I have a "security" question regarding the use of internal virtual ports.
Now I use for each role a separate Source IP and use this IP in the firewall so that the specific traffic can go through.. But this means I can't use multiple roles for one realm because a realm only takes use of the first Source IP Address and therefore besides the first role, all other roles are blocked and I can't use them.
To solve this issue I would like to use one Source IP address for all roles used by a department. This way I can assign all the roles to the realm of the department. This means also that for one source IP address I need to allow more destination IPs and Ports in the firewall then in my original set up.
My question: Is allowing more traffic for one source IP address on the firewall a security risk or can it be better spread by using more source IP addresses?
I hope my question is clear, if not do not hesitate to ask.