Security Basics mailing list archives
RE: VLAN Security
From: "Ken Terry" <kterry () sympatico ca>
Date: Fri, 7 Feb 2003 13:51:33 -0500
When all users are on the same VLAN, they are on the same network and therefore can see each other. If you want to keep groups separate, for example Engineering from Finance, it makes prefect sense to create a VLAN for each and assign ports (or users) to that VLAN. From a security point of view, it makes much more sense if they can't see each other on the network! (It will also have positive impact on your network since you are breaking up the broadcast domains). Ken Terry (CCNA, CET, CNA) Senior Software Quality Engineer Kama Technologies kterry () sympatico ca -----Original Message----- From: Naman Latif [mailto:naman.latif () inamed com] Sent: February 6, 2003 2:00 PM To: security-basics () securityfocus com Subject: VLAN Security Hi, We have different Cisco Catalyst switches configured for VLANS. With the current configuration 1. All trunks have a native VLAN, which is not used by any User. 2. Management VLAN is other than VLAN 1. We have different VLANs in place, however these are only used for different Servers ,And all Users are only members of VLAN-1 Does it make sense to have all the user ports migrated to a Different VLAN (other than VLAN 1) ? Is there a security advantage in this ? Regards \\ Naman
Current thread:
- VLAN Security Naman Latif (Feb 07)
- RE: VLAN Security Ken Terry (Feb 07)
- RE: VLAN Security marco misitano (Feb 07)
- Re: VLAN Security Rich MacVarish (Feb 07)
- <Possible follow-ups>
- RE: VLAN Security Ethan (Feb 07)
- RE: VLAN Security Clinton McGuire (Feb 07)
- RE: VLAN Security Ryan Smith (Feb 27)