RE: VLANs confusing - Explained

["Michael Dieroff" <michael () bluescreenit co uk>]

Hi Raj,

To start with a few points need to be clarified:

1.) VLAN refers to Virtual LAN - This is a layer 2 protocol that adds a
header to the frame that identifies the VLAN that the client MAC address or
more commonly switchport belongs to.
2.) VLAN's are not there for encryption - they provide logical and broadcast
segmentation on a switch.
3.) The open standard for VLAN's is 802.1q - if you are using Cisco devices
then you have the option to 'tag' your vlan with the likes of a Cisco
protocol called ISL (Inter Switch link)
4.) This means that VLAN's provide security domains in the form of broadcast
and subnet segmentation not privacy and integrity of network communications.
5.) VPN's however do provide encryption services. VPN services are typically
provided in 2 formats: L2TP/ IPSEC and SSL (I know PPTP - GRE tunnelling is
out there, but let's talk about the serious protocols here)

These VPN protocols make use of the likes of several encryption and hashing
protocols that include DES, 3DES, AES for symmetric encryption and MD-5 and
SHA-1 for hashing algorithms and integrity.

Are you referring to VPN's or VLAN's and I can elaborate a little more.

Mike.



Regards,

Michael Dieroff


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------