- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Another VLAN noob
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-18-2007 02:07 PM
тАО07-18-2007 02:07 PM
Can I just say all ethernet ports are one VLAN, and the fiber connections are different VLANs on the 5308? Our network is a big and flat network with 172.16.x.x/16. Should I do some changes or is it possible to reduce SOME traffic by simply configuring VLANs on the web interface of the 5308?
Am I thinking too simply? Any help will be great!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-18-2007 04:29 PM
тАО07-18-2007 04:29 PM
Re: Another VLAN noob
1. Separate the departments' computers (e.g. Finance is on a separate IP subnet than Engineering) so you can control access: Engineers only will have acces to Engineering servers, Finance people only to Finance servers, and each and everyone may authenticate to domain controllers in a third VLAN/subnet.
2. You are able to reduce Ethernet/IP broadcasts, if the performance of the network is downgraded by broadcasts due to large number of computers.
How many computers do you have in your network?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-18-2007 11:31 PM
тАО07-18-2007 11:31 PM
Re: Another VLAN noob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2007 08:15 AM
тАО07-19-2007 08:15 AM
SolutionBefore you implement VLANs, I'd highly recommend discussing network security in general with the business stakeholders in your organisation, and then designing a solution from there.
An analogy that comes to mind regarding your current network setup is that everyone is basically sitting in the same room without walls to segregate anything. Businesses don't operate this way and I don't think a network should either.
There are a million and one reasons to implement VLANs but it comes down to what is required for your organisation.
Just my 2 cents. :)
BTW, have a read of this great whitepaper on VLANs by Cisco, it talks about features specific to their products but has lots of good food for thought:
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/vlnwp_wp.pdf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2007 08:30 AM
тАО07-19-2007 08:30 AM
Re: Another VLAN noob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2007 09:02 AM
тАО07-19-2007 09:02 AM
Re: Another VLAN noob
The main point I was trying to make is there are many approaches to designing a network, and sometimes things are done for the sake of doing them without really considering what is needed.
In your case you are looking at performance issues but it is quite possible depending on what actually happens on your network you may not see the peformance increase you are looking for.
But there are still many valid reasons to consider segregating your network, some of which have been mentioned above.
One of the major risks to a flat network is if there is a broadcast loop (like some user decides to help keep cables tidy by plugging a loose cable into two ports on the wall), you will probably lose your whole network.
Viruses also come to mind, if they ever get past your scanning software they will have unimpeded access to every host in the network.
So yea, my intention was to give you more food for thought rather than flat out say yay or nay to VLANs.
Hope this helps. :)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2007 09:36 AM
тАО07-19-2007 09:36 AM
Re: Another VLAN noob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2007 09:40 AM
тАО07-19-2007 09:40 AM