Vendor needs access to the internal network remoting into their PC and controller. Planning to add user to vpn user group on SonicWall then have them Remote Desktop to their PC on our network (other staff needs to access this PC as well that's why it needs to be on the network).
The vendor will only have access to the ip of the PC and controller from the VPN settings but, if they authenticate on the network, they would be able to browse and see other resources, correct so need something to knock that down.
I dont have a vlan setup. I didnt want to create another domain. Any recommendations about securing this scenario?