<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
I need setup an External Contractors DMZ which they will use to connect to a storage system to receive and delivery work. &nbsp;The plan is to attach a physical switch to a spare port on an ASA 5520 so this is completely<br />
separate to our internal infrastructure. &nbsp;Members of a Development VLAN (one way) would have access to this area via a firewall access policy.<br />
<br />
Is there any &quot;best practices&quot; in regards to VLAN Management in DMZ's. &nbsp;Our internal switches have a management VLAN but would that be acceptable / secure to use the same VLAN outside inner core to manage the switch. &nbsp;Also unlike the inner switches that use Radius for authentication I would only use a local account.<br />
<br />
Thank you in advance.
</div>
</div>


Hi,

I need setup an External Contractors DMZ which they will use to connect to a storage system to receive and delivery work.  The plan is to attach a physical switch to a spare port on an ASA 5520 so this is completely
separate to our internal infrastructure.  Members of a Development VLAN (one way) would have access to this area via a firewall access policy.

Is there any "best practices" in regards to VLAN Management in DMZ's.  Our internal switches have a management VLAN but would that be acceptable / secure to use the same VLAN outside inner core to manage the switch.  Also unlike the inner switches that use Radius for authentication I would only use a local account.

Thank you in advance.

CISCO DMZ VLAN MANAGEMENT

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).