Specify the following firewall rules:
1. Block any traffic heading for Snapgram from either the Internal or Sales networks
2. Block any traffic heading into either network from any IP address
starting with 43.11x
3. Only allow connections to Sales network that originate from the Internal network.
4. Only allow connections from the Sales network into the
Internal network
and to the cloud backup server.
5. Block all other traffic.
1. Block any traffic heading for Snapgram from either the Internal or Sales networks:
- Source: Internal network or Sales network
- Destination: Snapgram
- Action: Block
2. Block any traffic heading into either network from any IP address starting with 43.11x:
- Source: IP addresses starting with 43.11x
- Destination: Internal network or Sales network
- Action: Block
3. Only allow connections to Sales network that originate from the Internal network:
- Source: Internal network
- Destination: Sales network
- Action: Allow
4. Only allow connections from the Sales network into the Internal network and to the cloud backup server:
- Source: Sales network
- Destination: Internal network or cloud backup server
- Action: Allow
5. Block all other traffic:
- Source: Any
- Destination: Any
- Action: Block
1. Block any traffic heading for Snapgram from either the Internal or Sales networks:
To block traffic to Snapgram from the Internal and Sales networks, you need to create an outbound rule on the firewall for both networks. The rule should drop or reject any traffic with a destination IP address corresponding to Snapgram. The specific steps to create this rule will depend on the firewall software or hardware you are using. Consult the documentation or interface of your firewall for instructions on how to add a rule with the desired parameters.
2. Block any traffic heading into either network from any IP address starting with 43.11x:
To block traffic from IP addresses starting with 43.11x to either network, you need to create an inbound rule on the firewall for both networks. The rule should drop or reject any traffic with a source IP address starting with 43.11x. Again, the exact steps to add this rule will depend on your specific firewall solution.
3. Only allow connections to the Sales network that originate from the Internal network:
To allow connections from the Internal network to the Sales network while blocking everything else, you need to set up an inbound rule on the firewall for the Sales network. The rule should allow traffic with a source IP address corresponding to the Internal network and a destination IP address corresponding to the Sales network. Ensure that the rule is placed above any blocking rules in the firewall's rule order.
4. Only allow connections from the Sales network into the Internal network and to the cloud backup server:
To allow connections from the Sales network to the Internal network and the cloud backup server while blocking everything else, you need to create an outbound rule on the firewall for the Sales network. The rule should allow traffic with a source IP address corresponding to the Sales network and a destination IP address that matches the Internal network and the cloud backup server. Position this rule above any blocking rules in the firewall's rule order.
5. Block all other traffic:
To block all other traffic that does not match the specific rules mentioned above, you should have a default deny rule at the end of your firewall configuration. This rule will drop or reject any traffic that wasn't explicitly permitted by previous rules. The specific steps to set up a default deny rule may vary depending on your firewall solution. Consult the documentation or interface of your firewall for instructions on how to configure a default deny rule.