OK let's try again with the request.
We have 4 sites all at different geographical locations.
I want to be able to log in through the internet to an internally hosted server mainly for file sharing duties.
What is the best, cheapest, securist way to achieve this? Perhaps a router with the option to connect an external drive (the File Server) but then I need to automate back ups too in the future so perhaps a NAS can achieve this?
Alternatively each site gets a Open-WRT compatible router and I set up a VPN (never done this before but I can research it.)
The aim is for all sites to be able to:
a) save files to a file server
b) ensure no one outside the business can access the file server
c) automate user data backups from their local profile for instance (users love saving to the desktop)
d) make it as admin free as possible going forward
Any help and pointers woud be greatly appreciated guys!
Best, cheapest and most secure don't mix so if you need to keep your super secret plans for stealing Davros' Holy Grail Of Gaming Goodness secure you should drop a load of cash and get professional grade hardware along with people who know how to work with them.
Second question would be how many users are there at each location and whether those users already logging on to a local domain?
Like you said you could put a Open-WRT router at each side our you could look into something like PFsense. I've never used Open-WRT but I did use PFsense and it's pretty usable. Setting op the firewall and open vpn won't even cost you an hour. The advantage is that you can run it on a old pc or inside a VM. Keep in mind that if you wan't high speed VPN you'll need a cpu to match but the same thing applies to hardware firewalls and I doubt a 50 euro Open-WRT device is going to be quicker than something like a old core2duo.
Anyway PFsense can run inside a VM so you can easily try it out and simulate a network between your 4 locations in your own office.
As for your questions;
A) Not knowing the hardware and software you have currently running you might be able to assign a network drive to all your remote users that maps to your local fileserver. Obviously you'll need to have everybody connect over a vpn and configure your fileserver to only allow the vpn connections access.
If that isn't a option you could use something like owncloud. We use that at work for sharing some fairly unimportant stuff. I haven't set it up myself but I'm sure you can limit access to local (vpn) users. Owncloud works the same as dropbox apart from that.
B) VPN, Firewall, proper configuration on the VPN, Firewall and fileserver should go a long way to assure that.
C) The most admin free way (as far as backupping only goes) would be to set up a local domain at each location, create accounts for each users and let the laptop profile sync with the domain server. Keeping the domain running won't be admin free though.
Assuming maintaining a domain is too much work you could set up a local filesever and use the built in windows backup feature to backup to the fileserver at certain times. You can have then have the fileservers at each of your locations sync with your main server if you feel the need to.
You could also have them backup directly to the server at your location over the vpn but chances are thing might clog the Internet connections.
This solution does require you to configure each pc manually which could take some time though you might be able to automate quite a bit with a batch script. I guess this would work if you have something like a dozen users at each location but if you need to manage 50 or more I'd look into setting up local domains.
D) Something like remote desktop or citrix might actually be the most maintenance free. You can make due with dumb terminals at all your locations as they would just remote into your local server. Might also be the most secure as no files will be stored outside your local server. Though it won't be cheap or easy to implement and the user experience will depend a lot on the available Internet connection. Sames goes for availability. If the Internet connection craps out the whole office will be doing nothing.
So you have various options. I would look into PFsense & a local server for backing up first as the cost of this would be no more than that of 4 half decent pc's and you can first test the whole thing locally in a VM so no need to spend money until you know it works.
