we are planning on ussing the FWSM to protect our server farm and also secure our departments (VLANs) from each other. I just want to know what is the best approach to this comming to security levels. we have 6 departments, 1 development server farm, 1 production server farm, 2 VOIP Vlans and 1 VOIP server farm.
I understand that the security levels in the FWSM is different with the PIX or ASA in terms of explicit permit from high to low security level interfaces.
My plan is to have all the user/department is same security level, say 90 for example, have the server farms on higher security level and obviously the outside on 0. will this be best practice? if not, what is the best approach/ practice.