Creating Large Subnet for NPA Access

Question

Team,Good morning and Happy Friday.I wanted to create a separate topic from my previous question. :)I'm creating a large NPA subnet for my networking and server teams, which will need access to the same resources.Instead of having 50 different subnets that include all servers, routers, switches, etc. I created the configuration below. I will also enable the use “Use Publisher DNS” option.  Question: Should I include the wildcard hostnames of our internal domains? Below is an example.Thanks again for your input.

zywong · Answer

Hi Mate, generally when adopting Zero Trust we wont recommend this kind of configuration and in future if you were to tighten the access to break down individual access for group of users it can be a headache. But neither-less this kind of configuration is still acceptable but better approach will be breaking down to individual segments applications and grant the access from there although it might be a huge list to configure but in future it will definitely help the future personnel managing it or even yourself.

Cheers!

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded