I have installed 6, and never had a problem.
RFF
---------------------- Forwarded by Richard Fulton/EDS/FlipChip on 09/05/2001
03:35 PM ---------------------------
"Symon Thurlow" on 09/05/2001 03:13:38 PM
Please respond to "Symon Thurlow"
To: [EMAIL PROTECTED]
cc: (bcc: Richard Fulton/EDS/FlipChip)
Subject: RE: VLAN Security [7:18203]
I have installed at least 12, and never had a problem.
Symon
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
khramov
Sent: 05 September 2001 22:33
To: [EMAIL PROTECTED]
Subject: Re: VLAN Security [7:18203]
I would like to add that I also had bad experience with 3548 switches. I had
three go
bad out of four that I installed. However, I did have a good experience
with 2948G.
But they are a little bit more expensive.
here is my .02c
"Trevor J Corness, CCNA" wrote:
> Well, it depends.. I definately still would not VLAN off ports from a big
> switch.. do you plan on putting a NetManager box on the inside, and
wanting
> to monitor the DMZ Hub/Switch? If not, a Cat3524XL could be best (though
> I've had bad track record personally with those boxes, I'm sure over-all
> they're fine.. I've just been unlucky to come across 14 bad ones out of 17
> I've installed).
>
> Anyways.. hope you can straighten it out.. those are just my .02c worth.
>
> Regards,
> Trevor J Corness
> Radian Corporation
> http://www.radiancorp.com
>
> -----Original Message-----
> From: Circusnuts [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, September 02, 2001 4:20 AM
> To: Trevor J Corness, CCNA
> Subject: Re: VLAN Security [7:18203]
>
> Cisco's pushing the Fast 10/100 hub now, but I don't know that state of
> those older HP/Cisco 10 base T models. The Internet connection I am
looking
> to start with is @ least 10 Megs, maybe as high as 30 Megs. Does that
> change your advice any ???
>
> Thanks
> Phil
>
> ----- Original Message -----
> From: "Trevor J Corness, CCNA"
> To: "'Circusnuts'"
> Sent: Sunday, September 02, 2001 2:26 AM
> Subject: RE: VLAN Security [7:18203]
>
> > If you are talking about a single 3500 as the DMZ, with no links to the
> > internal network... or just VLAN'ing off ports of a 6509 or something
> > larger.. I would definately suggest a standalone 3500.. simply because
of
> > the problems of "Leaky Buckets". A well planned attack, will overload
the
> > buffers of the switch, and "leak" traffic onto the Private network.
This
> is
> > why I normally used managed hubs for DMZ (normally a customer won't have
> > more than a T1 in this case).. so that I can split off a single port for
> > monitoring.. and no "leaky buckets". This is a personal preference
> though.
> > Your situation may be much different than my normal encounters at my
job.
> > You have not supplied the information needed to make the "hub/switch"
> > decision.. Out of curiosity, do you know if Cisco still sells managed
> Hubs?
> > Or are they all EOL? I normally use HP 10base-T hubs (again, decided by
> the
> > 1.544Mbps T1).
> >
> > Regards,
> > Trevor J Corness
> > Radian Corporation
> > http://www.radiancorp.com
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Circusnuts
> > Sent: Saturday, September 01, 2001 5:11 PM
> > To: [EMAIL PROTECTED]
> > Subject: VLAN Security [7:18203]
> >
> >
> > I'm finishing a project @ work & have an opportunity to recommend
multiple
> > 3500 series switches or VLAN configuration. The placement of these
boxes
> > will
> > be before a firewall, coming off of a BGP router (for IDS's,
SwitchProbes,
> > DMZ, etc.,). Can anyone think of an argument either way ???
> >
> > Thanks Everyone
> > Phil
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18703&t=18203
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
