Baystack 350 VLAN - How secure?

[scoob8000]

I know a lot of you are running Baystack switches..

I'm finally adding a wireless extension to my network. I have an extra interface setup on my smoothwall to keep the wireless segment seperate from my home network.

I'm considering setting up a seperate VLAN on my Baystack for that segment. My questions is, how secure are the vlans on the baystack switches?

 

[scoob8000]

Bump?

 

[Blitzrommel]

In terms of what you're asking, a VLAN is a VLAN... to compromise a vlan would require compromising the switch itself. Just speculation.

 

[Dr.Evil]

It is a secure as the physical security of the device plus the access to the config terminal. So restrict access of the config terminal to one IP(yours obviously) and use a strong password. Other than that the only way to bypass the VLAN is to physically move the cable to another port assigned to another VLAN.

 

[Nn'theraq'pss]

Might want to read up on VLAN Hopping to help secure your VLAN.

 

[scoob8000]

I'm fairly familier with vlans and how they would typically be comprimised. I don't think the baystack does the typical 802.1q though. Almost some propritiery vlan scheme. It doesn't even do tagging..

 

[versello]

I'm fairly familier with vlans and how they would typically be comprimised. I don't think the baystack does the typical 802.1q though. Almost some propritiery vlan scheme. It doesn't even do tagging..

I've worked with BayStack 460's, 470's and 5510's and they all support tagging and 802.11q. I also work with 450's, and although I never looked into its VLAN specs, I don't have reason to believe it wouldn't be any different.

 

[scoob8000]

The 350 doesn't look at tags to my understanding..

It's a matter of using the console with the graphical (ascii art) port selector. There are 8 "Vlans" and you pick which ports belong to those vlans..


It's almost like a port level deal..