cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1568
Views
5
Helpful
4
Replies

Security with AV devices

Bagley5777
Level 1
Level 1

Hello!  I have a work network that is separated into vlans.  Currently, our AV network is on a completely separate circuit from our data network.  The question is this- our AV director would like folks who sign into the guest network to have access to devices that live on the separate AV network.  What is the most secure way to have this happen?  In other words, how can a guest come into our company with an iPhone or computer, and then seamlessly login to an AV appliance such as a Via Collage and use it, when it is on a separate network.  Thanks in advance! 

4 Replies 4

Hi @Bagley5777

Not sure what AV means  and which access we are talking about.

 For wireless access, there are some very approach for guest users.

 

 

-If I helped you somehow, please, rate it as useful.-

Marvin Rhoads
Hall of Fame
Hall of Fame

Normally to set this up securely we connect both Guest and AV (audio-visual) subnets/VLANs via a common firewall (referably one with built-in IPS like a Cisco ASA with Firepower services or FTD image type).

 

Then you can create an ACL on the firewall allowing the minimal connectivity required. The IPS bit will help scan for and block malicious activity.

Thanks for reply!  So it's better to do ACL rather than some type of port forwarding?

Port forwarding by itself is not really security. Yes it will work but you also open yourself up to more risk.

 

All security decisions are the result of balancing risk and reward. If you don't care about the exposure, then the security implementation may not be worth it for you in terms of both capital expense (Capex) and operational expense (Opex). However if you already have some security tools at your disposal then it generally behooves you to use them.