Cisco Cisco Web Security Appliance S170 Guía Del Usuario
V I R T U A L L O C A L A R E A N E T W O R K S ( V L A N S )
C H A P T E R 2 2 : C O N F I G U R I N G N E T W O R K S E T T I N G S
491
V I R T U A L L O C A L A R E A N E T W O R K S ( V L A N S )
VLANs are virtual local area networks bound to physical data ports. You can configure one or
more VLANs to increase the number of networks the IronPort appliance can connect to
beyond the number of physical interfaces included. For example, a Web Security appliance
has two data interfaces available for VLANs: P1 and Management. VLANs allow more
networks to be defined on separate “ports” on existing interfaces. Figure 22-4 provides an
example of configuring several VLANs on the P1 interface.
more VLANs to increase the number of networks the IronPort appliance can connect to
beyond the number of physical interfaces included. For example, a Web Security appliance
has two data interfaces available for VLANs: P1 and Management. VLANs allow more
networks to be defined on separate “ports” on existing interfaces. Figure 22-4 provides an
example of configuring several VLANs on the P1 interface.
Figure 22-4 Using VLANs to Increase the Number of Networks Available on the Appliance
VLANs can be used to segment networks for security purposes, to ease administration, or
increase bandwidth. For example, create multiple VLANs on the P1 interface and then apply
different policies to each. VLANs appear as dynamic “Data Ports” labeled in the format of:
“VLAN DDDD” where the “DDDD” is the ID and is an integer up to 4 digits long (VLAN 2, or
VLAN 4094 for example). AsyncOS supports up to 30 VLANs. Duplicate VLAN IDs are not
allowed on an IronPort appliance.
increase bandwidth. For example, create multiple VLANs on the P1 interface and then apply
different policies to each. VLANs appear as dynamic “Data Ports” labeled in the format of:
“VLAN DDDD” where the “DDDD” is the ID and is an integer up to 4 digits long (VLAN 2, or
VLAN 4094 for example). AsyncOS supports up to 30 VLANs. Duplicate VLAN IDs are not
allowed on an IronPort appliance.
NOC
DMZ
VLAN
“Router”
VLAN1
VLAN3
VLAN2
IronPort appliance configured for
VLAN1, VLAN2, and VLAN3