Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Secuirty design question

We have budget for two layer 3 switches. One switch is connected to the other (via fibre) at a neighbouring company 5 km down the road.

The neighbouring company needs access to our internal network. ACLs and port secuirty will be used for security.

I am curious what can be recommended as further secuirty... Is there a standard or common method or is this quetion too broad?


Re: Secuirty design question


Given the information you have, those two options are your best bets. Without further information on the network layout it would be nigh impossible to comment intelligently.




If you find this post helpful, please rate so others can find the answer easily

Cisco Employee

Re: Secuirty design question

Like Faisal said we would need more requirements information.

Port security and ACLs are 2 options. VACLs (VLAN ACLs) could also be useful for you. Also consider isolated and private vlans to provide vlan seperation.

802.1x could provide more granular Post Assessment and Access control, but it would require more investment.

Now other potential security enhancements could be FWSM firewall modules on the 6500s, but that will also need extra budgeting.

I hope it helped a little.


CreatePlease to create content