Educause Security Discussion mailing list archives
Re: management vlan
From: "Julian Y. Koh" <kohster () NORTHWESTERN EDU>
Date: Mon, 2 Oct 2006 09:26:50 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 09:47 -0400 10/02/2006, Scott Adamson wrote:
i was wondering from a network/management/security standpoint if most users create a management vlan and IP structure for their network switches/routers?
You definitely want a separate management VLAN, and you should definitely also use ACLs to restrict access to that VLAN from your management subnets only. Note that if you're a Cisco shop, Cisco specifically recommends against using VLAN 1. You might also want to look at possibly putting the management interfaces into RFC1918 space as well. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBRSEhpw5UB5zJHgFjEQKcwACgsOJivQ8oEj5a6MHy0BmPPB6g+PQAoIjF UZIZsXHrVWrmDOpp+iQvmpTi =VsAu -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:kohster () northwestern edu> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
Current thread:
- management vlan Scott Adamson (Oct 02)
- <Possible follow-ups>
- Re: management vlan Julian Y. Koh (Oct 02)
- Re: management vlan Graham Toal (Oct 02)
- Re: management vlan Russell Fulton (Oct 02)