Jump to content
Security Installer Community

V Lan

BUSTER

By BUSTER
in Members Lounge (Public)

 Share

Recommended Posts

BUSTER Newbie

BUSTER

Posted
Posted

With all the talk of security vulnerabilities recently and the suggestion of a vlan giving better security I have a few questions

1. How difficult are they to set up

2. Can things on different vlans see each other ie if I have a nvr on one vlan, ip phone system on another and pc,s on another can the pc log onto the nvr etc or does that defeat the object

Any help/advice gratefully received

Any comments / opinions posted are my opinion only and do not represent those of my employer or Company

Link to comment
https://www.thesecurityinstaller.co.uk/community/topic/39449-v-lan/
Share on other sites
sixwheeledbeast Mentor

sixwheeledbeast

Posted
Posted

It all depends on how competent you are at that stuff really.

You will find it's only available on top end enterprise routers, if your using a router to do it.

 

The whole point of a VLAN (Virtual LAN) is to isolate the LAN into sections, so yes that wouldn't work on the LAN side.

cybergibbons Newbie

cybergibbons

Posted
Posted

The point of a VLAN is to make it like there are physically separate networks running. You then use the routing/firewall to allow certain traffic between the two.

 

They add a lot of security if you set the firewall up correctly, and make a lot of attacks a lot harder. You can make it so that a PC on the general VLAN can access a DVR on the the security VLAN. But the DVR wouldn't be able to access the rest of the network, so damage would be limited.

 

Even if you allow all traffic between two VLANS, it makes an attackers life harder as a number of attacks assume the DVR is on the same local network segment.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

PeterJames Mentor

PeterJames

Posted
Posted

Newer models of routers have guest networks on the wifi, mine doesnt allow me to see my servers when I log into the guest wifi so I guess this is a easy way of setting up a vlan or am I wrong

cybergibbons Newbie

cybergibbons

Posted
Posted

Newer models of routers have guest networks on the wifi, mine doesnt allow me to see my servers when I log into the guest wifi so I guess this is a easy way of setting up a vlan or am I wrong

Technically, it's not a VLAN, but essentially it is the same idea. It's another network that is firewalled off.

Normally that functionality lets the trusted network access the guest network, so putting security devices on there could be wise. Good idea.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

PeterJames Mentor

PeterJames

Posted
Posted

Technically, it's not a VLAN, but essentially it is the same idea. It's another network that is firewalled off.

Normally that functionality lets the trusted network access the guest network, so putting security devices on there could be wise. Good idea.

I have an idea it may be wifi only and not restricted on the lan, ill take a look and let people know

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept