Firewalls: Re: VLANs for Security Inside the Firewall

Firewalls
(October 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: VLANs for Security Inside the Firewall
From:	Eric Vyncke <evyncke @ cisco . com>
Date:	Mon, 06 Oct 1997 09:53:01 +0000
To:	Bill Husler <Bill @ Husler . xo . com>, "firewalls" <firewalls @ GreatCircle . COM>
In-reply-to:	<199710051657 . JAA10359 @ honor . greatcircle . com>

At 09:58 5/10/97 -0700, Bill Husler wrote:

...<SNIP>...

>I understand that these switches are configured via a telnet session. Is 
>there a way (on the switch) to ensure that this activity may only be 
>performed via specific switch ports (ie. I would like to ensure that if 
>someone is remapping the VLANs, they are doing so from something along 
>the lines of a console or secured area).

I can only speak from the switches of my employer (Cisco), yes you can
restrict the management to be done via only one VLAN (thus a couple
of port(s)) and there is obviously a username/password prompt which 
can be redirected to a Radius/Tacacs+ server.

-eric

Eric Vyncke      
Technical Consultant               Cisco Systems Belgium SA/NV
Phone:  +32-2-778.4677             Fax:    +32-2-778.4300
E-mail: evyncke @
 cisco .
 com          Mobile: +32-75-312.458

References:

Re: VLANs for Security Inside the Firewall
From: Bill Husler <Bill @ Husler . xo . com>

Indexed By Date	Previous:	[no subject] From: Adam Threadgold <support @ netbenefit . co . uk>
Indexed By Date	Next:	(no subject) From: Benjamin Brumaire <brumaire @ arcor . net>
Indexed By Thread	Previous:	Re: VLANs for Security Inside the Firewall From: Bill Husler <Bill @ Husler . xo . com>
Indexed By Thread	Next:	Re: Finding a wiretap or NIC card with a TDR From: dharris @ kcp . com