jamwalk123
asked on
Everything plugged into 1 switch - a security Risk???
Hi, We have been provided with one flat/unconfigured switch by our new support company as part of installation. This Switch is completely unconfigured (no VLAN's). It has our Internet feeds plugged into it, our servers and Routers LAN and WAN interfaces. So basically the inside and outside is plugged into the same switch...
Could somebody tell me the security risks of this?
N.B The servers don't have public IP addresses and use the router LAN interface as their Default Gateway.
Thanks,
Jaime
Could somebody tell me the security risks of this?
N.B The servers don't have public IP addresses and use the router LAN interface as their Default Gateway.
Thanks,
Jaime
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"It has our Internet feeds plugged into it, our servers and Routers LAN and WAN interfaces"
If your 'WAN' is a private WAN then no major problem. If the private WAN is on a different subnet to your LAN then you may get some extra broadcast traffic which might confuse some kit/software.
If by WAN you mean "Internet" then that wouldn't be sensible - even VLAN isn't advised as a security measure - it's a network management technique NOT security. If on the other hand there's still another NAT'd or orther firewall device between the switch and the Internet then you "should" be OK depending on how that device is configured.
If your 'WAN' is a private WAN then no major problem. If the private WAN is on a different subnet to your LAN then you may get some extra broadcast traffic which might confuse some kit/software.
If by WAN you mean "Internet" then that wouldn't be sensible - even VLAN isn't advised as a security measure - it's a network management technique NOT security. If on the other hand there's still another NAT'd or orther firewall device between the switch and the Internet then you "should" be OK depending on how that device is configured.
ASKER