ok following on from your comments:

"All I wanted was a centralised application server located in Headquarters(which is malaysia), from where client(from Malaysia, Singapore, Hong Kong) in other countries can run their applications. And all the manipulation done by clients on application should be stored centrally at that central application server. I guess, I am making myself clear this time".

- How about some kind of terminal server/citrix setup? that way folks all work on your central server. Easy to scale up, easy to manage, and would seem to solve your probs.

Two factor authentication means that users need two things to access the system - these are commonly split into something you have (e.g. a secureid token) something you know (e.g. password) and something you are (e.g. fingerprint). So maybe users have a password and a secureid token to access your system remotely.

Yes a fractional T3 or OC3 should meet your bandwidth needs.

As far as the frame relay network, i`ve seen them operating a decent speeds, will your users be accessing streaming data? or just the occassional pull down from the server?

As for security, sure play around with snort, but concentrate on a good firewall architecture and policies and procedures in place to ensure that all your servers are pacthed and passwords are strong.

DR is going to dependent on a) how much you can afford b) how critical your data is c) how quick you are going to want to get it, and d) how much you can afford.

Send me the stuff if you like and I`ll be happy to take a look.