[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Network Segmentation Approaches

Subject: Network Segmentation Approaches
From: charles at thefnf.org (charles at thefnf.org)
Date: Wed, 06 May 2015 14:59:53 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

> Consider setting up a separate zone or zones (via VLAN) for devices
> with embedded TCP/IP stacks.  I have worked in several shops using
> switched power units from APC, SynAccess, and TrippLite, and find that
> the TCP/IP stacks in those units are a bit fragile when confronted
> with a lot of traffic, even when the traffic is not addressed to the
> embedded devices.

Yes! This.

I used to have my PDUs/term serves/switches all on one VLAN. As growth 
occurred, they get broken out to dedicated VLANs. With that, the amount 
of false positives from Zenoss went way down (frequently port 80 would 
report down, then clear). I still get some alerts, but far less 
frequently.

Follow-Ups:
- Network Segmentation Approaches
  - From: morrowc.lists at gmail.com (Christopher Morrow)

References:
- Network Segmentation Approaches
  - From: nanog1 at roadrunner.com (nanog1 at roadrunner.com)
- Network Segmentation Approaches
  - From: list at satchell.net (Stephen Satchell)

Prev by Date: Question about co-lo in APAC region
Next by Date: Network Segmentation Approaches
Previous by thread: Network Segmentation Approaches
Next by thread: Network Segmentation Approaches
Index(es):
- Date
- Thread