I have a question concerning interserver security.
I have a cat6513 and the port connected to a w2k3 server (single NIC) is in trunking mode carrying 2 VLANS a "customer" VLAN and "backup" VLAN. We serve multiple customers,each on their own specific VLAN, but all customers use the same generic backup service in a generic backup VLAN. Customers VLANS are separated by a FWSM but with this setup all the servers can connect to other servers on the backup VLAN.
What would be the best way to make sure that on the backup VLAN the servers can only connect to the backupserver and not ervers from oher customers.
We tried private VLAN's (which I think won't work because the port is a trunk)ad access-list but can't get it to work.
Any help or directions on how to solve this in well designed manner would be appreciated.
This is the config of a port in which vlan 11 is the backup vlan and vlan 31 the customer VLAN.
my first thought would be to use protected ports ('switchport protected' interface command), which would prohibit ports configured with that command from talking to each other. The drawback is that this only works for ports on the same switch...
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...