We are looking into isolating our servers in our data center and would
like your thoughts on the best way to approach this. We have a mesh network (MPLS) with 14 remote locations and a data center. The data center network ID is 10.10.110.0 and the servers I'd
like to isolate are in that network range (along with PCs and printers).
I'm thinking that what we would need to do is assign one of our switches
to be used just for servers, assign that switch (and the servers) IP
addresses different from the data center (like 10.10.111.x) and connect
the isolated nework with the data center via a muli-homed router. That
connection would allow us a 'choke point' that we could either set up
with a firewall or IPS.