We're having a problem with bandwidth utilization / VPN efficiency.
Disclaimer: I've had NOTHING to do with this initial setup, I'm just taking over this shitstorm. also, i'm not well versed in WAN setups so please tell me if i'm being an idiot.
That and the fancy visio stuff is to show the non-technical owners.
Our network currently serves 2 companies, Company A (the main company) and Company B (sister / partner company) and they share our internet pipe. (2 bonded T1's)
We are on the same subnet (historically, the second company was a subdivision but split off in the past 2 years)
Now, this is not really an issue except for the following:
Company B has a remote office in Stamford, CT.
We have a VPN to that office, over our internet pipe.
Initially, ALL of company B's servers were in our NY office, but due to "slowness" it was decided (much to my dismay) to move them to CT. (Only relocated the problem, didn't solve it)
Now all of B's servers are in CT.
Right now, B's NY Office is experiencing the major slowdowns. To alleviate it somewhat, we setup a second Exchange server in NY for the NY employees, and that saves them from the headache that is Outlook.
However, their main file server is still in CT.
That means all their home directories, working files, etc have to be pulled across the VPN.
This makes me sad.
Why?
Because Company A has some remote users (plain ol' windows VPN connection) that have to access their work from home.
During the day, during Peak work hours, the remote users are constantly losing connection, company B is constantly complaining of slow file access, and so on.
We will further eliminate some bandwidth usage by setting up a seperate Fileserver for B, in the NY office. We can segregate their files and not worry about replication, because they don't usually work on the same items. (We'll do local backups as well)
If they do, it's a small amount of data (usually a word / excel doc or 3 for administration) and they can connect directly to either fileserver to get it.
Company B also has an MS-SQL based application that they need to access (that server is in CT as well)
Here's where I need your help.
I have 3 different scenarios to present, and would like to know what your best recommendations are.
My first thought was to completely segregate A and B;
Have company B get their own Internet T1 in NY, and then have them get a point-to-point T1 for their connectivity between sites.
This way, NY will have it's own internet bandwidth, CT will have it's own internet bandwidth, and they have dedicated Bandwidth for files / e-mail and database that they all access.
This is costly, however. (Though either or both sites could go SDSL for internet, though at least one site needs a static IP)
My other option would be to again, segregate the 2 companies
have B's NY office get a T1, and run a VPN tunnel to CT again.
Of course, they will be putting internet bandwidth on that as well, but without company A sitting on the pipe, it should be much better.
This is less costly than the first proposal.
My last option would be to get a seperate SDSL line installed at the NY office, strictly for a remote user VPN.
This will quiet Company A's remote users, but as you see the other issues still remain.
My only saving grace in this is that Company B will be relocating sometime this summer, so we only have to deal with this for so often.
However, I am still charged with the task of getting company B setup efficiently and effectively.
Honestly, I think I should go with the Point-to-point T1 / individual internet pipes scenario.
Your thoughts?
Disclaimer: I've had NOTHING to do with this initial setup, I'm just taking over this shitstorm. also, i'm not well versed in WAN setups so please tell me if i'm being an idiot.
That and the fancy visio stuff is to show the non-technical owners.
Our network currently serves 2 companies, Company A (the main company) and Company B (sister / partner company) and they share our internet pipe. (2 bonded T1's)
We are on the same subnet (historically, the second company was a subdivision but split off in the past 2 years)
Now, this is not really an issue except for the following:
Company B has a remote office in Stamford, CT.
We have a VPN to that office, over our internet pipe.
Initially, ALL of company B's servers were in our NY office, but due to "slowness" it was decided (much to my dismay) to move them to CT. (Only relocated the problem, didn't solve it)
Now all of B's servers are in CT.
Right now, B's NY Office is experiencing the major slowdowns. To alleviate it somewhat, we setup a second Exchange server in NY for the NY employees, and that saves them from the headache that is Outlook.
However, their main file server is still in CT.
That means all their home directories, working files, etc have to be pulled across the VPN.
This makes me sad.
Why?
Because Company A has some remote users (plain ol' windows VPN connection) that have to access their work from home.
During the day, during Peak work hours, the remote users are constantly losing connection, company B is constantly complaining of slow file access, and so on.
We will further eliminate some bandwidth usage by setting up a seperate Fileserver for B, in the NY office. We can segregate their files and not worry about replication, because they don't usually work on the same items. (We'll do local backups as well)
If they do, it's a small amount of data (usually a word / excel doc or 3 for administration) and they can connect directly to either fileserver to get it.
Company B also has an MS-SQL based application that they need to access (that server is in CT as well)
Here's where I need your help.
I have 3 different scenarios to present, and would like to know what your best recommendations are.
My first thought was to completely segregate A and B;
Have company B get their own Internet T1 in NY, and then have them get a point-to-point T1 for their connectivity between sites.
This way, NY will have it's own internet bandwidth, CT will have it's own internet bandwidth, and they have dedicated Bandwidth for files / e-mail and database that they all access.
This is costly, however. (Though either or both sites could go SDSL for internet, though at least one site needs a static IP)
My other option would be to again, segregate the 2 companies
have B's NY office get a T1, and run a VPN tunnel to CT again.
Of course, they will be putting internet bandwidth on that as well, but without company A sitting on the pipe, it should be much better.
This is less costly than the first proposal.
My last option would be to get a seperate SDSL line installed at the NY office, strictly for a remote user VPN.
This will quiet Company A's remote users, but as you see the other issues still remain.
My only saving grace in this is that Company B will be relocating sometime this summer, so we only have to deal with this for so often.
However, I am still charged with the task of getting company B setup efficiently and effectively.
Honestly, I think I should go with the Point-to-point T1 / individual internet pipes scenario.
Your thoughts?