ZyXEL Communications ZyWALL 70 Informações Técnicas descarregar pdf (Página 223)

ZyWALL 1050 Support Notes

223

3.3 Networking Partitioning Using VLAN

Although ZyWALL 1050 has only five physical ports, you can still partition your

networking with more than five interfaces. ZyWALL 1050 is VLAN aware and it supports

virtual interface as well. With ZyWALL 1050, you can run a maximum number of thirty two

VLANs. As a result, it makes networking partitioning very easy. However, a VLAN-capable

L2 switch is required to create the VLAN tags in front of ZyWALL 1050.

When you conduct a network planning, it is always a good idea to aggregate all the

similar security level of devices into the same security zone. And different security level of

devices should be placed in different security zone. Finally you can apply different access

policy enforcements to different security zones to make your network more secure. By

combing VLAN and customizable zones, IT managers can construct necessary security

infrastructure without hassle and reduce the management burden.

3.3.1 Creating VLAN virtual interfaces

Here is an example

FINANCE

LAN

SECRET

Corporate

Intranet

Highly confidential financial servers are placed in this

zone. Access privilege only be granted to authorized

users

Important servers, including Domain

Controller, Directory server, database servers

are placed in this zone. Strict access policy

may apply to prevent misuse from happening

VLAN Switch

VLAN30

VLAN10

VLAN20

Internet

*VLAN-capable L2 switch is required to create VLAN tags

1 2 ... 218 219 220 221 222 223 224 225 226 227 228 ... 297 298

Sem comentários

ZyXEL Communications ZyWALL 70 Informações Técnicas Página 223