three things:
bandwidth-greedy, consuming all they can find. These bandwidth abusers
are multimedia applications that use broadcasts and multicasts extensively.
Faulty equipment, inadequate segmentation, and poorly designed firewalls
only serve to compound the problems that these broadcast-intensive appli-
cations create. All of this has truly added a new dimension to network design,
as well as generating new challenges for an administrator. Making sure the
network is properly segmented in order to isolate one segment's problems
and keep those problems from propagating throughout the internetwork is
imperative. The most effective way of doing this is through strategic switching
and routing.
VLANs environment. All devices in a VLAN are members of the same broad-
cast domain and receive all broadcasts. The broadcasts, by default, are fil-
tered from all ports on a switch that are not members of the same VLAN.
This is great because it offers all the benefits you gain with a switched design
without the serious anguish you would experience if all your users were in
the same broadcast domain!
flat internetwork's security used to be tackled by connecting hubs and switches
together with routers. So it was basically the router's job to maintain security.
This arrangement was pretty ineffective for several reasons: First, anyone con-
necting to the physical network could access the network resources located on
that physical LAN. Secondly, all anyone had to do to observe any and all traffic
happening in that network was to simply plug a network analyzer into the hub.
And in that same vein, users could join a workgroup by just plugging their
workstations into the existing hub. So basically, this was non-security!