Educause Security Discussion mailing list archives
Re: management vlan
From: Graham Toal <gtoal () UTPA EDU>
Date: Mon, 2 Oct 2006 09:43:40 -0500
You definitely want a separate management VLAN, and you should definitely also use ACLs to restrict access to that VLAN from your management subnets only. Note that if you're a Cisco shop, Cisco specifically recommends against using VLAN 1. You might also want to look at possibly putting the management interfaces into RFC1918 space as well.
And if you're still at the planning stage, it may not be too late to consider an air gap. Separate wires and switches. I don't fully trust VLANs yet... G
Current thread:
- management vlan Scott Adamson (Oct 02)
- <Possible follow-ups>
- Re: management vlan Julian Y. Koh (Oct 02)
- Re: management vlan Graham Toal (Oct 02)
- Re: management vlan Russell Fulton (Oct 02)