POC: Private Vlan and DMZ with ASA5505 and WS-3560-24TS-E Part 2
This video log is a proof of concept I have done in my lab. Recently many security professionals have recommended the use of private vlan to their clients. I have heard of and did lab with pvlan before while I was pursuing my ccnp r&s however I have never used it in my working environment. This poc is to establish an understanding of the use of pvlan with firewall. In the lab the servers are in isolated vlan located in dmz, supposed a server is compromised it will not spread within its own zone however I cannot prevent this compromised server being an attack vector to the outside zone. It is recommended to limit the full tcp and embryonic tcp sessions and also install IDS/IPS to monitor the dmz.
by rakyomin
windows server dhcp vlan
