Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Redesigning my network - what do I need?

Reply
Thread Tools

Redesigning my network - what do I need?

 
 
Julian Regel
Guest
Posts: n/a
 
      06-06-2006
I'm in the process of re-designing my work's network to make it more
secure and scalable. I've identified six different groups of hosts that
would benefit from being on their own VLAN (internal network, secure
DMZ, dirty DMZ, customer networks and a training network).

In terms of connectivity between them, there should be some form of
access control or firewalling. I'm not sure what the best bit(s) of kit
would be = should I look at a six port firewall (potentially expensive
with little room to upgrade)? Should they all connect to a global VLAN
switch which also hosts a router (the "router on a stick")? What about
Layer 3 switches?

I know I can achieve the above by running a Linux server with multiple
NICs and some routing and firewall scripts, but this seems a bit "home
grown" and I want to know what the "best practice" is in this area.

Thanks in advance.
 
Reply With Quote
 
 
 
 
jbrunner007@hotmail.com
Guest
Posts: n/a
 
      06-06-2006
Forget the linux route... its just a dog with fleas.

A pix or ASA will allow you to use vlans to connect to one physical
interface. From there, you can "intervlan route" with security acls
applied on the virtual interfaces...

Joe

Julian Regel wrote:
> I'm in the process of re-designing my work's network to make it more
> secure and scalable. I've identified six different groups of hosts that
> would benefit from being on their own VLAN (internal network, secure
> DMZ, dirty DMZ, customer networks and a training network).
>
> In terms of connectivity between them, there should be some form of
> access control or firewalling. I'm not sure what the best bit(s) of kit
> would be = should I look at a six port firewall (potentially expensive
> with little room to upgrade)? Should they all connect to a global VLAN
> switch which also hosts a router (the "router on a stick")? What about
> Layer 3 switches?
>
> I know I can achieve the above by running a Linux server with multiple
> NICs and some routing and firewall scripts, but this seems a bit "home
> grown" and I want to know what the "best practice" is in this area.
>
> Thanks in advance.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Redesigning Network Knowledge Cisco 0 10-31-2009 10:58 AM
Redesigning wireless solution Harrison Midkiff Wireless Networking 2 11-07-2008 02:00 PM
redesigning JUnit asserts martinus Java 0 08-04-2006 07:10 AM
Redesigning a debug API Maxim Yegorushkin C++ 3 07-13-2005 11:47 AM
Network Computer Reboots when Laptop Connects to Wireless Network Charles Law Wireless Networking 7 09-14-2004 02:11 PM



Advertisments