We are planning on setting up another site containing a rack to house some servers. My boss wants as many servers as possible to be put on this rack so there is less space used at our main location. I'm assuming we will just set up a site-to-site vpn between PIX's but I'm curious as to how some services will run when they need to travel back and forth between sites. At a minimum, what should we have at our main site? Domain Controller?
Could we in theory have all of our servers at the other location and just have a PIX set up at our main location providing VPN termination?? Any thoughts or suggestions would be greatly appreciated.
As far as my knowledge goes, as PIX is used for the security purposes, you need to put all the servers in main location and depending on the security level you need, you have to put those servers inside PIX or on DMZ of the pix.
You are going to need to pay careful attention to link performance in your design. Many windows applications are very sensitive to delay, and stopping each packet to encryt it at one end and decrypt it at the other is not going to make for speedy delivery. Serialization delay can also hurt you if the link is less than 10 Mbps. If all you have is a T1, your users are going to be upset. You also don't mention how far apart the two sites are, keep in mind that the speed of light adds another 10 ms per 1000 miles.
Whatever you do, make absolutely sure that data base applications are split at the query level and not between the database engine and the file store. You will probably find it more productive to more precisely characterize the planned network (in terms of delay and thruput) and run it by a Windows guru).
The guideline I use is that clients and servers should be as close as possible, even if it means duplicating some servers (as long as that does not impact data consistency).
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...