HomeManagement/MSPBackup/BDRServicesSupportCase Study

I.T. Asset Management & Preventive Maintenance
The V-Group, Inc.
818.240.9569
CS0001 - Disaster Recovery - BDR/Virtual
CS0002 - VPN with Sonicwall
CS - Blackberry/Exchange
CS - Corporate efax
CS - Upgrade to SBS2008
CS0002 - VPN with Sonicwall


CASE STUDY - 0002
VPN site to site using Sonicwall Firewalls 

Got Privacy?  Get it with a Virtual Private Network that encrypt's your data while it is transversing over the world wide web.

Problem: Creating secure connection from main office to a branch office.
Technologies used: Sonicwall TZ190 wireless device and Sonicwall TZ150    
Managed Service Contract
Senior Techinicain in Charge: Raymundo Manriquez

Downtime: None
Data Loss: None
Disaster Recovery Cost Labor: $

In this case, a company is branching out to another geographical location.  The plan of action is to internetwork the two locations with a secure connection that will allow sensitive information to be transferred from site to site.  This connection will also give the company the network scalability assurance of any future growth, a cost in saving from renting leased lines from the telephone company and centralized control of operations.  The new location employees will be able to work non traditional business hours if needed even if the main offices are closed.


Senior Technician in charge
Ray Manriquez
ray@thevgroup.com

Employees in the Norco office need access to company shared files and resources from their main office in Glendale. The Norco office has a DSL connection, while the Glendale office has a static ip and is protected by a Sonicwall TZ150 appliance. Creating the necessary security environment to transfer data between the two offices will require the creation of a site to site virtual private network.

We decided to purchase the Glendale central office a Sonicwall TZ190 Wireless appliance and send the Sonicwall TZ150 appliance to the Norco office. With the capabilities the TZ190 offers, the implementation and management of remote sites which require secure access to Glendale servers, are easily achievable for any future company expansions.

Settings from the TZ150 Standard firmware were manually copied to the new TZ190 Enhanced firmware. Once the settings were copied over, the transition to the new TZ190 required that we disconnect the WAN cable from the TZ150 and plug it into the WAN port on the TZ190. We also just had to move the switch port cable from the TZ150 to the TZ190. The physical transition took less than ten seconds, that fast and easy, once all settings were configured on the new device. 

Once the new TZ190 was in place and everything was confirmed to be working correctly, we had to ship the TZ150 out to Norco. Once the Sonicwall TZ150 arrives in Norco, it is setup with to receive a DHCP address from the modem. The Local Area Network (LAN) for each site must have different network id’s and thus the Norco office was setup with the id of 192.168.10.0. The Glendale office has the 192.168.0.0 network id.

VPN’s are now setup on each Sonicwall with, IKE using preshared secret, to exchange encryption keys and start authentication with a shared secret. Each sonicwall is also setup with a unique identifier so it can be located on the internet. Once the Sonicwall make contact with eachother, the data they send to eachother is encrypted with the Triple Data Encryption Standard (3DES). The tunnel is complete.



Now that both sites are talking to each other through this secure tunnel, employees can work as if they were in the same office and owners can rest assured that data being transferred between sites is safe from brute force attacks.


10100000110011001111000011000000100010001111111110000000110000001010101011111111101000001100000010100000101000001100110010001000
HomeManagement/MSPBackup/BDRServicesSupportCase Study
Technically we do I.T. better