Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3392
Views
10
Helpful
18
Replies

Network isolation

Go to solution
Vishnu Reddy
Level 1
Level 1

‎02-02-2015 11:35 AM - edited ‎03-07-2019 10:28 PM

 I have a network requirement to acheive where we are installing a LIS software which should be adhereing to the HIPAA Compliance and should be seperated from the existing network infrastructure. Our network has 4510 as the core switch directly attaching to campus. Also a firewall is hanging off the core for Internet. Now internally all the VLANs talk to each other. Going forward the new server should be communicating from a secure vlan and only with the required clients only if permitted. How would i go to implement this in our existing network? I have requirement for 2 VM hosts and storage for that server. Everyone accessing this server should follow the HIPAA compliance guidelines.......

 

Should I implement using access-list in the core by creating a VLAN but i think it wouldn't be that scalable and nightmare for maintance and troubleshooting?

Should I implement it by forcing the traffic through ASA(hairpining) and inspecting the traffic over there on ASA along with static nat and also should i have to permit intra interface traffic?

I am confused about how to implement this solution?

Little help into this or any documentation that would help me to get to the solution.

Thanks in advance.

Labels:
0 Helpful
18 Replies 18

Go to solution
Vishnu Reddy
Level 1
Level 1
In response to Jon Marshall

‎02-26-2015 03:40 PM

Sure was not aware of this feature. Since I am active member of this forum since Nov 2014. I will in the future start rating the answers which are correct. I will keep this in mind when viewing responses sent to me.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Vishnu Reddy

‎02-26-2015 03:45 PM

Mukesh

No problem and many thanks for taking it the right way.

Jon

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Vishnu Reddy

‎02-26-2015 03:40 PM

Mukesh

Many thanks for that.

Jon

0 Helpful

Go to solution
Vishnu Reddy
Level 1
Level 1
In response to Jon Marshall

‎02-26-2015 11:39 AM

There is another approach where i can create subinterfaces on ASA and associate these vlans100 105 and 110 and then connect that physical interface to 8 port managed switch and configure trunking for those vlans as well as other vlans who want to communicate with that app. Based on access-policies I could allow what needs to be permitted.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card