Whats there to know really?
- Install 2 SEPM's into a DMZ with a SQL db or instance on a backend cluster.
- Open the firewall up and/or use NAT for port 8014 traffic.
- Create client groups for each company you are providing SEP
- Ensure each SEP client has the sylink.xml that points it to the right group
Your biggest concern will be getting the definitions delivered across the internet rather than a LAN.
If the client has a large number of SEP clients just assign a Group Update Provider.
Should be the exact same configuration as a central site with remote offices just you want to segregate them a little more.
Z