Dear All,

I am setting up the IT infrastructure of a small company (staff of 10 in
the UK and Japan). We are in need of a remote data center with a secure
access (mostly for confidential file sharing). We would like to
outsource as many things as possible and obtain a simple, yet secure, IT

Please note, I am IT savvy, but I'm no IT professional, and I am
therefore looking for relatively basic advices and guidelines. For now,
I would go with the following ... any comment?

- datacenter:
: a dedicated server such as provided by
: a physical firewall
: Windows Server 2003
- secure access:
: Windows VPN client/server solution
(company staff have all Vista x86 or x64)

Regarding VPN authentication: I would prefer to use password-based
authentication with strong password policies rather than security token
cards. What options do I have left? Is Windows VPN client/server a good
option? Are MSCHAP2 or EAP difficult to implement? Are there better (and
cheaper) VPN client/server solutions available?

That's a lot of questions for one post... but any help would be much