"Protect" some of the network devices. How?

Sn1p3r · June 30, 2016, 6:09pm

Hello,

I need some assistance.
Im currently on a business trip, and Im coming back in around 1 and a half month.
But I need to do something now.

I have some curious people in my company that are searching for network bugs.
How can I protect it a little bit?
Make imposible to run a network scan?
Or better make several hosts isolated
So when somebody is using that PC it cannot access some of the local servers? Lets say disable PC 192.168.1.113 from accessing 192.168.1.12 and 192.168.1.157. Possible with filter rules?

Eth1 - Internet IN
Eth2 - Offices
Erh2 - Hotspots
Eth3 - Employee network

barkas · July 1, 2016, 7:46am

Good network design with subnets is the answer here.

Sn1p3r · July 5, 2016, 6:26pm

Currently I cannot make proper subneting.
I need some filter rule if possible.

Just to limit access to several IPs inside network.

chechito · July 5, 2016, 7:10pm

mikrotik devices with gigabit integrated switch allow switch filtering rules

another way is bridging the lan ports, enable ip firewall for bridging and use firewall rules to filter