Segregation Light

Deploying a new multi interface firewall or extending an existing firewall is not easy.

  • You will need to decide how many interfacesyou need now, and how many interface will be needed in the future.

  • You will need to write an IP addressing plan. Would it be the hard to operate /29 segments? Or would it be the /24 extravagance?

  • You will need to move the existing hosts from their current subnets to the new subnets, which means changing their IP addresses. This works best on power point presentations...

Now imagine deploying network segregation without adding interfaces or changing IP addresses!

It is possible, with the help of Private VLANs. You can use Private VLANs to segment an existing VLAN without any change to the hosts or to the firewall topology. Its like mini VLANs inside your existing VLANs.

Private VLANs are a wonderful network segregation tool, but they are hard to deploy and operate.

Marathon Networks PVTD is the Private VLANs enabler. PVTD is a network appliance which makes implementation and operation of Private VLANs an easy task.

Read this white paper for more information.

