Many a comment on the VMware Communities Forums are about using VLANs to secure a network, while technically this is not a network security feature of the network it does provide a way to logically segregate traffic. In my mind segregate is different than separation.
Segregate implies a logical distancing between two or more elements, yet the elements of the network share the same wires, switches, etc.
Separation implies a physical distancing between two or more elements where the elements do not share anything in common.
To use virtualization, it is impossible to achieve 100% separation as we discussed in my Rethinking vNetwork Security post. I have continued to consider all aspects of the vNetwork with respect to security and VLANs. So here are some basic rules that will help you to decide how to design your vNetwork. These rules are based within the physical network (pNetwork).
Continue reading vNetwork Security: Looking at VLANs
Edward L. Haletky, aka Texiwill, is an analyst, author, architect, technologist, and out-of-the-box thinker. As an analyst, Edward looks at all things IoT, big data, cloud, security, and DevOps. As an author, he has written about virtualization and security. As an architect, Edward creates peer-reviewed reference architectures for hybrid cloud, cloud-native applications, and many other aspects of the modern business. As a technologist, Edward creates code prototypes for parts of those architectures. Edward is solving today’s problems in an implementable fashion.