How to Network Remote Locations Togetherby Alexia Petrakos
One scenario that tends to pop up a lot for businesses that have multiple locations is how to share information between these locations. Often, each location may have it's own network, point of sale system, accounting or other database software that is completely separate from the rest of the organization, and this creates a huge logistics problem when trying to run the business as a whole. Obviously, the ideal setup would be to have all of the separate locations use the same datasource by networking them together, but for small to medium-sized business owners who have little to no IT staff, this may seem like a daunting task. They may have no idea where to even begin. The purpose of this article is to provide a broad view of the technology and steps required to network your remote locations together.
Since the premise is to connect the locations to each other across the Internet, then the first thing you will need to do is make sure that each location has its own Internet connection. You have to go broadband, either DSL or cable. Dial-up will not cut it. If you are in a rural area without DSL or cable, you can use T-1 or ISDN, but it's slower and a lot more expensive. Make sure you get a business class service. That way when your Internet connection goes down the ISP (Internet Service Provider) is not dragging their feet to help you get back up. Your locations are henceforth going to be dependent on this connection working, and if it's down, business stops. Finally, don't be stingy with the service you pay for. Go for the best upload and download speeds. It'll cost you more, but will be worth it in the end because you will have large amounts of data coming and going from each location.
If you're somewhat familiar with networking, you know that on a network each device has a number called an IP address that identifies it. In the case of an Internet connection, the router or modem that connects you to the Internet also has it's own IP address assigned to it from the provider. This address can be dynamic (meaning it may change everytime your location connects to the Internet) or static (the IP address is set and never changes). Because each of your separate locations is connecting to each other accross the Internet all the time, it pays to have a static IP address for each location, so you will always know what it is. When you get a business class Internet service it will normally include a Static IP address, but if it doesn't, you should ask for one.
Since each location has its own Internet connection, then each location will also need it's own Internet firewall for security. A firewall is a piece of hardware or software that controls what connections get to come in and out of each location. The good news is that most retail routers have a firewall built in. You will have to open up ports in your firewall to accomodate the VPN connections explained below.
VPN (Virtual Private Networking) is the technology that will allow you to actually connect the locations to each other. Each of your locations has its own network, but once you use VPN to connect them they will all be able to talk to each other freely, making them into one huge network. How VPN works is that each location will have a device that creates a VPN "tunnel" to the other location. This device could be a server or a standalone piece of hardware. The "tunnel" is encryped using PPTP, L2TP, IPSEC or whatever protocol the device uses. (It is recommended to use the same VPN devices on each side; it makes setup a lot simpler.) The encryption of the tunnel will protect your data as it flies across the Internet "cloud." Both Microsoft and Mac servers support serving VPN connections right out of the box. Examples of manufacturers of professional hardware VPN devices are: Cisco, Watchguard, SonicWall and Juniper. There are also plenty of inexpensive VPN devices by Linksys, DLink, Netgear and other consumer companies.
The remote locations only need to connect directly to the location that has the database, not to each other. For example, if you have three locations and Location 1 has the database, you only have to make VPN connections from Location 2 to 1 and 3 to 1 and vice versa. You do not need a direct VPN connection from 2 to 3. (Note: 2 and 3 can still talk to each other; they just do it through Location 1.) You will have to setup your routing tables to tell all the devices on your network how to connect to the other networks. How you go about doing this depends on what you're using. It's possible your Router, Firewall and VPN may all be the same device.
Now that your networks are all connected, you can share data between them just like they were on the same network. Note, however, that data being sent across the Internet is going to be a lot slower than on a local network. With that in mind, there are some solutions that work better than others for delivering data and applications across VPN, and it really just depends on what you are using. One of the most popular solutions for delivering applications is called Terminal Services. With Terminal Services you would have a Microsoft Terminal Services server setup at the main location where the database is. The remote locations use a Terminal Services client to connect to the server and each client gets its own "session" on the server. They see a Windows desktop just as if they were working on their own machine, but in reality they are working on the server at the main location across the Internet. The applications run on the server, which has local access to the database, so it's much faster than sending the actual data across the Internet to each location. There are other applications that work well in this scenario including: Citrix, Lotus Notes, VNC, SQL applications and Unix terminals.