It's kind of a am I doing this crap right kind of thing.
So at each site I need a router to connect to the Internet, I have a layer 3 switch and patch panels to connect the work stations, telephone switch and a VPN concentrator.
Right now, where I am running into problems is encryption (we haven't reached this part yet so I'm confused). I would use the firewalls in the routers and a VPN concentrator that supports both IPSec and SSL. Also running an SSH server with Kerberos and and multifunction authentication. Am I heading in the right direction here?
We don't have to get super detailed as in what software and blah, blah, blah