07-18-2022 08:45 AM
What would be the best way to segment clients from servers across several departments (Lan and WAN) globally? Would vrf's be any helpful? What hardware would be recommended? I would assume traditional firewalls are too slow?
07-18-2022 08:49 AM - edited 07-18-2022 08:50 AM
@hmc250000 assuming you are using Cisco equipment, you should look at TrustSec and SDA.
VRF's are used within SDA, then TrustSec SGT (Scalable/Security Group Tags) are used further within the VRF for microsegmentation.
https://www.cisco.com/c/en_uk/products/security/network-visibility-segmentation/index.html#~stickynav=2https://www.cisco.com/c/en/us/solutions/enterprise-networks/trustsec/design-guide-listing.html
TrustSec SGT's can be used on most Cisco solutions:- switches, routers, WLC, firewall, WSA, stealthwatch etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community