Friday, November 10, 2017

Sophos SG125 Traffic redirection

Hello,

I recently took over the networking at my current employers. Things are a bit messy but I've got my head around most of it. We have a public facing server(intranet.ourcompany.com), it also handles traffic from certain site to site vpns. It currently resides at 10.13.13.98. Under all the tunnels, the traffic is allowed specifically to this ip. We have a windows server 2012 handling the dhcp and dns for 10.13.13.0/24, but this same server is acting as ADDS. It's also part of the flat internal network. I want to segment the .98 server into the different VLAN, which I have already created and test-10.13.100.0/24. The public facing computer doesn't rely on our internal network for anything and it's also a vulnerability I'd rather have separated.

In your opinions, what would be the best course of action?



No comments:

Post a Comment