- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Supplier remote access
As a production company we have may external suppliers who deliver machines or software to support our product processes.
Many of these suppliers will always try to bring their own router to be able to support the machine or software.
Often these machines or software also need to exchange data with internal machines or software.
I need your opnion here. How do you handle situations like this? What kind of policy you have here. And what is the best solution in these situations? Place them behind a separate mx for each supplier?
Solved! Go to solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Place them behind a single MX with each on their own VLAN would be my suggestion although how many suppliers at any one time would you have onsite?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I wouldn't allow third-party network equipment to be connected to your internal network.
I often put them on their own VLAN, for a VLAN separate from the internal network, and provide them with VPN access to their devices.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Place them behind a single MX with each on their own VLAN would be my suggestion although how many suppliers at any one time would you have onsite?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It can vary, from one to ten or fifteen per location.
Depends on the level of automation within a location.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Then you have the same thought as me. But it is something that has been accepted for years, but in my opnion cant be any more.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I agree. The threat landscape has evolved, and security systems and practices must evolve as a result.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
agree with everyone, set up a separate VLAN just for them and if not required, just hand out a static IP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you all for your answers. This helps me.
