Ivan Pepelnjak over at IOS Hints and Tricks wrote a post about DMZ VLAN leaking that got me thinking.
He writes about “the VLAN leaking myth” and how it encourages clients to utilize physically separate network infrastructure in the DMZ’s. Now first things first, I wouldn’t call VLAN leaking a myth. At one time it was [...]
Measuring and mitigating risk involved with sharing virtual infrastructure between DMZ and Internal environments
September 9th, 2008 · No Comments
Tags: hyper-v · virtualization · vmware
Simplifying remote site security with Cisco’s new video surveillance modules on the ISR
June 10th, 2008 · No Comments
One giant pain I have always faced when working with high security environments is dealing with surveillance systems. They are a necessary and required part of your security infrastructure. However they just never seem to integrate as well as your network, storage, or server devices.
When I work with data center infrastructure I expect the following [...]
Tags: 4s ranch rancho bernardo san diego witch fire evacuated · CCIE · CISCO · Technology · security · sun
Zone based IOS firewalls
October 15th, 2007 · No Comments
Zone based IOS firewalls
Cisco has finally included zone based firewalling in the IOS firewall feature set. The configuration guide can be found here -
Zone Based Firewall Design and Configuration Guide
The things that really got me interested are -
1. It is VRF aware (works well with network virtualization strategies)
2. No more CBAC’s
3. Policing built into firewalling [...]
Tags: CCIE · CISCO · Technology
