NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] DMZ via VLAN



Jeff,

I think it is too risky....

Think that the switch could be the weakest ring into your chain....

best wishes

Aylton
----- Original Message -----
From: "Jarmoc, Jeff" <[email protected]>
To: <[email protected]>
Sent: Monday, April 02, 2001 5:44 PM
Subject: [FW1] DMZ via VLAN


>
> I've got a question in regards to running a DMZ on the same physical
> switches as my internal network, but segmented by VLAN.  Currently, I've
got
> several 10/100 switches on my backbone, so my DMZ is physically seperated.
> However, we're looking at upgrading to a gigabit backbone.  Obviously,
> gigabit switches are still somewhat pricey, and our DMZ is really only
about
> 6 servers.  Soooo, the idea came to me to use VLANs to isolate the DMZ and
> internal networks on the same physical switch.
> Does anyone have any experience with this, or opinions on how it
> would impact security or performance?  The gigabit switch I'm looking at
is
> also capable of Layer 3 switching, but obviously any layer 3 traffic
between
> these two VLANS would have to go through the firewall, I'll need to make
> sure I can specify that in the switch's software.  Recommendations of
> quality gigabit switches that can support up to 24 gig ports, and 48 100
meg
> ports would also be appreciated, but that's not really the point of my
> message.
>
> Thanks in advance for the wonderful insights.
>
> Jeff Jarmoc - CCNA, MCSE
> Network Analyst - Grubb & Ellis
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.