Educause Security Discussion mailing list archives

Re: management vlan

From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Tue, 3 Oct 2006 08:30:58 +1300

Scott Adamson wrote:


good morning

i was wondering from a network/management/security standpoint if most
users create a management vlan and IP structure for their network
switches/routers?  what are your common practices and benefits and
pit-falls you may have found in this kind of structure?  suggestions,
comments and general advise welcomed.  thanks all.

Absolutely!  we have a management vlan for the core network out to
building switch level.  Edge switches are in not in the management vlan
and we use access list to control access to snmp and telnet (some of the
edge switches do not support ssh :( ).

If you can have a separate network (as Graham suggest) this is even better.

Russell.

Current thread:

management vlan Scott Adamson (Oct 02)
- <Possible follow-ups>
- Re: management vlan Julian Y. Koh (Oct 02)
- Re: management vlan Graham Toal (Oct 02)
- Re: management vlan Russell Fulton (Oct 02)