Re: Just say no to VLANS

Hi,

Thanks for the inputs . I plan to use multiple SSID at AP with
multiple VLAN on the Layer 2 switch.

> From the thread, I understand configuring VLAN securely on switch is
not easy. Can someone point me to a resource which tells me how to do
Secure VLAN configuration on the Layer 2 switch for my requirement.

Thanks



On 5/22/07, Stephen John Smoogen 
<smooge-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote:
> On 5/21/07, Cedric Blancher 
> <blancher-cPThYx3uDionEikN29/hQkZa+K1vlBrA@xxxxxxxxxxxxxxxx> wrote:
> > Le lundi 21 mai 2007 à 12:26 -0500, Tsu a écrit :
> > > First, Don't use VLAN's as your primary layer of security. It is
> > > trivial step to hop onto other VLANs.
> >
> > Yes, if you configure your switches and APs like an dumbass, then, yes
> > it is. If you follow guidelines, then no, it's not.
> >
>
> My sad view is that very few sites follow the guidelines.. or even
> know where/what the guidelines for setting up VLANS. Or they find that
> the 'locking' down breaks some side-effect they depended on so won't
> secure the VLANS appropriately. So yes.. a good many are using VLAN1
> because it was convenient etc.
>
>
>
> --
> Stephen J Smoogen. -- CSIRT/Linux System Administrator
> How far that little candle throws his beams! So shines a good deed
> in a naughty world. = Shakespeare. "The Merchant of Venice"