I'm working on a project where I need to create a DMZ for remote desktop access. Unfortunately, I was not in on the planning and can't order any hardware or software that wasn't already purchased. I was able to convince the team to use a dual firewall DMZ but they purchased two ASA 5515-x instead of 1 from two different vendors.
I'm okay with the setup but I'm stuck on one part in the planning. I have two types of users accessing files on a share that's not a part of the DMZ. I have users that are actual employees, I'll use a gateway to access files on that share. But I also have contractors who'll need access to files on that share too. Because the files are confidential I can't place the share in the DMZ.
What's the best way to have contractors access those shares without placing it in the DMZ. I'll have the contractors on a completely separate server that is in the DMZ. I'm just not sure how to give that contractor server access while still being secure as possible.
Software/Hardware used: ASA 5515-X; Server 2012 R2