x Exclustion (nat 0 ) LAN to DMZ
x ACLs en sortie


- Static NATing WAN to DMZ
	- http => agile
	- ssh => call manager
	- https => call manager

- Monitoring
- Client VPN
- Site-to-site VPN


- NTP (8-4)

. ACLS which allow

  - LAN-WAN: http, https, ftp
  - LAN->DMZ: http,https, ftp, rdp