Hello,
How is the best way to monitor a big environment with multiple locations and also some locations behind firewall?
Thanks,
Adrian
Hello Adrian,
This is a pretty large question depending mainly on if you locations rely on operational perimeter (same network, same polling area for example), or geographical location, or both.
From my own experience, it’s usually easier to have an HA cluster of satellite (or only one satellite if you dont need resilience) to check a perimeter which i link to a zone, if you need to check things beyond this zone, you can use agents (assuming you have a server to put it on)
For firewalls, you usually dont have to worry much since connection direction is both ways, you need to have at least one direction opened, just make sure to have endpoints to know each others in your zones files then.
https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/#endpoint-connection-direction
For main architecture guidelines, you can start here.
https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/
About automation, i’d prefer to let someone else answer since i dont use much.
I would always use the director, because its a good interface for automation.
I’am using Ansible together with the Director. Ansible for agent based hosts which after installation creates the host with the director and Director Import Sources for normal hosts. Maybe in the future everything will be done with ansible.
I prefer satellite per location for connection stability and load balancing. We also use multiple satellites on bigger locations.
I agree with the others. This question has quite a wide spectrum of “correct” answers.
I would also opt for a zone per location. Depending on the workload with one or two satellites or even agents on the monitored hosts.
In the following thread some large scale setups where discussed. Though the main focus was performance maybe you can pull something helpful out of there 
Hello @adrian1 
Did you find the inspiration you were looking for here?
If so, I would like to ask you to pick one of the answers and make it the “solution” of this thread for completion’s sake
If you have further questions, feel free to ask away of course!
Have a nice week!
Feu