From: MILES John M (John.Miles@co.lane.or.us)
Date: Thu Mar 03 2005 - 16:59:33 EST
I personally wouldn't do it for several reasons, but I am accused of wearing
a tin-foil hat fairly often . . . what I would reccomend you read to make an
appropriate & educated decision is the Cisco white-paper "Virtual LAN Best
Practices"
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/vlnwp_wp.pdf
-----Original Message-----
From: Merrick, Carl [mailto:CMerrick@enfield.org]
Sent: Thursday, March 03, 2005 8:23 AM
To: pen-test@securityfocus.com
Subject: HP BL30's and VLAN's
I am not a pen tester and this is more of a theoretical question for the
experts. We are in the process of installing HP BL30p blade servers which
use the GBE2 integrated switch for network connectivity. One of the servers
installed will be a web server which will run in the DMZ. Connectivity to
the DMZ will be provided from the GBE2 to a port on the firewall via a VLAN.
Other internal VLAN's will be running on the same GBE2 switch. The question
is, how secure will this setup be? Is it possible to hack across VLANs on
the same switch? My preferred configuration is to physically isolate web
servers.
Thanks. Carl
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:17 EDT