[unisog] Are cisco router VLAN ACL's stateful like a PIX?

Michael Holstein michael.holstein at csuohio.edu
Wed Feb 2 14:31:52 GMT 2005


> I'd dearly love to kill all MS network traffic on campus but I value my
> life.

As would us all :) .. realistically though, the only thing that really 
needs SMB/CIFS are :

1) wins servers
2) domain controllers
3) exchange servers
4) Microsoft file servers

So just put the above together in a secure vlan(s) and setup ACLs 
allowing clients to do their SMB/CIFS to it and nowhere else.

This has the added benefit of preventing folks from setting up their own 
private little domains without getting permission.

~Mike.



More information about the unisog mailing list