Ok, I've got a fictional scenario to mull over, not for anything serious just a bit of fun, and my limited networking skills (if you can call them that!) are leaving me a little stumped.
Scenario is this:
You have 2 physical sites, site A and a newly installed site B, each on different continents.
They will be connected by an MPLS link, with each site having their own local internet links for browsing/direct web stuff.
Site A is running an AD infrastructure with a single forest.
Now here's the bit I was stumped on network wise.
There is some data held at site A that site B needs to be able to access, however there is also data at site A that site B should never be able to access.
And that's about all the info given.
So how to do you set things up
Now I get that you could add site B to the AD infrastructure (as a site on the existing domain or as a whole new domain in the forest?) and use permissions to control access to the files at that level.
But what else could you do at a network level, if much at all, that could aid this seperation of access to only the data required?
You're not told how the data is held at site A, is it all mixed in together, is it seperated already there, who knows.
As said it's just a bit of fun, came out of a discussion on a practice exam question I was having with someone the other day and thought I'd ask here to see what people thought
Scenario is this:
You have 2 physical sites, site A and a newly installed site B, each on different continents.
They will be connected by an MPLS link, with each site having their own local internet links for browsing/direct web stuff.
Site A is running an AD infrastructure with a single forest.
Now here's the bit I was stumped on network wise.
There is some data held at site A that site B needs to be able to access, however there is also data at site A that site B should never be able to access.
And that's about all the info given.
So how to do you set things up
Now I get that you could add site B to the AD infrastructure (as a site on the existing domain or as a whole new domain in the forest?) and use permissions to control access to the files at that level.
But what else could you do at a network level, if much at all, that could aid this seperation of access to only the data required?
You're not told how the data is held at site A, is it all mixed in together, is it seperated already there, who knows.
As said it's just a bit of fun, came out of a discussion on a practice exam question I was having with someone the other day and thought I'd ask here to see what people thought
