Quote:
Originally Posted by james112
A router converts the WAN to the LAN. It would be critical to see the router settings. In fact, why would a router even be needed if you are not accessing the internet?
|
Not in the business world firewall is the edge of the network the internet edge is where exterior routing protocol such as BGP meets with Interior routing protocol like OSPF. Those routers on the untrust side of the firewall only logs errors, and neighbor logging. The firewall is where the NAT translation is you want those untrust to trust zones to use policies control, URL filtering, and Threat monitoring. Most large enterprise networks use Palo Alto for this. Your logging will show exactly what trusted Private IP translated to public untrusted zone internet IP. Firewall logs are always off loaded to a syslog server.
All you need is a network diagram, IP list of all devices in the private network, and syslog server data going back a few years. Hire some cyber and network guys to spend a month going though it all. Firewall polices might be nice show's how their security was setup we block all IP's to China, Russia, and other countries it's just common to do that. In fact we don't even allow internet access until employee takes training.
If they are using USERID AD connected firewall policy management also good idea to get the AD membership groups see what group has access to what allow polices.
Most of you think of a internet router like a Linksys, dlink. Those are not used in the business world for enterprise internet connections. Business class internet is provided directly using BGP neighboring. This allows you to have same IP's connected to a different provider if you lose one provider continue to function it will switch over to the other public IP on the other router.