Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
367
Views
0
Helpful
2
Replies

Security considerations for Ethernet connection to ISP

jhoude660
Level 1
Level 1

‎07-01-2006 07:59 AM - edited ‎03-09-2019 03:27 PM

My organizaton is getting an ethernet connection from the ISP to supply internet connectivity. Does anyone have any design or white papers from a security perspective to terminiate the ethernet connection internal. I seen where people bring it into a vlan off a 6500 switch or they bring it directly in to a PIX. Please let me know what you think. Thanks.

Labels:
0 Helpful
2 Replies 2

grant.maynard
Level 4
Level 4

‎07-03-2006 02:33 AM

Ideally put it straight into a firewall.

As an absolute last resort if this is not possible (for instance if the internet is presented as a VLAN on a trunk) then you will have to use a VLAN, but you must be very careful:

- don't use VLAN1

- use a "dummy" VLAN for native.

- prune that VLAN as much as possible so it only goes where needed.

- keep it as layer2 - don't create "interface vlan.." on MSFC etc

Check out the SAFE whitepapers at http://www.cisco.com/en/US/partner/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_papers_list.html

0 Helpful

jhoude660
Level 1
Level 1
In response to grant.maynard

‎07-05-2006 07:59 AM

Thank you for the response. I have been reading over the white papers you referenced and terminating to a security applicance seems to be the best option. Thanks.

0 Helpful
Customers Also Viewed These Support Documents