Around My World

about health,technology,psychology,and everything in our life...

More About Me...

Lorem ipsum dolor sit amet, nisl elit viverra sollicitudin phasellus eros, vitae a mollis. Congue sociis amet, fermentum lacinia sed, orci auctor in vitae amet enim. Ridiculus nullam proin vehicula nulla euismod id. Ac est facilisis eget, ligula lacinia, vitae sed lorem nunc. Orci at nulla risus ullamcorper arcu. Nunc integer ornare massa diam sollicitudin.

Another Tit-Bit...

Lorem ipsum dolor sit amet, nisl elit viverra sollicitudin phasellus eros, vitae a mollis. Congue sociis amet, fermentum lacinia sed, orci auctor in vitae amet enim. Ridiculus nullam proin vehicula nulla euismod id. Ac est facilisis eget, ligula lacinia, vitae sed lorem nunc.

VLANs part 2

Posted on 9:32 PM No Comments

Security and Mobility


VLANs offer security in two ways. The first method is authentication, which requires that users respond to a challenge (user ID / password) before they are assigned to a VLAN. Employing authentication is much more powerful than simply basing VLAN assignment on the port a user is connected to or what MAC address he or she has. In addition, authenticated VLANs offer the only true type of mobility in VLANs. Basing VLANs on the MAC address alone only provides mobility to the computer, and not the actual user. With authenticated VLANs, users can access their network resources from any location or any computer.


The second security feature of VLANs is communication control. Once a user is assigned to a VLAN (by any method), communication into or out of that VLAN can be controlled by any standard layer 3 service (Access Control Lists, firewalls, etc.). The security provided by VLANs is of the utmost importance in networks today. VLANs are not only an effective means for complying with some of these requirements, they’re also readily available in most installed switches. Although not specifically required by government standards, the use of VLANs to control physical access to information offers a much greater level of security than just server based user ID / passwords. In addition to legistated security requirements, internal corporate security is also a consideration. Who does the CFO want looking at the finance databases? With all the sensitive material accessible via corporate intranets, the need for internal security restrictions is tremendous and growing in importance.


A basic example of a VLAN security implementation is network access for non-employees. A visitor to a company wishes to access his own corporate network via the Internet. The network administrator can either give him an IP address for Internet access and at the same time allow him access to the internal network or assign him to a visitor VLAN with a DHCP server. Now the visitor plugs in, gets a special password, and is assigned to the visitor VLAN, which restricts his network access to the Internet. Other examples of VLAN implementation are in schools (instructor and student VLANs), healthcare facilities (open areas and patient records secured areas), military institutions, etc.

to be continue,...

0 comments:

Post a Comment



Subscribe to: Post Comments (Atom)
 
This blog will make you pround of your life and give you motivation and inspiration, and keep you always struggle in your life...
Enjoy this blog,...