Although I recently passed my CT30 certification, I am new to network administration so please forgive any incorrect assumptions in what follows.
I often hear people discuss the need to isolate dedicated network segments with an additional firewalls when adding high vulnerability services--services that VLAN segmentation alone is not a viable security solution.
In the case that one needs to create such a segment on one's network, protected by an additional firewall, does physical hardware need to be purchased to make this happen (an additional UTM or XG box for example)? Or can existing network hardware be configured to create a new (logical) segment that is protected by a "second" firewall?
That is a long question. Please let me know how I can better clarify if what I am asking does not make sense.
Thank you for your thoughts
This thread was automatically locked due to age.
