We are wanting to firewall our server farm that lives on its own VLAN with a UTM/firewall device so we can control who gets access to databases with sensative information.
What is the best practice to doing this without creating new VLAN's etc? Basically what I want to do is have our managed security service provider set up the UTM with an IP address on one of the interfaces on the UTM, and then I want to route all traffic going to that VLAN to that IP address, then the UTM will route or not route traffic to certain IP's depending on the rule sets.
The UTM will be connected to my core 4507R switch.
Am I on the right track here or is there a better way to do this? I have never done anything like this and I am a little lost at the moment.