We have a 3750 stack at our DR site.
2 x 24TS
1 X 48P
These switches are full and unorganized with outside, inside and DMZ interfaces spread out across the three.
We have several 3550 switches that were replaced with the POE version and just sitting doing nothing.
I would like to add a 3550 to organize and free up some of the powered ports for DR Testing (for phones).
I have several questions:
1. Isn't it poor security practice to have all of these ports (inside, outside, DMZ) on the same physical switch?
2. What would be the best way to add this switch?
Just add a trunk port to the 3550 and trunk it up to the 3750 stack?
3. Should the different "Zones" of inside, DMZ and outside ports be physically isolated?
There are numerous VLANs in the inside and DMZ interfaces.