Dear all,
Many times my security team requires to have in place layer2 segregation in
order to create dmz on the firewall as security measure to prevent lateral
movement in case of different vlan management or to respect standards (pci,
nist, etc).
The result is in having hundreds or thousands vlans also if in each vlan
there are very few systems ( 3 o 4 servers, etc).
My question is: how did you manage the issue in case you faced it?
Private vlans?
Keep in mind we need to have a non stop environment and hence any possible
way forward must forecast it.
Cheers
James
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Many times my security team requires to have in place layer2 segregation in
order to create dmz on the firewall as security measure to prevent lateral
movement in case of different vlan management or to respect standards (pci,
nist, etc).
The result is in having hundreds or thousands vlans also if in each vlan
there are very few systems ( 3 o 4 servers, etc).
My question is: how did you manage the issue in case you faced it?
Private vlans?
Keep in mind we need to have a non stop environment and hence any possible
way forward must forecast it.
Cheers
James
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/