Friday, January 25, 2008

Securing Networks with Private VLANs and VLAN Access Control Lists (Cisco Wrap)

Cisco - Securing Networks with Private VLANs and VLAN Access Control Lists (Cisco Wrap)
One of the key factors to building a successful network security design is to identify and enforce a proper trust model. The proper trust model defines who needs to talk to whom and what kind of traffic needs to be exchanged; all other traffic should be denied. Once the proper trust model has been identified, then the security designer should decide how to enforce the model. As more critical resources are globally available and new forms of network attacks evolve, the network security infrastructure tends to become more sophisticated, and more products are available. Firewalls, routers, LAN switches, intrusion detection systems, AAA servers, and VPNs are some of the technologies and products that can help enforce the model. Of course, each one of these products and technologies plays a particular role within the overall security implementation, and it is essential for the designer to understand how these elements can be deployed.

http://www.cisco.com/warp/public/473/90.pdf (pdf)

No comments: