Exclusively connecting two networks

1

I have two separate networks - DMZ and core systems. DMZ is exposed to internet via VPN, core systems are obviously not. I need to transfer data between these two networks. One option is to use a jump server, where the data will be transferred to. There are obvious security risks in this solution, and yes I can try hardening, but I will not sleep well at night.

Is there a way to connect a computer exclusively to one network and switch it.

So for example when computer is connected to DMZ, I can switch it to core and vise a versa, but it cannot be in both.

And pls, no firewall rules upgrades

Windys

Posted 2014-12-23T21:12:52.697

Reputation: 111

Answers

0

Assuming you are working with Windows and have two network cards (one for DMZ and one for the core network).

You can enable / disable the network cards using devcon.exe by microsoft

devcon.exe disable "Adapter 1"
IF %ERRORLEVEL% NEQ 0 GOTO ERROR
devcon.exe enable "Adapter 2"
...

You also can let both adapters on and set routes in a skript. I would prefere the enabling / disabling of the adapters, because it's easier to monitor.

marsh-wiggle

Posted 2014-12-23T21:12:52.697

Reputation: 2 357

And if the jump server gets hacked, the attacker will be able to enable both cards and have an access to both networks? – Windys – 2014-12-24T08:33:54.427

Asked: 2014-12-23T21:12:52.697

Viewed: 37 times

Active: 2014-12-23T22:15:15.097