You won't necessairly have the granularity you sound like you need with just
an ACL and VLANS. Individual VLANS will segregate the traffic but might not
bring much in the way of real security. That could be enhanced if you are
considering using layer2 authentication and / or binding rules (e.g. to a
protocol, MAC, IP, port, etc). The thing to remember about the ACL is
you've got to manage it. That's okay if you've got only a few rules but if
you've got lots of users with different needs you might soon find it becomes
difficult to manage.
Subject:
Security Internal Network using VLAN
Date:
Fri, 22 Mar 2002 09:19:24 +0100
From:
"Carmelo Floridia" <[EMAIL PROTECTED]>
To:
<[EMAIL PROTECTED]>
Hi,
Assume a typical Campus LAN (2 Layer3 switch ad a switch for floor) with a
lot of users with different security requirement (CIO, Manager, Staff, Human
Resource)
Do you think that is feasible manage internal security using VLAN and ACL
applied over Layer3 Switch?
best regards
Carmelo
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
