New network and Server configuration

Discussion in 'Windows Server' started by peni20, Nov 30, 2012.

  1. peni20

    peni20 MDL Novice

    Nov 30, 2012
    Hi all, I'm new here and glad to be a part of the forum.

    Your advice is needed regarding some things and I will try to explain myself as best as I can for my knowledge in that area.

    First, I need to build from scratch a new small office network.
    I’m going to install a new 2008r2 server, create a new domain controller and create users.
    I will need a VPN server, I thought of using the built-in windows server’s VPN ability but I read it’s very un-secured and recommended of using OpenVPN. I hope it’s easy to install and configure it, I’ve never done this before. Maybe someone can confirm or recommend something else?
    As for firewall, does the built-in windows server firewall is enough? Will someone recommend using a different firewall but something not expensive? Maybe even with VPN? Is there something like this available?
    Now, besides that, there is a specific need for hardening 2-3 computers to connect to a remote network.
    These computers needs only one thing – RDP to a remote computer. That’s it. No internet access, no USB keys, nothing. I thought of creating a policy which will block by windows firewall every connection besides RDP and also will block USB keys and etc., but if one will connect with RDP and can share local resources, he will be able to copy stuff to his computer from the remote one – something I’d like to prevent.
    On the remote network, I will have Cisco firewall and VPN, I don’t know the model. Anyone knows if Cisco’s firewall have the ability to allow specific computers to connect to specific servers and other computers only to other specific servers?
    I apologize for the length and for my English (it’s far from being my native languge).
    I will much appreciate any effort of help in any way.

    Thank you all and enjoy your weekend.
  2. Bearfoot in the Sand

    Nov 30, 2012
    :biggrin: GOT IT! Thanks to all for the help. I used '8GadgetPack' and it works like a charm - got all my lost gadgets back:)
  3. imapc

    imapc MDL Novice

    Dec 28, 2009
    Is there a reason you wouldn't consider Small Business Server Essentials instead of 2008r2? And for VPN, are you expecting to get hacked? Are you storing/transferring highly sensitive data? Maybe a SonicWall device at each end?!

    As for hardening, have you considered thin clients or software RDP clients (Cult boot or ThinStation)? This removes the possibility to store, much less share and copy data.
  4. sebus

    sebus MDL Guru

    Jul 23, 2008
    Would do the same as imapc above

    Use hardware device (as you going to need something anyway to connect to Internet) & you do not need to expose your server at all to anything

    Yes, might be more expensive, but let do it right from start!