I'm a sysadmin / network admin at a small shop with 3 IT guys. Being that small, I'm generally a jack-of-all-trades sysadmin / network admin. I'm also relatively new, so I'm not entirely familiar with everything on our network yet. So I was just recently made aware that there is a server running 2003R2 still on our network. One of the other guys and I pitched a fit about it, wanting it gone. The answer was no dice because no one would spend the money to buy an updated license for the software and our current software will not run on 2016 or higher. (It's old. I'm honestly not even sure if it'd run on 2008).
So the compromise was that they get 2 machines to access that server and its data from, none of them have visibility to the internet. No USB access, only CD ROM. The monkey wrench here is that one of the machines is at a remote site connected over VPN tunnel.
My question is - how would you go about isolating this? My first thought was just to create new IP space / vlans at each site and set up the appropriate ACL's at the remote firewall and local firewall that blocks ingress/ egress to the internet and ingress/egress to our LAN. That sounds like the easiest thing to do, but is it the right thing?
No comments:
Post a Comment