Timeline for VLANS vs. subnets for network security and segmentation
Current License: CC BY-SA 3.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jan 8, 2018 at 20:35 | comment | added | Thuy Guevarra | I see, what I'm specifically interested in knowing is how segmentation at layer-2 versus layer-3 impacts security. I understand there are many more variables to consider but this one is going to have the most impact on the decisions we make. Keep in mind, the options I'm considering are no VLANs and multiple networks versus multiple VLANs and one network per VLAN. | |
| Jan 8, 2018 at 20:28 | comment | added | Ron Maupin♦ | What I am trying to explain is that VLAN and networks go hand-in-hand under normal circumstances. There are particular corner cases where you may have multiple networks on the same VLAN, but you don't even want to consider that unless you have a reason and really know what you are doing. We would need to have a good description of how the network is connected (ideally, a diagram), what the networks devices are, the particular network device models, a good understanding of the network flows and requirements, etc. There really are just too many variables in what you ask. | |
| Jan 8, 2018 at 20:25 | comment | added | Thuy Guevarra | What information would you need to know to answer the second two questions? | |
| Jan 8, 2018 at 20:23 | comment | added | Thuy Guevarra | My overall line of questioning is more broad I think. What I'm curious about is when, from a security standpoint, would I want to segment the network using VLANs at layer 2 versus forgoing VLANs completely and segmenting the entire network using subnets? We're a small company-congestion and performance are not concerns at our scale however security is. | |
| Jan 8, 2018 at 19:44 | history | answered | Ron Maupin♦ | CC BY-SA 3.0 |