2
1
I work in security operational center engineer in one company. We manage a lot of customer FW, proxy,..etc. An example of our daily tickets could be the user can't access some site, so we check the customer proxy,...
During our troubleshooting and as we already managing all devices, we have some ways to simulate the user (e.g. in our example, define the customer's proxy explicitly and test).
However and unfortunately We couldn't simulate the user most of the times, so we have no way except calling the impacted user for a live test (e.g. in our example, if the customer uses transparent proxy?...or if he has IPS in his path...)
So my question is if i am managing all devices, is there a way to simulate myself as if i am located internally behind the trust zone of the FW?!, so i can troubleshoot all tickets offline!
I was thinking of the following:
1- Open a rule in the FW to allow me to access inside, then using policy based routing techniques, i can forward my traffic as if it was generated internally. - The problem is how i can ask the browser to redirect all http traffic for example to the FW; if i make it via explicit proxy i have done nothing, and unfortunately i can not set a route in my PC for certain ports.
2- Create a VPN between my PC and the customer FW, and tunnel my http traffic inside the VPN. - The problem is i am not sure if this can be done; i need a VPN client more advanced than the Windows VPN wizard, and need the same on FW.
3- There is already a VPN between the FW and our management server, so can i initiate any traffic from the FW towards my pc, and make like a backdoor behind the FW. - The problem will be off course i couldn't install like ncat in my FW?
For me i would say approach 2 is the most applicable one, like useing the concept of secure remote users?! So i want your ideas and suggestions.
Any ideas
2Eyes bleary from sleep deprivation... I'm mighty glad I re-read the title and confirmed that the third word lacked a second 't' before coming up with a, shall we say 'creative', answer. – Karan – 2013-01-11T03:18:13.163