red_75116
asked on
Restrict Network Access
How do I restrict network access on a server so it cannot browse out on its subnet or anyone on that subnet can access it?
The server is in an vmware environment. Using a Sonicwall NSA 2400 for firewall.
The server is in an vmware environment. Using a Sonicwall NSA 2400 for firewall.
What network restrictions do you want to apply to the server?
If the control is on a subnet local to the server the external firewall will not be of much use. You would have to implement access rules within a host based firewall running on the server itself.
What kind of server is it?
What kind of server is it?
ASKER
Windows 2008 32bit.
It is a webserver, which will have an external IP address, but I don't want any internal access to it or for it to access anything internal.
It is a webserver, which will have an external IP address, but I don't want any internal access to it or for it to access anything internal.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
On the sonicwall you can make other zones aside from the dmz, if you can plug it into a seperate port than the standard LAN. This would be my favorite so that if you wanted to you could make a rule allowing a developer access to the box for updates or something.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
And, the reason for the separate NIC is that if you have multiple virtual guests, they may use the same physical NIC.