I've inherited a DMZ network that doesn't follow good security principles. Some hosts in the DMZ are dual-homed and the 2nd network connection is directly on the internal network:
Internal --- ASA ----- Internal Network
(The DMZ is directly connected to the ASA as well but I can't draw it clearly)
What I'd like to do is reconfigure it so I have a dual-firewall setup:
I'm having a difficult time conceptualizing a plan of attack for this work. Can anyone give me their overview on how they'd tackle this task?
Thanks in advance,