I'm looking for a cost-effective firewall/router/switch solution to enable us to isolate specific LAN hosts or small subnets from the rest of our LAN. The idea being to provide third-parties access to those hosts but prevent them from potentially attacking other hosts on our network.
We already have a solution for providing the remote access but just need to isolate the hosts/small subnets.
The ideal device would have 4 or 5 ethernet ports and allow us to set fairly simple rules between hosts on those ports and our LAN, along the lines of...
From : Secure Access Device To: Isolated Servers Service : PCAnywhere ? MS Terminal ? Citrix ? HTTP ?
From : Isolated Server - Port 1 To: LAN Service : FTP
From : Isolated Server - Port 2 To: LAN Service: SMTP
Additionally the device might do some simple static routing.
There are plenty device out there that can do this but they also tend to do a lot more besides so the cost can often become quite prohibitive. The above is all we really need this box to do. We were hoping to find something in the £400/$750 range. Equally we also prefer to avoid buying small SOHO type devices for every single host/subnet we want to isolate.
Is there such a box out there? Any help would be greatly appreciated.