[c-nsp] Trunked connections from a provider
Aaron Daniels - Lists
lists at daniels.id.au
Wed Dec 13 03:57:52 EST 2006
Hi All,
Our organisation is migrating several separate physical network connections
(Internet + multiple private wan's), into one single physical network
connection to our provider, This will be delivered over ethernet, with each
separate connection in a dot1q trunk, and we will break it out on our
router.
My previous experience is in the telco world and this is how we deployed
multiple vrf's to any customer.
I know that the Security team will scream that it is insecure - Carrying
corporate and internet data on the same physical connection. Security will
insist that the provider deliver us 2 separate connections which we will
need to patch into separate hardware.
My questions are:
1. Am I off base here, does security have a point?
2. Does anyone know of any documentation that I can point management to that
demonstrates this as best practice?
Thanks,
Aaron
More information about the cisco-nsp
mailing list