The strategy you outline is a common one and allows network communications to be carefully controlled at a single point; however, it also poses some challenges. First, it increases network latency (which will be noticeable to users) by forcing all of their traffic through the central office. Second, it creates a single point of failure. If the central office loses network connectivity, the remote office will go down as well. This isn't a great topology, especially if you consider the remote office a potential backup site for the central office.
I'd suggest establishing an Internet connection at both offices and using VPN technology to create a secure tunnel between the two for interoffice communication. Supplement that with similarly configured firewalls and content filtering at both locations. That strategy should adequately secure both sites without the drawbacks identified above.
For more information:
- Check out this short enterprise VPN deployment guide.
- What firewall controls should be placed on the VPN? Learn more.
Dig Deeper on Secure remote access
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.