Hello all, hope you are well.
I have been asked to stand-up a Proof Of Concept Sophos UTM to test if we can use the WAF functionality between an internal corporate network and an external Oracle Cloud network.
The comms team have described to me that the UTM will be sat behind a Cisco ASA firewall in a DMZ.
Traffic flowing to the Web Proxy component on the UTM will come from the internal corporate network via the Cisco ASA device and then through the UTM and back out via the Cisco ASA device.
Traffic flowing to the WAF component on the UTM will flow from the External Oracle cloud through the Cisco ASA device and then through the UTM and back out via the Cisco ASA device.
This is all the information I have so far, no diagram or IP Address information.
My concern is that they are expecting the UTM to sit on a single sub-net which would mean the Internal (LAN) and External (WAN) network cards will be expected to have the same IP Address range. So for arguments sake, the internal could be 192.168.0.5 and the external would be 192.168.0.6. My understanding is that the Sophos UTM is bound to have some conflict with this setup as the trusted and un-trusted networks are effectively the same network.
I would expect that the external and internal networks of the UTM should be on different logical networks, and doing this would require two separate switches and using two separate Cisco ASA devices unless the ASA device was able to cope with doing it on one box but using two separate network cards.
I would appreciate the communities view on this scenario and what show stoppers I should be advising the client if having the UTM internal and external network cards on the same network is what they are expecting to do.
Thanks in advance
Dave
This thread was automatically locked due to age.
