Network Security: Detailed info on Re: VALN hopping

Subject:	Re: VALN hopping
Date:	Thu, 29 Sep 2005 12:01:46 -0400 (EDT)

It's my view that VLAN's were never intended to be
used as a security measure, rather they're for traffic
isolation. A byproduct of this is that it is more
difficult to access the traffic on the "other"
network. Unless you're going to have a firewall or
IDS/IPS between the two networks it's pretty trivial
for someone with much knowlegde to get from one VLAN
to another. As another level of a defense in depth
strategy a VLAN is great but it shouldn't really be
considered a way to secure traffic or hosts.

Kenton

--- josh@tstc.edu wrote:

WWe are having a heated discussion about using
VLAN's as a type of DMZ, so 
I am asking the experts.  I prsonally like to see
physical isolation; 
however, our network person doesn't feel there is a
threat of VLAN 
hopping.  Please let me know your opinions.

Thank you,




        

        
                
__________________________________________________________ 
Find your next car at http://autos.yahoo.ca

<Prev in Thread]	Current Thread	[Next in Thread>
VALN hopping, josh RE: VALN hopping, David Gillett Re: VALN hopping, Kenton Smith <= RE: VALN hopping, Hayes, Ian Re: VALN hopping, David Barroso Re: VALN hopping, Micheal Espinola Jr RE: VALN hopping, Payton, Zack RE: VALN hopping, Payton, Zack RE: VALN hopping, Scott Fuhriman Re: VALN hopping, nidude

Previous by Date:	Re: Hard Drive Intergrety Status, Kenton Smith
Next by Date:	RE: Software Firewalls, Lance.Druger
Previous by Thread:	RE: VALN hopping, David Gillett
Next by Thread:	RE: VALN hopping, Hayes, Ian
Indexes:	[Date] [Thread] [Top] [All Lists]