[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] Limitations of Network Partitioning [previous slide] [next slide]


* IP address based
o Why trust IP addresses?
o LAN security is needed
o DHCP
o Binding IP address to MAC (Ethernet) address

* Becomes complex in large environments
o Meshed networks with large numbers of filtering devices
o When business needs require the set up of many VLANs

* Definition is too complex when many entities have exchanges
o Many branches with different flows between them
- templates can't be used
o Need for local policy definition within a hierarchical policy definition


*********************************************************************
HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 28 -