1. i am having cisco 6509, 4506 and some other switches
in the network. i want to prevent my servers from the internal
network there are nearly 20 servers.
let me be clear. i have 2 DC and rest are web servers
with 600 clients and all are in same ip range. what i want
is if my clients want to access the servers they shouldnot
be able to access the servers. which is the better way
to protect. i am thinking of enabling VLAN between the servers and clients by enabling only required ports for dns,http, and others does this work or which is the better way .
2. i also have some l2 switches some are managable and some are not how do i block the ports on unmanagable switches.
3. i am having vulnerabilit check from outsided persons which would be the better way