2 NICs, 2 networks, security issue?

[Johan H]

I use a FreeNAS for backup purposes in our Windows network.

Currently it's setup on our company main network, 10.80.11.X, and Veeam is pushing backups to the FreeNAS cifs share.

I'm thinking of adding another network card to the FreeNAS server and start using it also to backup our "tech network" that is separated from our main network. The tech net is on subnet 192.168.10.X.
I would use a separate cifs share on the FreeNAS for this purpose.

Would this in any way be a security risk, to have two network cards in the FreeNAS server and have it hooked up to both networks?

 

[anodos]

If the freenas server gets compromised, the attacker will gain access to the 'tech network' and vice-versa. If you enable SSH access for regular users on the freenas server, they might be able to tunnel through the freenas server to access the other network. Those are the first two things I can think of.

Also the NetBIOS name service will be running on both NICs. If the FN server is the master browser, an attacker might be able to use the browse list to scout out the other network.

As long as you restrict SSH, I believe it's reasonably safe. Just make sure to keep it patched.