Re: How do you implement VLAN segmentation in your buildings?

[Cal Frye <cjf () CALFRYE COM>]

John Hoffoss wrote:
> > > > On Wed, May 9, 2007 at 12:30 PM, Cal Frye <cjf () CALFRYE COM>
> > > > wrote:
> > There are many advantages to one big flat LAN. How many of your
> > users roam with laptops? Changing IP addresses every time they go
> > up a floor, or to the classroom in the next building, is really
> > rather obnoxious from the user's perspective.
>
> Wireless should be a totally separate VLAN outside of any department
> or building, utilizing a VPN gateway or 802.1x and strong
> authentication to provide your users a secured path to sensitive
> data.

I didn't say anything about wireless ;-)

But we're on the same page, really. VLANs should be role-based, if at
all possible.

--
Regards,
-- Cal Frye, Network Administrator, Oberlin College

   www.calfrye.com,  www.pitalabs.com

"Conservative governance failed, not because of a run of bad luck or a
few bad apples, but because it is deficient at its core." -- Paul Waldman.