Hello Experts
Is there any best practice for segregating the internet browsing (outgoing traffic) and public services (incoming traffic) over two different internet lines. Public services (incoming and outgoing traffic) hosted in DMZ like email gateway service, sslvpn service, ftp service etc should use the dedicated leased line with public IP. Internet browsing through proxy should use the different internet line like ADSL that is cheap as well. The benefit I can think are:
1- If user is unknowningly spreading the virus on internet while browsing, then our public service IP range could get black listed and affected
2- ADSL line is cheap as compare to leased line for browsing
3- ADSL line comes with transparent proxy from service provider that can ensure, if our proxy missed the malicius site then SP proxy could catch it
Please give your inputs