Filtering traffic inside LAN

Tommy Svensson · ‎10-04-2012

Hi.

I have the following setup.

As gateway to the Internet i have a Cisco 2911 router with IP 192.168.20.10.

The company have a lease line to the other companies in their company group, all owned by a single mother company. IP of the gateway for this leased line is 192.168.20.11.

My machines and servers are on the single subnet 192.168.20.0/24.

My problem is the following, i want a machine that has the capability to filter traffic going from 192.168.20.11 to my SAN wich is on 192.168.20.35. Do i use a machine with firewall as proxy and bridging the interfaces on that machine or how do i go about this? Im concerned about this as the other companies connected via this leased line may be infected with viruses and such.

Would be great if someone could givet me a hint on a machine that would do the trick.

Kind regards,

Tommy

Kureli Sankar · ‎10-08-2012

Network-A

|

192.168.20.0/24-----Cisco2911---Internet---

|

Network-B

Are you saying that you want to make sure the 192.168.20.0/24 network is free of virus what you have to do?

You can add an ASA firewall with CSC module and it will scan tcp ports 80, 443, 21 and 25 and make sure the content is clean.

You can read more about it here:

http://www.cisco.com/en/US/docs/security/csc/csc63/administration/guide/csc4.html

-Kureli