Sorry if i'm describing the network topology in strange way but; what's the "right" way to get maximum security out of this setup.
FW (Sonicwall TZ 170) | `-> SW (HP ProCurve 2512) | `-> Server-1 | `-> Server-2 | `-> Server-3 | `----------------> SW (3Com Baseline 2024) | `-> Printer-1 | `-> Usergroup-1 | `-> Usergroup-2 | `-> AP (3Com WLAN) | `-> Usergroup-3
Usergroup-1 needs access to Server-1 Server-2 and Printer-1
Usergroup-2 needs access to Server-1 and Printer-1
Usergroup-3 are wireless clients and should not have access to any services. Just internet access.
How should I structure the vlans and firewall rules to get the best network security? The reason for the baseline switch is that the users are physically located on another floor from the servers. Does it need to be replaced with a managed switch?
Any advice on this would be apreciated.
Rgds,
TH