Re: Different terms for the same or more secure?
- From: "Brian Loe" <knobdy@xxxxxxxxx>
- Date: Fri, 25 Aug 2006 14:49:13 -0500
> One definition of "subnet" is that it is a contiguous block of
> host addresses. One typically uses such a block of addresses on
> a LAN, whether it's physical or virtual.
Physical meaning actually there and virtual meaning there but no physically?
If its physically subnetted then there's a router between the subnets.
Logically seperated subnets, I suppose, would be vlaned subnets
(virtual being logical - not real/physical).
Similar to an IP being divided into subnets ie one for accounting,
another for sales etc? How are the node MAC addresses grouped? I would
assume by their subnet, which is exactly what a subnet does. A subnet
groups similar nodes together so that they can communicate easily with
one another and the switches do not need to liaise with those subnet
nodes re other services on other subnets. So what does a VLAN do that a
subnet doesn't and why is one better than the other?
The only thing a VLAN does is break up broadcast domains. Subnets, on
the other hand, are controlled and limited by your IP addressing
scheme - and provide nothing, a router or other such device (firewall
for instance) is divide them up.
OK. You're starting to get fuzzy as there must be ethernet interference
:) Let me get the basics right and solid then I'll explore the other
features.
>
The switch adds vlan tags to the packets being passed on the network.
When you trunk a port you're allowing that port to pass all of those
tags as opposed to just one.
OK so a physical subnetted network is 'safer'/'more secure' than a VLAN
network.
You will have to "subnet" your VLANs - subnets and VLANS are not
interchangable, they're not equivelant. Neither provides security
features.
I'm still not getting the difference between a virtual and a physical
LAN. Can anyone give me an example of say a company with two branches in
different locations with each branch have its own sales and accounts
department. I would subnet my IP such:
The two locations will almost always be physically seperate networks
because you will need to route between them, same for floors (if each
floor has a switch), etc.. In this instance the benefit of a VLAN
*may* be the ability to put to similar groups in disparate geographic
areas in the same VLAN allowing them to talk to each other "directly".
I, however, do not see the benefit in it at all, perhaps someone else
can explain the benefit (and I'm talking user VLANs).
I would highly suggest picking up a basic networking book. Even an
old/used Microsoft Networking study book would go a long ways in your
education. A CCNA book would also be a superb step in the right
direction.
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- Re: Different terms for the same or more secure?
- From: Hylton Conacher(ZR1HPC)
- Re: Different terms for the same or more secure?
- Prev by Date: Re: nc question
- Next by Date: Re: Re: Windows 98/SE/ME registry
- Previous by thread: RE: Different terms for the same or more secure?
- Next by thread: Re: Different terms for the same or more secure?
- Index(es):
Relevant Pages
|
|
