Hi,
Can someone tell me if CSA can help in the following
I need to provide remote access to a third party untrusted company to a system they manage via VPN.
It consists of two Unix servers and two Windows servers and runs a web based app which will be accessed on our internal network.
They also need a PC running some kind of VNC type app so they can access the web front end.
They have requested shell access to the unix boxes using SSH and i assume this will mean root
My concern is that once they are logged onto the servers they can potentially attempt to connect to other servers on our LAN.
I'm fully aware of creating DMZs, vaulting etc, however i am also fully aware of the work involved in this as these servers will all need to communicate with each other. As windows servers are also involved, this could also mean portmapper and potentially opening tcp high ports etc etc....basically its a whole can of worms.
So...
Can CSA help me achieve isolation of these servers to outside connections in any way??
Thanks in advance
Paddy