Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1653
Views
0
Helpful
16
Replies

FWSM deployment questions

gautamzone
Level 1
Level 1

‎01-14-2007 12:54 PM - edited ‎03-11-2019 02:18 AM

Hi friends,

Just wanted to know basically if a requirement is supported in the FWSM or not.

There is a FWSM 3.1 blade on the 6500. The main intention of purchasing it was to protect traffic to and from Server VLAN's. There are totally about 12-13 servers grouped into 2-3 server VLAN's.

What is unique about the customer's requirement is that:

1. there are servers on the same SUBNET that also need to be protected from each other!!! I am wondering if this is every possible. Moreover, these servers are not connected to the 6500 directly. They are connected to an access switch and the access switch connects to the core. So, the traffic will never pass to the core at all. Is there a possibility that I can physically segment such servers to separate switches and put the FWSM in between them. I heard that there is something called bridging VLAN's? I am not sure about this.

2. the second unique requirement is that there are vendors who login to the servers remotely to provide remote application support. These vendors should not be able to access other servers just because they have reachability to one server. I am wondering if this kind of protection can be provided at network level? At host level, may be there is a possibility.

I am very sorry if i am asking any dumb questions. But if its possible, i would really appreciate any pointers to further directions in this regard.

Thanks a lot

Gautam

Labels:
0 Helpful
16 Replies 16

gautamzone
Level 1
Level 1
In response to gautamzone

‎01-22-2007 01:02 PM

Hoping that my question was clear. I just want to know that will be the configuration for the port connecting to the other switches (distribution or core) that contain the private VLAN's as well. Not too sure if it can be Normal trunk or private VLAN trunk or promiscious trunk?

Thanks a lot

Gautam

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to gautamzone

‎01-24-2007 04:53 AM

Hi Gautaum

My understanding is that the ports conencting your switches are configured as normal trunks. These trunks will handle both normal and private VLAN traffic.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card