Title :
Effective VTP Model for Enterprise VLAN Security
Author :
Verma, R.O. ; Shriramwar, S.S.
Author_Institution :
Dept. of Electron. & Telecommun., RTMNU, Nagpur, India
Abstract :
VLAN´s are widely used in today´s enterprise networks to improve scalability & flexibility at core, distribution and access layers. VLAN´s are no longer confined to LAN environments and are becoming more widespread in their use. Unfortunately VLAN security issues has raised concerns and caused some network architects to re-focus on the associated issues. Our paper focused on two key issues required to implement inter-VLAN communication i.e. Effective VLAN design according to organizational need to reduce the much complex administrative work, and to overcome security issues related with VTP design model. We propose mechanism to use router sub-interfaces for Inter-VLAN communication with the ability to filter ingress & egress traffic using Access Control List, and to overcome VTP issues like VLAN hopping attack and counter the effect of inserting a rogue switch with high config revision number. The proposed architecture and VTP issues are demonstrated by analysis done in simulated network. Unless otherwise stated this paper is based upon configuration & hardware implementation in a Cisco environment.
Keywords :
computer network security; local area networks; telecommunication network routing; telecommunication traffic; Cisco environment; VLAN hopping attack; VTP design model; access control list; egress traffic; enterprise VLAN security; ingress traffic; interVLAN communication; router subinterface; Local area networks; Ports (Computers); Radiation detectors; Routing; Security; Servers; Switches; VACL; VLAN; VTP; config revision number; trunking;
Conference_Titel :
Communication Systems and Network Technologies (CSNT), 2013 International Conference on
Conference_Location :
Gwalior
Print_ISBN :
978-1-4673-5603-9
DOI :
10.1109/CSNT.2013.95
