Networking Partitioning Using Vlan; Creating Vlan Virtual Interfaces - ZyXEL Communications ZYWALL 1050 Support Notes
Internet security appliance
Hide thumbs
Also See for ZYWALL 1050:
- User manual (892 pages) ,
- Support notes (345 pages) ,
- Cli reference manual (284 pages)
Table of Contents
Advertisement
3.3 Networking Partitioning Using VLAN
Although ZyWALL 1050 has only five physical ports, you can still partition your
networking with more than five interfaces. ZyWALL 1050 is VLAN aware and it supports
virtual interface as well. With ZyWALL 1050, you can run a maximum number of thirty two
VLANs. As a result, it makes networking partitioning very easy. However, a VLAN-capable
L2 switch is required to create the VLAN tags in front of ZyWALL 1050.
When you conduct a network planning, it is always a good idea to aggregate all the
similar security level of devices into the same security zone. And different security level of
devices should be placed in different security zone. Finally you can apply different access
policy enforcements to different security zones to make your network more secure. By
combing VLAN and customizable zones, IT managers can construct necessary security
infrastructure without hassle and reduce the management burden.
3.3.1 Creating VLAN virtual interfaces
Here is an example
Internet
SECRET
Important servers, including Domain
Controller, Directory server, database servers
are placed in this zone. Strict access policy
may apply to prevent misuse from happening
VLAN10
*VLAN-capable L2 switch is required to create VLAN tags
All contents copyright (c) 2006 ZyXEL Communications Corporation.
VLAN Switch
FINANCE
LAN
Highly confidential financial servers are placed in this
zone. Access privilege only be granted to authorized
Corporate
users
Intranet
VLAN30
VLAN20
ZyWALL 1050 Support Notes
223
Advertisement
Table of Contents
