Network Segmentation Approaches

• Previous message (by thread): Network Segmentation Approaches
• Next message (by thread): Network Segmentation Approaches
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Consider setting up a separate zone or zones (via VLAN) for devices
> with embedded TCP/IP stacks.  I have worked in several shops using
> switched power units from APC, SynAccess, and TrippLite, and find that
> the TCP/IP stacks in those units are a bit fragile when confronted
> with a lot of traffic, even when the traffic is not addressed to the
> embedded devices.

Yes! This.

I used to have my PDUs/term serves/switches all on one VLAN. As growth 
occurred, they get broken out to dedicated VLANs. With that, the amount 
of false positives from Zenoss went way down (frequently port 80 would 
report down, then clear). I still get some alerts, but far less 
frequently.

• Previous message (by thread): Network Segmentation Approaches
• Next message (by thread): Network Segmentation Approaches
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]