Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
5
Helpful
4
Replies

insulating a LAN

strive
Level 1
Level 1

‎02-11-2007 11:15 PM - edited ‎03-07-2019 12:24 AM

Hi,

I am working for a laboratory which is situated in a university and we are currently part of the university network. I was recently made responsible for insulating the Laboratory LAN from this of the university aiming higher security. I am managing two servers (DNS, Mail, WWW, FTP, etc) but since I'm not a network professional I am looking for advice on a solution based on CISCO products.

Our LAN consists of about 35 units (PCs, servers, network printers, network cameras) all switched into a 20 port switch (additional switches are used along the way) which is then connected via fiber optics to the university network. All the devices have real IPs which have to be preserved. So I probably need a router which has

- a fiber optics port as input (or as a separate module?)

- possibly 20 100mbit ports as output

- built in firewall

- optional VPN support

Any suggestions would be greatly appreciated. Thank you!

Labels:
0 Helpful
4 Replies 4

ahmednaas
Level 4
Level 4

‎02-11-2007 11:24 PM

What type of switch are you using now?

Depending on the security policy you want to implement, it might be sufficient to use a Cisco L3 switch such as the 3560 (with advanced ip services image) instead of your current switch.

You can always add a router/VPN concentrator later for optional VPN support.

strive
Level 1
Level 1
In response to ahmednaas

‎02-12-2007 03:03 AM

Thanks a lot.. for opening my eyes for the managed switches ;)

We currently use a lowcost COREGA 16 port switch (owned by the university). There is a 100Base-TX to 100Base-FX converter before it so it turns out that I don't need the option of having 100-Base-FX on the switch itself (or am I wrong?)

Moreover, I have overestimated the number of ports needed - 16 will suffice.

I examined the 3560 which you offer and I know that I may have confused you with the number of ports but can you please recommend me a managed switch with not more than 16 ports. In terms of security, I want to:

- internally - restrict devices with uknown MACs from being part of the network

- ACL-based security

- optional monitoring and logging

Thanks ;)

0 Helpful

ahmednaas
Level 4
Level 4
In response to strive

‎02-12-2007 06:49 AM

I don't recall any Cisco 16 port switches. Anyway, Having a few extra port is not a bad idea. And the C3560-24TS is not too expensive. It can do all what you need and more.

0 Helpful

millerguptel
Level 1
Level 1

‎04-14-2024 10:48 PM

As an Insulation Expert for your laboratory LAN within the university network, considering your requirement for heightened security, Cisco products offer robust solutions. Opt for a Cisco router equipped with a fiber optics port for seamless integration into your existing infrastructure. This ensures preservation of real IPs for all devices across your LAN, encompassing PCs, servers, network printers, and cameras. Additionally, seek guidance from network professionals to ensure optimal setup and security measures.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card