The strategy you outline is a common one and allows network communications to be carefully controlled at a single point; however, it also poses some challenges. First, it increases network latency (which will be noticeable to users) by forcing all of their traffic through the central office. Second, it creates a single point of failure. If the central office loses network connectivity, the remote office will go down as well. This isn't...
a great topology, especially if you consider the remote office a potential backup site for the central office.
I'd suggest establishing an Internet connection at both offices and using VPN technology to create a secure tunnel between the two for interoffice communication. Supplement that with similarly configured firewalls and content filtering at both locations. That strategy should adequately secure both sites without the drawbacks identified above.
For more information:
- Check out this short enterprise VPN deployment guide.
- What firewall controls should be placed on the VPN? Learn more.
Dig deeper on Secure Remote Access
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.