|
Security Basics
mailing list archives
RE: Managed switches outside firewalls?
From: "Dedric Ramsey" <ramseycs () bellsouth net>
Date: Tue, 29 May 2007 17:30:29 -0400
If it needs to be managed, does the switch you're using have a console port?
You could manage them that way, if you need the features that those switches
provide, and just disable IP access.
------------------
Dedric Ramsey
Ramsey Consulting Services
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Hari Sekhon
Sent: Tuesday, May 29, 2007 4:57 AM
To: security-basics () securityfocus com
Subject: Managed switches outside firewalls?
Hi,
I need to get some new switches outside of my firewalls, which means
that they will have publicly accessible IPs if they are manageable
switches.
I'm not quite sure what security stance to take on this. I know I can
restrict the management interface to certain IPs, but I'm still not
sure if this is asking for trouble to have switches will accessible IPs.
Perhaps I should use a dumb switch and forgo any management features...
Do any of you guys have policies for this (like unmanaged switches
outside firewalls and managed ones inside)?
Any thoughts and suggestions welcome.
-h
--
Hari Sekhon
 By Date 
By Thread
Current thread:
|
Intro
