VLANs

Video Activity

Instructor Kelly Handerhan continues the discussion about ways to separate trusted and untrusted networks, focusing on the advantages of using VLANs versus routers. A VLAN: is the concept of creating multiple broadcast domains (subnets) on a single switch. Important points to remember: A VLAN is much cheaper than a router A VLAN is much easier to c...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
3 hours 54 minutes
Difficulty
Advanced
CEU/CPE
4
Video Description

Instructor Kelly Handerhan continues the discussion about ways to separate trusted and untrusted networks, focusing on the advantages of using VLANs versus routers. A VLAN: is the concept of creating multiple broadcast domains (subnets) on a single switch. Important points to remember:

  • A VLAN is much cheaper than a router
  • A VLAN is much easier to configure than a router
  • A VLAN will provide the same isolation as a router
  • VLANs are often implemented on a layer 3 switch
Video Transcription
00:04
okay, s so in talking of continuing the discussion on segmenting my network or providing isolation between trusted and untrusted,
00:14
we talked about firewalls being devices that will do that. That's absolutely true. And I'd mentioned packet filtering firewalls and that reality. Those packet filter and firewalls are really just robbers with access control. This Sometimes they're the screening router that protects our connection to the Internet.
00:32
Well, absolutely. Robbers can isolate traffic where the primary purposes of arrival wrist to separate out what we refer to his sub nets, and each individual submits their own broadcast Amane. But they're also their own security domain as well.
00:48
The problem there with routers is that they're very expensive.
00:53
And I'm not talking about, like a link sister net here. I'm talking about grown up routers like your Cisco robbers and those routers you'd use in production.
01:00
So when we go out, we were to purchase, say, a switch, for instance, that switch might have 16 porch, 24 ports, 36 ports. It's gonna have a ton of ports. If you go out and buy a rounder, however, you're gonna get one port, maybe two ports for the local area network
01:21
basis.
01:23
Switches are much, much cheaper than routers.
01:27
So, um, and this is not a native mean switches we purchased today. Succour, Bingley and Capability
01:38
and basically, with your villains. What? You can use your ports on the switch into being in a specific veal in, and you can have multiple villains. So I might have the sales feeling and I might have. The human resource is feeling, and I might have a villain for avoid traffic
01:57
ability. I'm able to create a distinct sub networks using a switch rather than a router. And, honestly, that's usually done on the Layer. Three. Switch because layer three switches can allow the villains to communicate with each other, and they really provide
02:15
essentially the same features around her. So if you bring a villain
02:20
in on a layer three switch,
02:23
you're much less likely to need routers for routing internal traffic. We can get that same isolation on a villain for a lot cheaper, even if we do spend the money to get a Layer three switch
Up Next
Chief Information Security Officer (CISO)

In this CISO certification training, you will learn what other CISO's are focusing their time and attention on. Among the key topics, you will learn how to implement the proven best practices that make for successful cyber security leadership.

Instructed By