The strategy you outline is a common one and allows network communications to be carefully controlled at a single point; however, it also poses some challenges. First, it increases network latency (which will be noticeable to users) by forcing all of their traffic through the central office. Second, it creates a single point of failure. If the central office loses network connectivity, the remote office will go down as well. This isn't a great topology, especially if you consider the remote office a potential backup site for the central office.
I'd suggest establishing an Internet connection at both offices and using VPN technology to create a secure tunnel between the two for interoffice communication. Supplement that with similarly configured firewalls and content filtering at both locations. That strategy should adequately secure both sites without the drawbacks identified above.
For more information:
- Check out this short enterprise VPN deployment guide.
- What firewall controls should be placed on the VPN? Learn more.
Dig Deeper on Secure remote access
Related Q&A from Mike Chapple
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading