Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Is it safe to run a DMZ vlan on my datacentre switches

Hi all

jsut a quick one, is it common or safe to allow the DMZ vlan to be on my server room switches where my normal datacente equipment connects to? or should I keep this totally seperate ?

Everyone's tags (8)
New Member

Is it safe to run a DMZ vlan on my datacentre switches

Hi Carl.

I was searching for something and came across this, since it wasn't answered I figured I give it a go. This comes with the caveat that there are tons of people way more qualified to answer this than me. I also realize it's been months since this was asked and it's probably not needed anymore, but just in case plus for others searching.

I would say it's technically safe to do so, but probably not recommended. I've always seen (by either myself or more importantly others) a separate switch. One misconfiguration or someone plugging into the wrong port and you could have a problem. If you have a separate DMZ switch that's clearly marked it's much harder for someone to accidentally do something to it. They'd have to go purposely go log into that switch and make a change instead of say accidentally including the DMZ ports in a VLAN change of a range of them or something. One guy at a pretty big company got some of that black and yellow hazard tape and put it around his DMZ switches. I always got a kick out of that. Come to think of it, I think I need to find some of that tape.