Hi guys, I work at a medium office ~ 250 users and around 80 servers mix of physical / virtual. I am mainly a sys admin so I am looking for some advice on how people secure their networks.
We are currently planning a large project to migrate to a completely upgraded network, and as part of this I am looking to drastically increase the security on our VLANs etc.
I want to restrict access across the network on an as needed. So my two user subnets / vlans would need rules for things like AD, Printing, File access, Web Access, SQL, RDP etc.
Looking at the switches I have now (Dell N3000 series) I would need to create an access rule for each of these, as there is no way to add multiple ports to rules unless they are in the same range. Which none of them are.
So by the time I have added all the rules for my Users, Dev network, Front end / back end servers etc I could be looking at well over 120 different ACLs. Is this normal? It would be very secure but a pain to manage across 11+ switches that I don't plan on stacking.
We do have a UTM device to secure internet acess etc, which we could also use to route / secure traffic. But as this is directly connected to the internet I would presume it would not be recommended / as secure?
Would it be better to have a UTM to connect to the internet, that then routes to another UTM which performs routing / firewall for my internal network? However I would then be essentially doubling / tripling my network traffic, as my switches would have to send from my Access layer, to my communication layer, to the UTM to allow / deny traffic, then back down to the communication layer and back to an access layer switch instead of the traffic just moving across VLANs on the same switch.
Any info / pointing in the right direction would be greatly appreciated. I do have some money available to buy any extra hardware that may be required but not loads.
No comments:
Post a Comment