

                            @StefUk said:

                            i think that is the most sensible way forward instead of trying to figure out a way of integrating the two ..without VPN of course 🙂

                            How does the VPN help, though? I think a VPN does something different than assumed. If you are using RDP they are already integrated. The VPN is just a red herring, extra work. It's not providing anything, right?

                            1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller
                              last edited by

                              For example, NTG is integrated with its remote users, but there is no VPN. In our case it is not because we are using RDP, but it is the same difference. If we implemented a VPN, people might feel like the VPN was handling some part of the integration, but it is not, our applications are doing that. If we turned on a VPN the VPN itself would be idle, doing nothing. It might look to someone doing a quick audit that it was serving a purpose, but you would be able to turn it off and everything would work the same as before.

                              hobbit666H 1 Reply Last reply Reply Quote 0
                              • hobbit666H
                                hobbit666 @scottalanmiller
                                last edited by

                                @scottalanmiller Still waiting for your report/article on NTG's rise to a LANless design 😄

                                1 Reply Last reply Reply Quote 1
                                • DashrenderD
                                  Dashrender
                                  last edited by

                                  The biggest issue I see on day one of moving the hardware from company B's location to company A's location will the an IP schema issue.

                                  There are two possibilities here:

                                  1. both networks use the same IP scheme (i.e. 172.16.1.x/24) and have devices that are assigned the same IP. For example, they both have servers on IP 172.16.1.1.
                                    I'd solve this by changing the servers/printers/switches, etc to IPs not in use on company A. then you can just plug them into the network there and continue to work as if nothing has changed.

                                  2. networks use different IP schemes (i.e. A - 172.16.1.x/24 and 10.0.0.x/24)
                                    This situation is a bit easier assuming the default Gateway in company A can be multi-homed (have two or more internal networks). You have a few choices. Create a VLAN for company B's IP range, create an interface on the firewall for this new network, assign all ports for the company B computers/servers, etc to the new VLAN. Another option would be to bring company B's switches over, use them for company B computers and connect them also to the new port created on the firewall.

                                  J StefUkS 2 Replies Last reply Reply Quote 2
                                  • J
                                    Jason Banned @Dashrender
                                    last edited by Jason

                                    @Dashrender said:

                                    1. networks use different IP schemes (i.e. A - 172.16.1.x/24 and 10.0.0.x/24)
                                      This situation is a bit easier assuming the default Gateway in company A can be multi-homed (have two or more internal networks).

                                    That's adding complexity (and Latency) for no reason.. Just rescope. You almost always have to rescope with mergers anyway.

                                    DashrenderD 1 Reply Last reply Reply Quote 1
                                    • DashrenderD
                                      Dashrender
                                      last edited by

                                      As for the VPN's, as Scott mentioned, assuming you are only using them for RDP access, get rid of them. Instead create the firewall rules that allow RDP access to the RDS servers directly. If you don't have multiple IP addresses at the firewall, there will be more work to do.

                                      But if VPNs are used for more than RDP, have all locations converge on company A's firewall and get rid of company B's firewall (the main office one, obviously the remote offices will need to keep theirs).

                                      scottalanmillerS 2 Replies Last reply Reply Quote 2
                                      • DashrenderD
                                        Dashrender @Jason
                                        last edited by

                                        @Jason said:

                                        @Dashrender said:

                                        1. networks use different IP schemes (i.e. A - 172.16.1.x/24 and 10.0.0.x/24)
                                          This situation is a bit easier assuming the default Gateway in company A can be multi-homed (have two or more internal networks).

                                        That's adding complexity (and Latency) for no reason.. Just rescope. You almost always have to rescope with mergers anyway.

                                        I gave options, not recommendations - though if you're looking at my list of options as a list of recommended ways of doing this, the option 1 is above option 2, which is more or less what you were saying.

                                        1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @Dashrender
                                          last edited by

                                          @Dashrender said:

                                          As for the VPN's, as Scott mentioned, assuming you are only using them for RDP access, get rid of them. Instead create the firewall rules that allow RDP access to the RDS servers directly. If you don't have multiple IP addresses at the firewall, there will be more work to do.

                                          And put in an RDS Web Gateway. Works great and covers any security concerns by creating SSL connections for the RDP.

                                          1 Reply Last reply Reply Quote 2
                                          • scottalanmillerS
                                            scottalanmiller @Dashrender
                                            last edited by

                                            @Dashrender said:

                                            But if VPNs are used for more than RDP, have all locations converge on company A's firewall and get rid of company B's firewall (the main office one, obviously the remote offices will need to keep theirs).

                                            Yes, one way or another the VPN infrastructure sounds like it has to be addressed, and I mean has to be or things won't function. So no matter how much we feel like sticking our heads in the sand or acting like this isn't a core decision point, it really is. It's unavoidable. If AD, Exchange, RDP or anything else is to be discussed, the VPN is part of all of those and cannot be treated as a foregone conclusion because the existing VPN system won't work with the intended future design(s).

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 3 / 7
                                            • First post
                                              Last post