Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Sugestions to secure a 5300xl as internet router

Marcus J
Frequent Advisor

Sugestions to secure a 5300xl as internet router

Hi!

Im planning to use our 5300xl as internet router how can i make this as secure as possible?
We have a 100Mbit/s internet connection, and a lot of ip-adresses. Those nets are routed in behind several firewalls or other routers located at different sites connected by fiber links.

What features do you guys recommend i should enable to make this switch as secure and resilient as possible?
3 REPLIES
Mohieddin Kharnoub
Honored Contributor

Re: Sugestions to secure a 5300xl as internet router

Hi

With the 5300, you can do the routing between the connected Vlans, and use OSPF and RIP with Static Routes to have full routing Switch features.

What i suggest you to have is Dual 5300 (5400 if possible) running full L2 MSTP with XRRP redudancy and for your network.

Additional to that use the ACLs to control the flood of traffic between your directly connected Vlans to add more security and control on your network.

If you can tell us little about the stuff you have then we can help you to build a nice scenario with the switches you have.

Good Luck !!!
Science for Everyone
Marcus J
Frequent Advisor

Re: Sugestions to secure a 5300xl as internet router

Well, i was wondering about techniques to make the switch as secure as possible to stop malicious traffic and hackers.

like management vlan, icmp trottling, virus throttling and so on.

Is there some other nice features you can enable?

Have you guys tried the virus throttling on a internet router?
Joel Belizario
Trusted Contributor

Re: Sugestions to secure a 5300xl as internet router

Hi Marcus,

Have you had a look at the security whitepapers on ProCurve's site? It's a good starting point:

http://www.hp.com/rnd/library/whitepapers.htm

Cheers,
Joel