Please advise on how to correctly separate the networks and what devices should be used and configured. I have two networks - Public (internet access, etc.
) and Private (should not be accessible from/to the Internet, but should be accessible from certain machines on the Public network
). Currently, all computers (belongs to both Public & Private networks
) are sharing the same Cisco 2960 switch, but "separated" by their IP's on the subnets they belong to. For instance,
Public subnet: 192.168.13.x
Private subnet: 192.168.1.x
Computer A on Public subnet has 2 adapters - IP 192.168.13.5 and IP 192.168.1.5
Computer B on Private subnet communicates with Computer A on IP 192.168.1.6
My concerns are:
is this enough to separate the two subnets as they are now
what if Computer A is compromised, would devices on Private network be compromised as well; if yes, what would be a correct way to "completely" separate them and how.