Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
277
Views
0
Helpful
1
Replies

Secure L2 Switch

amaliasch
Level 1
Level 1

‎11-02-2005 12:41 AM - edited ‎03-03-2019 12:38 AM

Topology

2 F.W.s modules on cluster mode connected to 2 cat2950 switch (not support SSH)

The policy here is not give an IP address to the switchs on behalf of security (by cisco recommend of allowind only SSH sessions).

1. Is it popular not to give an IP add. for security reason.

2. Do I have to change the Switchs to those wich support SSH.

Labels:
0 Helpful
1 Reply 1

lgijssel
Level 9
Level 9

‎11-02-2005 12:56 AM

You will cause yourself difficulties while your switches cannot be managed over the network.

A compromising solution could be to install a separate management vlan. IP's for the 2950's could be assigned in this range and you could even set this up as an isolated vlan.

Basic idea is to have management traffic and user traffic both in a separate vlan. This will not offer security in the case of someone sniffing on the networkcable but as you know, rule 1 in security is to disallow/disable physical acces to your equipment and cabling routes. When you can control physical access, this method is more viable (less $$) than changing to switches with SSH support.

Regards,

Leo

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card