Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
516
Views
5
Helpful
3
Replies

PIX vs Switch

jackko
Level 7
Level 7

‎08-17-2003 05:58 PM - edited ‎02-20-2020 10:56 PM

we usually create a dmz by using a pix. however, one of my customers uses a switch to create a dmz rather than a pix. customer does that by creating 3 vlans.

i was wondering what is the difference between the two.

0 Helpful
3 Replies 3

mostiguy
Level 6
Level 6

‎08-17-2003 06:26 PM

a layer 2 managed switch can create vlans, but cannot route between them. a l3 managed switch can, but generally does not have the firewall capabilities that a pix does, so there is network segmentation, but limited security segmentation functionality.

jackko
Level 7
Level 7
In response to mostiguy

‎08-17-2003 07:33 PM

thanks for your response. that's exactly why customer puts a router between vlans. is this a popular way to create a dmz? i've never seen that before.

in terms of security, obviously a pix would be much more secure. however, how would i show that to my customer?

0 Helpful

jmia
Level 7
Level 7
In response to jackko

‎08-18-2003 01:11 AM

Yes, VLANs can provide security to your LAN but to use it as a DMZ, I personaly don’t think it’s such a good idea, but I suppose it all depends on the network and security requirements.

The Benefits of VLANs are the following:

1.It eases the change and movement of devices on IP network

2.It helps to control broadcast traffic

3.It provides security

To have a proper DMZ (and as you correctly said) use a Firewall (PIX) and create your DMZ on the PIX.

i.e.

internet--primeter_router--PIX(with DMZ)--LAN_Router--LAN.

Hope this helps --

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card