Link to home
Start Free TrialLog in
Avatar of sunhux
sunhux

asked on

Is proxy still needed after Internet segregation?

We are segregating users PCs that could access Internet from
Production/servers network.

With this segregation in place, is it still essential to have a proxy
for the users PCs that access Internet?  The PCs have AV installed.

The argument is if the users PCs are infected, we can just wipe
them out & reclone & there's no sensitive data stored in them.

Next is if the PCs are used for email access, then should it be
segregated from the servers' network or it should be part of
the users network that could access Internet (other than the
MS Exchange which we use O365 in Cloud)?  I've seen emails
is possibly the top vector of malwares, sometimes accounting
for more than 80% of malwares (including malicious PDF &
phishing links/attachments in them), so my view is emails has
higher risk than Internet access.
Avatar of sunhux
sunhux

ASKER

My personal view is it is still good to have proxy for those PCs
that access Internet even if the PCs don't hold sensitive data
but ransomware/malware disruptions can result in loss of
productivity  or downtime to the 'low-priority' PCs
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sunhux

ASKER

One extra question:
What are some free proxies out there that could do blacklisting (& possibly greylisting)
as well as auto-block by know malicious sources (eg: get updates from SpamHaus,
AlienVault, bad Reputation sites & known sources of malwares)
Avatar of sunhux

ASKER

Ideally the free proxies could also stop users from downloading executables or
a specified file types.  No plan to go for commercial ones like Bluecoat
Better to have a new question to solicit instance of the proxy. Actually may even want to consider cloud proxy in Azure