Security Basics mailing list archives
RE: VLANs confusing - Explained
From: "Michael Dieroff" <michael () bluescreenit co uk>
Date: Tue, 14 Nov 2006 20:41:03 -0000
Hi Raj, To start with a few points need to be clarified: 1.) VLAN refers to Virtual LAN - This is a layer 2 protocol that adds a header to the frame that identifies the VLAN that the client MAC address or more commonly switchport belongs to. 2.) VLAN's are not there for encryption - they provide logical and broadcast segmentation on a switch. 3.) The open standard for VLAN's is 802.1q - if you are using Cisco devices then you have the option to 'tag' your vlan with the likes of a Cisco protocol called ISL (Inter Switch link) 4.) This means that VLAN's provide security domains in the form of broadcast and subnet segmentation not privacy and integrity of network communications. 5.) VPN's however do provide encryption services. VPN services are typically provided in 2 formats: L2TP/ IPSEC and SSL (I know PPTP - GRE tunnelling is out there, but let's talk about the serious protocols here) These VPN protocols make use of the likes of several encryption and hashing protocols that include DES, 3DES, AES for symmetric encryption and MD-5 and SHA-1 for hashing algorithms and integrity. Are you referring to VPN's or VLAN's and I can elaborate a little more. Mike. Regards, Michael Dieroff --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- VLANs confusing Raj Shaz (Nov 14)
- Re: VLANs confusing Aaron Howell (Nov 15)
- RE: VLANs confusing David Gillett (Nov 15)
- RE: VLANs confusing - Explained Michael Dieroff (Nov 15)
- Re: VLANs confusing Kern (Nov 15)
- RE: VLANs confusing Shain Singh (Nov 16)
- Re: VLANs confusing Jens Hoffmann (Nov 15)
- Filer/Share Time Access Restrictions (Help). Huang, John, GCM (Nov 15)
- Re: Filer/Share Time Access Restrictions (Help). Saqib Ali (Nov 16)
- RE: Filer/Share Time Access Restrictions (Help). Cruse, Kevin (Nov 16)
- RE: VLANs confusing Vijay Kumar (Nov 15)
- Re: VLANs confusing Brian Loe (Nov 15)
- <Possible follow-ups>
- Re: VLANs confusing 3e323 (Nov 15)
- Re: VLANs confusing Kenton Smith (Nov 15)