Let's say I have 3 internal networks:
- Company-A
- Company-B
- Guest
There are two companies who share the network infrastructure with additional guest network.
The goal is to block/limit access between those networks but give them full access to the internet outside.
Currently I solved that with the following set of rules:
ACCEPT Company-B DNS Company-A (Give access to DNS Server of company A)
DENY Company-B AnyServices Company-A & Guest
DENY Company-A AnyServices Company-B & Guest
DENY Guest AnyServices Company-A & Company-B
ACCEPT Company-A & Company-B & Guest AnyServices AnyDestination
This setup actually works.
I'm just curious if this is the only method to solve this or if there is a cleaner way.
For example would it be possible to define a destination group which includes the whole internet but excludes all internal networks?
This thread was automatically locked due to age.