R: Security Internal Network using VLAN

From: Carmelo Floridia (cfloridia@lex.unict.it)
Date: 03/29/02 

From: "Carmelo Floridia" <cfloridia@lex.unict.it>
To: <security-basics@securityfocus.com>
Date: Fri, 29 Mar 2002 12:20:10 +0100

Assume an enterprise with a lot of employee and manager.
Avery employee is on the same lan of the manager and sometimes also external
user are connected to the same lan.
In each floor of the buildin you migth have manager, employee, external
consultant...
manager does not want to share their information with the other
So I tried to do obtain a first level of security using VLAN, not too
strenght but a first level...
the second level of security may be using desktop protection....
the issue could be the performance..
wath do you think?
best regards
Carmelo

> -----Messaggio originale-----
> Da: pure pure [mailto:pure27@hotmail.com]
> Inviato: venerd́ 22 marzo 2002 21.31
> A: cfloridia@lex.unict.it
> Cc: security-basics@securityfocus.com
> Oggetto: Security Internal Network using VLAN
>
>
> You won't necessairly have the granularity you sound like you
> need with just
> an ACL and VLANS. Individual VLANS will segregate the traffic
> but might not
> bring much in the way of real security. That could be enhanced
> if you are
> considering using layer2 authentication and / or binding rules
> (e.g. to a
> protocol, MAC, IP, port, etc). The thing to remember about the ACL is
> you've got to manage it. That's okay if you've got only a few
> rules but if
> you've got lots of users with different needs you might soon find
> it becomes
> difficult to manage.
>
> Subject:
> Security Internal Network using VLAN
> Date:
> Fri, 22 Mar 2002 09:19:24 +0100
> From:
> "Carmelo Floridia" <cfloridia@lex.unict.it>
> To:
> <security-basics@securityfocus.com>
>
>
>
>
> Hi,
> Assume a typical Campus LAN (2 Layer3 switch ad a switch for floor) with a
> lot of users with different security requirement (CIO, Manager,
> Staff, Human
> Resource)
> Do you think that is feasible manage internal security using VLAN and ACL
> applied over Layer3 Switch?
> best regards
> Carmelo
>
>
>
> _________________________________________________________________
> Chat with friends online, try MSN Messenger: http://messenger.msn.com
>

Relevant Pages

  • Best VLAN supporting Switch
    ... We are going to deploy VLAN on 10/100 LAN and about 200 users. ... Our consideration is security. ... We are now focusing on Cisco Catalyst 2900 XL. ...
    (Security-Basics)
  • RE: Best VLAN supporting Switch
    ... >We are going to deploy VLAN on 10/100 LAN and about 200 users. ... >We are now focusing on Cisco Catalyst 2900 XL. ... As far as Security you can use TACACS+ for switch authentication and you can ...
    (Security-Basics)
  • Re: All events showing in each event log
    ... for the security log. ... Here's what I have on a newly built Windows 2003 standard ... > TermServSessDir ... > Security Account Manager ...
    (microsoft.public.windows.server.general)
  • Re: what happened to files?
    ... the world of IT security has turned inside out even ... writing the job description for the new Info Security Manager ... compromized or lost data are the arrogant and the ignorant. ... malware netsky, I think, that locks onto the address book of the ...
    (microsoft.public.windowsxp.security_admin)
  • RE: When IT Manager breaks rules
    ... That first release of policy manual, did not contain any clause mandating such a rule. ... Going by the fact that Security Polices are living documents, I have currently called this clause as a guideline with an aim to include it in the next release of my policy manual. ... IT manager is side stepping "rules" what are they? ... >> options but to create the account without due processes. ...
    (Security-Basics)