Hi friends,
Just wanted to know basically if a requirement is supported in the FWSM or not.
There is a FWSM 3.1 blade on the 6500. The main intention of purchasing it was to protect traffic to and from Server VLAN's. There are totally about 12-13 servers grouped into 2-3 server VLAN's.
What is unique about the customer's requirement is that:
- there are servers on the same SUBNET that also need to be protected from each other!!! I am wondering if this is every possible. Moreover, these servers are not connected to the 6500 directly. They are connected to an access switch and the access switch connects to the core. So, the traffic will never pass to the core at all. Is there a possibility that I can physically segment such servers to separate switches and put the FWSM in between them. I heard that there is something called bridging VLAN's? I am not sure about this.
- the second unique requirement is that there are vendors who login to the servers remotely to provide remote application support. These vendors should not be able to access other servers just because they have reachability to one server. I am wondering if this kind of protection can be provided at network level? At host level, may be there is a possibility.
I am very sorry if i am asking any dumb questions. But if its possible, i would really appreciate any pointers to further directions in this regard.
Thanks a lot Gautam