Pardon the stupid question. We have a RED 15 in a remote site on the other side of the planet, and a UTM in the local headquarters. The RED 15 is running in Standard/Unified mode, and the two networks are bridged into a single common network. All network traffic from the remote office is routed through the RED 15 tunnel, through the UTM, before it reaches the headquarters network or the internet.
I have an infected device in the remote office, turned off. I need to get it fixed, but do not want it attacking computers on the local network or the headquarters network, which are really the same network.
If the infected device were on a hub or unmanaged switch in the local network, then it could see and attack other devices on the LAN, bypassing the UTM firewall. That is my concern. My goal is to give the infected device access to the internet to update its anti-malware, but prevent it from seeing or attacking other devices on the remote network behind the RED 15 or the headquarters network behind the UTM (which are the same LAN, of course). Here is my plan:
* Disconnect the other devices in the remote network behind the RED 15.
* Give the infected device a fixed IP address.
* Configure the UTM firewall so that the infected device cannot reach the devices in the headquarters, and cannot reach anything on the internet, other than updating its anti-malware.
HERE ARE MY QUESTIONS:
-> Can I configure the UTM firewall so that the infected device on a fixed IP address behind the RED 15 cannot reach the other devices on its headquarters LAN behind the UTM?
-> If not, can you suggest a way to allow the infected device behind the RED 15 to reach restricted addresses on the internet, but nothing else, especially nothing in the LAN?
This thread was automatically locked due to age.