[c-nsp] Ethernet WAN Links question

Marcelo Zilio ziliomarcelo at gmail.com
Thu Dec 3 10:44:52 EST 2009


By security issues I was thinking something like a MAC flooding or any kind
of denial of service which could compromise the switch access so I would
have the internal LAN exposed. Is this make sense?




On Thu, Dec 3, 2009 at 11:02 AM, Mikael Abrahamsson <swmike at swm.pp.se>wrote:

> On Thu, 3 Dec 2009, Marcelo Zilio wrote:
>
> There is an option they supply the switch too.
>> The first thing that came to mind is security issues since we are
>> connecting
>> Internet and Local Network to the same switch inside the network.
>>
>
> That's like saying there is a security risk in running two phonecalls in
> the same T1/E1. They're logically separated, it's commonly done.
>
>
> The question is: Is this a common practice? How do you handle with this
>> scenario?
>>
>
> Usually I'd say that the ISP will solve the handoff by having a switch or
> media converter to give you one port per service, but using vlans for
> logical separation has been pretty much standard procedure for 10 years in a
> lot of places.
>
> --
> Mikael Abrahamsson    email: swmike at swm.pp.se
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list