Wednesday, November 8, 2017

Need help figuring out how to give external vendor access to phone system to completely manage it.

Basically, we have a contractor coming in and handling our phones for our call center.

The way I see it I have two options. They require SSH access to their ASA to manage everything:

1.) Put ASA in DMZ and poke a bunch of holes in our firewall to allow ASA DMZ > Server Internal.

2.) Plop the ASA in the internal network so they can have a straight shot in and not have to poke holes in the firewall. No DMZ at all

We almost always do #1 for all external services, but these guys want ports 23/3389 open to manage their shit and I don't really feel comfortable popping open a hole in the FW for those ports.

What is the best way to go about this?



No comments:

Post a Comment