Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

Everything plugged into 1 switch - a security Risk???

Hi, We have been provided with one flat/unconfigured switch by our new support company as part of installation. This Switch is completely unconfigured (no VLAN's). It has our Internet feeds plugged into it, our servers and Routers LAN and WAN interfaces. So basically the inside and outside is plugged into the same switch...

Could somebody tell me the security risks of this?
N.B The servers don't have public IP addresses and use the router LAN interface as their Default Gateway.

Thanks,
Jaime
0
jamwalk123
Asked:
jamwalk123
2 Solutions
 
wdavidson65Commented:
in my opinion their should be no security issues as long as your fiwewall is configured properly
0
 
jhyieslaCommented:
Agree with other expert. As long as you have a firewall that separates you from the Internet and as long as it's configured properly. A basic switch has no security aspects to one or two or three make no difference. You could add another internal switch with a firewall between the two switches, but that is probably a little overkill. Our config is similar from this perspective. We have a switch that connects all our internal stuff and we also have a connection on that same switch in the same main VLAN for our firewall. The only other thing you might consider, and this is probably overkill s well, is to partner with an IDS/IPS provider to put an IDS/IPS appliance in the path to the Internet as well to help the firewall do it's job. That's a decision that you'd have to make based on your budget and you exposure risk.
0
 
jamwalk123Author Commented:
Thanks for the quick responce guys
0
 
davealfordCommented:
"It has our Internet feeds plugged into it, our servers and Routers LAN and WAN interfaces"

If your 'WAN' is a private WAN then no major problem. If the private WAN is on a different subnet to your LAN then you may get some  extra broadcast traffic which might confuse some kit/software.

If by WAN you mean "Internet" then that wouldn't be sensible - even VLAN isn't advised as a security measure - it's a network management technique NOT security. If on the other hand there's still another NAT'd or orther firewall device between the switch and the Internet then you "should" be OK depending on how that device is configured.
0

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now