4

I have a client with no physical offices, where most of the users work from rented offices (by the hour), their own homes or on the road on laptops. The users (about 20) are roughly evenly distributed between Europe, North America, East Asia and Australia.

The client needs to deploy Active Directory initially to support SharePoint and Team Foundation Server, and would need to be secure and highly available.

One solution I have considered would be to use Amazon EC2 on a VPC private subnet, and have users join the domain via VPN, or a similar solution on Rackspace, but adding adequate firewalling or VPN. Are there any other solutions I should be considering, possibly non-cloud based?

frood
  • 41
  • 1

3 Answers3

1

VPN + firewalling in the could seems like a reasonable solution. One thing to consider, depending on the funding, may be to set up redundant systems across two cloud platforms - possible half on Azure and half on AWS (like Apple seems to be doing with iCould). Amazon has had some embarrassing downtime lately, but their scalability and price are hard to overlook.

The other option is to colo a few servers somewhere and set up the same infrastructure, though that will have a higher overhead in both management and cost.

Also, Microsoft hosts SharePoint as part of Office 365 for customers that pay for that option. AFAIK, they don't have a hosted TFS option though. It can integrate with an existing AD, so that could alleviate even more of what you would have to manage and maintain yourself. You could possibly get away with just a couple of DCs, VPN, and TFS and have SP out at Microsoft.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
  • Thanks for your advice MarkM. I very much like the idea of setting up redundant systems across cloud platforms. I too was burned by the recent EC2 outages, and like the idea of being isolated from failures from the single machine up to the provider level. – frood Sep 27 '11 at 21:51
  • Microsoft are adding a Hosted TFS. It was announced at build, and i think there is a trial floating around somewhere... as for having machines in multiple places, VPC will allow you to host it over multiple availability zones... so having a DC in, say Europe, a Secondary one in US and a third in Asia, all on the same VPC, should allow for full redundancy... – TiernanO Oct 07 '11 at 08:49
1

office365 is a great answer for this, its great for creating virtual offices.

tony roth
  • 3,884
  • 18
  • 14
  • Does Office 365 provide an Active Directory infrastructure that I could then piggy-back other services, such as TFS on? Or would I have to provide this myself. I suspect the latter, in which case I'm back to the original question. – frood Sep 28 '11 at 11:31
  • sorry tfs is on the radar but not done yet. – tony roth Sep 29 '11 at 14:07
  • Office365 does not provide active directory and it is therefore not a solution to this question. – slayernoah Sep 29 '15 at 21:10
0

I'd use a hosted Azure or Amazon EC2 VM to run AD, and then I'd use VDI-in-a-box from Citrix for the actual desktops, as it automates many of the manual vpn/firewalling tasks. Use it behind a free NetScaler or Access Gateway appliance and you should be all set.

alex9183
  • 105
  • 7
  • Could you elaborate on the latter part of the answer? If the AD and VDI infrastructure is hosted on the cloud, how will users be able to connect to their virtual desktops without using VPN? – slayernoah Sep 29 '15 at 21:12