I am kind of new to networking and security but hear is my problem.
My company every Wednesday night does firewall changes but before they do the changes, they have another department (operations) manually validate the firewalls before the changes to see if the change afterward caused any problems. Operations is using a laptop directly connected to its ISP via a DSL connection to act as a customer would coming in to our network hitting different applications and so forth. Hence this validates the outside firewall.
The problem comes in now because upper management now wants a monitoring script to do what the operators would be doing. My company is using UniCenter/ClientVantage as their monitoring tools right now. They were thinking of putting the script on the DSL laptop but security didn?t like that for two reason;
1. Because it has no security, (directly connected to the outside world,
2. In order to run these monitoring scripts, the script accesses an internal server. This isn?t safe if it?s on that outside firewall.
My question is if there is some way we can have this script run on an inside the network dedicated machine, but act as if it was coming from the outside? Meaning that this inside machine would grab the script from whatever monitoring server it needed (as stated above) and then let it act (network/firewall) wise as if it was that DSL laptop mentioned above, so that we can safely test the outside firewall as if we were an outside customer even thought we are starting from the inside, not outside?
I know this was long and confusing, but any help from anyone would be great. Thanks all.