Firewall Wizards mailing list archives
VLAN - a semi-firewall related question
From: "Ivan Fox" <ifox100 () hotmail com>
Date: Thu, 21 Oct 1999 17:26:26 -0400
It is a semi-Firewall related question. A firewall for the Extranet allows, say 10 vendors, contractors, to connect to it. There are two options that we can think of: Option 1: Have 10 NICs in the firewall. This option is clumsy, but it is secure in the sense that competitive suppliers cannot sniff each other's data. Option 2: A smarter approach, one says. Have an intelligent switch connecting to a NIC in the firewall. Each port of the switch is isolated, a VLAN approach. Competitive suppliers cannot "peer" into each other's data. Being a non-router/switch guy. How can I configure and secure the switch? I have also heard a router guru mentioned that, in order to provide security, we should not use intelligent switch as someone connect to the console of a switch, he/she can sniff the packets. Any pointers are appreciated. Thanks, C.K.
Current thread:
- VLAN - a semi-firewall related question Ivan Fox (Oct 21)