> How prevalent is it to segregate internal use servers away from internal
> clients behind firewalls? What benefits might we gain from the practice?
> What threats are we protected from?

I asked google for more information - you asked this question before, but
what came back could not be used verbatim in a meeting with the sysadmin
group. I could add more vague suggestions, but it will not help.

You need to pay someone to look at your environment (employee or
contractor; competent; I am not interested), and produce a set of
policies and technical measures to implement them.

That will not happen without director or c-level buy-in, and support on
that level is a prerequisite for success (ensures that you will not get
fired for obstructing projects and being annoying).

Marcin Antkiewicz
firewall-wizards mailing list