Scribd Logo
Upload

Welcome to Scribd!

  • SEC0308 Diagram

    Uploaded by

    Petko Kolev
    14 views1 page
    The security policy allows DNS, NTP, ICMP, and traceroute traffic from any source. It allows RDP and web access from VLANs 32 and 64-65 to an external site. It also allows access to Office 365, Dropbox, and Concur from any source. High risk applications are denied and business systems are allowed from any source. Internet access is allowed for web browsing and browser-based applications from any source.

    Original Description:

    Original Title

    SEC0308-Diagram

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The security policy allows DNS, NTP, ICMP, and traceroute traffic from any source. It allows RDP and web access from VLANs 32 and 64-65 to an external site. It also allows access to Office 365, Dropbox, and Concur from any source. High risk applications are denied and business systems are allowed from any source. Internet access is allowed for web browsing and browser-based applications from any source.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    14 views1 page

    SEC0308 Diagram

    Uploaded by

    Petko Kolev
    The security policy allows DNS, NTP, ICMP, and traceroute traffic from any source. It allows RDP and web access from VLANs 32 and 64-65 to an external site. It also allows access to Office 365, Dropbox, and Concur from any source. High risk applications are denied and business systems are allowed from any source. Internet access is allowed for web browsing and browser-based applications from any source.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 1

    Security Policy

    Infrastructure
    Allow Source: LM-WIN2012-DC1 Destination: Any App: dns
    Allow Source: Any Destination: Any App: ntp, icmp, ping, traceroute
    Sanctioned App
    Allow Source: VLAN32, 64-65 Destination: external.labminutes.com:RDP,SSL/Web-Browsing
    Allow Source: Any Destination: Any App: Group(office365, dropbox, concur)
    Allow Source: Any Destination: Any App: Group(ftp, ms-ds-smb)
    High Risk
    Deny Source: Any Destination: Any App: Filter(Risk 5)
    Bizz Relevant
    Allow Source: Any Destination: Any App: Filter(Business System/General Business)
    Internet
    Allow Source: Any Destination: Any App: SSL/Web-Browsing
    Allow Source: Any Destination: Any App: Filter(Browser-based)

    LM-WIN2012-DC1
    (Domain Controller/DNS/CA)
    Application Server
    192.168.10.12 Website1 external.labminutes.com
    192.168.10.13 Website2
    VLAN32 192.168.10.14 Website3
    172.16.32.0/24 Loopback0
    RDP TCP/3389 192.168.0.1
    .40 HTTP TCP/80,443

    VLAN10
    .1 172.16.10.0/24 Internet
    INSIDE OUTSIDE
    Loopback0 .1
    172.16.0.1 Gi1/0/12 OSPF Area 0 e1/2 e1/1
    SW1 .1 .2
    default
    .251
    BGP AS 200

    BGP AS 100
    VLAN64 .1 LM-GATEWAY
    172.16.64.0/24
    mgmt .250
    LM-HQ-FW1 VLAN192
    192.168.10.0/24
    Loopback0
    172.16.0.2

    LM-WIN10-TEST1

    You might also like