Mongo Peck
asked on
CISCO DMZ VLAN MANAGEMENT
Hi,
I need setup an External Contractors DMZ which they will use to connect to a storage system to receive and delivery work. The plan is to attach a physical switch to a spare port on an ASA 5520 so this is completely
separate to our internal infrastructure. Members of a Development VLAN (one way) would have access to this area via a firewall access policy.
Is there any "best practices" in regards to VLAN Management in DMZ's. Our internal switches have a management VLAN but would that be acceptable / secure to use the same VLAN outside inner core to manage the switch. Also unlike the inner switches that use Radius for authentication I would only use a local account.
Thank you in advance.
I need setup an External Contractors DMZ which they will use to connect to a storage system to receive and delivery work. The plan is to attach a physical switch to a spare port on an ASA 5520 so this is completely
separate to our internal infrastructure. Members of a Development VLAN (one way) would have access to this area via a firewall access policy.
Is there any "best practices" in regards to VLAN Management in DMZ's. Our internal switches have a management VLAN but would that be acceptable / secure to use the same VLAN outside inner core to manage the switch. Also unlike the inner switches that use Radius for authentication I would only use a local account.
Thank you in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.