Search the Community

I am completely new to Configuration Manager. Currently I am planning the infrastructure for our brand new implementation of Configuration Manager 2012. I am looking for recommendations on how to set up the infrastructure components to support about 150 permanently remote users who only connect via a cisco vpn. We will have both a CAS and a single Primary site. 1. One option would be to just treat these users like any other group. They would report to our primary site like all the rest and when they connect over VPN then things would work. With this scenario I'm a little unsure of how boundary groups should be configured though. I would like to keep the 150 special users managed separately from the rest of our normal laptop users but when they connect they would all get the same vlan from our VPN. I think that I could get a separate VPN range for them though so maybe that is easiest? 2. I'm not totally sure what might be other good options. Make another Primary or Secondary site just for these 150 remote users? Put the potential new site out in a dmz, and leverage our corporate pki? Any advice for the pki infrastructure and site configuration would be very helpful. The documentation for this option, both online and in my book is very sparse. Thank you in advance. -Ryan