Hey Jeff,
i am not expert in this thing - but i remember that it was big
discussion about VLAN's security on http://vegan.net/lb/.
It is actually newsgroup for load-balancing (Thanks Tony for keeping it
up :) ).
So just make a search for VLAN.
Another good place :
http://www.sans.org/infosecFAQ/switchednet/switch_security.htm
Hope it helps.
> I've got a question in regards to running a DMZ on the same
physical
>switches as my internal network, but segmented by VLAN. Currently,
I've got
>several 10/100 switches on my backbone, so my DMZ is physically
seperated.
>However, we're looking at upgrading to a gigabit backbone. Obviously,
>gigabit switches are still somewhat pricey, and our DMZ is really only
about
>6 servers. Soooo, the idea came to me to use VLANs to isolate the DMZ
and
>internal networks on the same physical switch.
> Does anyone have any experience with this, or opinions on how it
>would impact security or performance? The gigabit switch I'm looking
at is
>also capable of Layer 3 switching, but obviously any layer 3 traffic
between
>these two VLANS would have to go through the firewall, I'll need to
make
>sure I can specify that in the switch's software. Recommendations of
>quality gigabit switches that can support up to 24 gig ports, and 48
100 meg
>ports would also be appreciated, but that's not really the point of my
>message.
>
>Thanks in advance for the wonderful insights.
>
>Jeff Jarmoc - CCNA, MCSE
>Network Analyst - Grubb & Ellis
>- -
---------------------------------------------------------------------
Daniel Mester
Portal Technologies Manager
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
