Cisco Support Community
Community Member

switch and internet

Several of our campus environments have many storeys in a building or many buildings. In both scenarios we have fiber and GE. We use Catalyst switches to provide connectivity to the user desktops. Connectivity also includes a highly secured access to the internet. Separately, we also have a need to provide almost unsecured internet access to the same users but on seperate desktops. The questions/concerns for this are as follows:

[1] Is it secure to implement seperate VLANs on the same switching infrastucture to provide both secured and unsecured internet access? Please explain.

[2] How can the switches be configured to provide both secured and unsecured internet access? Please be detailed.


Community Member

Re: switch and internet

Switches work at layer 2, so security here may not be what you are expecting. You can segment your ports into separate VLANs to put up virtual “walls” between groups and utilize port security to ensure the device attached to the port is the one you expect. However, security, the type it sounds as if you are looking for, will happen primarily at layer 3, and require a router or a firewall.

Unfortunately a detailed security proposal will require a lot more information from you, and is beyond the scope of this forum. You might get your local Sales Engineer on the phone and the two of you can evaluate your own unique situation and devise a strategy that will accomplish your goals.

CreatePlease to create content