Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

DMZ

Hi is it recommended to have a DMZ Vlan? What I mean is, if I have a switch on the outside interface of a pix and a switch on the DMZ interface can I just use unused ports on the outside switch i.e. create a VLAN with serveral ports in the DMZ. I know I would have to look out for VLAN hoping attacks but is it ok to do this?

Gav

1 REPLY
Purple

Re: DMZ

Hi Gav,

In a strict security sense, that would not be a wise thing to do. The fact that the switch is 'outside' means that the switch could possibly be compromised, which in turn compromises oyour DMZ. I would provide complete physical separation if I were you...

Paresh

PS. Pls rate posts that help

99
Views
2
Helpful
1
Replies
CreatePlease to create content