[c-nsp] Micro-segmentation

james list jameslist72 at gmail.com
Sun Aug 2 04:35:09 EDT 2020

Dear all,
Many times my security team requires to have in place layer2 segregation in
order to create dmz on the firewall as security measure to prevent lateral
movement in case of different vlan management or to respect standards (pci,
nist, etc).

The result is in having hundreds or thousands vlans also if in each vlan
there are very few systems ( 3 o 4 servers, etc).

My question is: how did you manage the issue in case you faced it?
Private vlans?

Keep in mind we need to have a non stop environment and hence any possible
way forward must forecast it.


More information about the cisco-nsp mailing list