At 11:30 AM 9/10/96 -0700, Michael Dillon wrote:
On Tue, 10 Sep 1996, Srinivasarao Mulugu wrote:
I know we do, Michael. And I have "their" answer. But they may not have the same experiences you did.
Have you had much experience, having the servers connect directly on to a level-2 device like a FDDI-to Ethernet (e.g. catalyst) connector ? and it security implications ?
It's not a matter of experience. It's a matter of what a level-2 device is and how it normally works. There is no security at level 2.
Therefore, you should only connect trusted pieces of equipment to a level-2 media unless it is being used as a point-to-point media. Lets use Ethernet as an example. If you connect a customer web server to an Ethernet then they can sniff any traffic that goes by and possibly do nasty things like spoofing. Even if they would never do such a thing they may be hacked by somebody who would do such a thing. So it is not a good idea to share a level 2 media in this way.
The MAE's are switches. Unless you are sending super secret BROADCAST traffic the security implications you are mentioning are non-existant. Justin Newton Internet Architect Erol's Internet Services