How about using a different VDC for the DMZ?
Chris
On Thu, Sep 9, 2010 at 9:19 PM, Jason Aarons (US) <
jason.aarons_at_us.didata.com> wrote:
> A customer want's to put a Layer2 DMZ vlan on his Nexus 7k, and is
> wondering
> if Private VLAN/VDCs will keep that vlan from his inside network.
> Basically
> he needs some switchports for his DMZ and doesn't want to put them on a
> 3750.
> From a security perspective I would never advise this to mitigate risk by
> using Physical Isolation, but I'm not clear if the Nexus Private VLAN/VDC
> would mitigate the risk.
>
> http://en.wikipedia.org/wiki/VLAN_hopping
> -----------------------------------------
> Disclaimer:
>
> This e-mail
> communication and any attachments may contain
> confidential and privileged
> information and is for use by the
> designated addressee(s) named above only.
> If you are not the
> intended addressee, you are hereby notified that you have
> received
> this communication in error and that any use or reproduction of
> this
> email or its contents is strictly prohibited and may be
> unlawful. If you have
> received this communication in error, please
> notify us immediately by replying
> to this message and deleting it
> from your computer. Thank you.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Sep 09 2010 - 21:32:55 ART
This archive was generated by hypermail 2.2.0 : Fri Oct 01 2010 - 05:58:05 ART