I have a private WAN which comprise of mixes of SDH network & MPLS VPN network. This network does not connect to Internet.
The management is not satisfied with the network security, wanted to implemented security measure to the network. They want a perimiter defense to be implemented. A group of people advise to implement Firewall. But, I did not agree as it is not cost effective as the network is not discoverable from the Internet and basically there are no external threat. Attach is a basic network diagram how its look like.
Question: What are the best security measure should this network implement to have high security assurance.