The ABCs of VLAN Segmentation
To achieve Payment Card Industry (PCI) compliance, American fuel centers are making the switch to EMV pump payment systems, and are discovering that installing a wireless network to fulfill their needs allows them to avoid the costly expense and downtime associated with a wired system. A wireless solution is capable of delivering the high speeds necessary to accommodate next generation fuel dispensers – along with fully certified data encryption technology and VLAN (virtual local area networks) segmented switching. It is this segmentation that is critical to establishing a robust and secure wireless payment infrastructure.
VLAN segmentation works by creating a collection of isolated networks, each with a separate broadcast domain, within a data network . This segmentation within a VLAN network blocks access from malicious attackers against the system. In addition, it reduces packet-sniffing attempts, which is used by outside agitators to capture network traffic at the Ethernet frame level in order to retrieve sensitive information such as financial data. With VLAN segmentation, only authorized personnel can access the servers and various digital devices necessary to execute payment transactions.
Segmentation is best visualized as a port that can accept a variety of devices. That port remains nonfunctional until a device is introduced. Once a specific device is connected, the information on it, such as a Mac address or other identifier, gets recognized. Upon recognition, the port will only open the appropriate channel necessary to accommodate that device. In essence, a credential verification is performed to ensure the device is authorized to access a particular segment of the VLAN. Segmentation provides users with the advantage of protocol separation, which allows network architects to limit certain protocols to specific users. This restricts traffic in each VLAN to relevant packets.
For AvaLAN, a leader in affordable segmentation solutions, experience has demonstrated that the real challenge with segmentation is nobody wants to manage a managed Ethernet switch. It’s very complicated, and hiring IT staff to supervise the network becomes prohibitively expensive. When partnering with the nation’s second largest retailer, AvaLAN designed a solution that supports the features they needed and allows them to have an automatic backend engine that can identify what device plugs are introduced into the port. The system then verifies the device’s credentials and puts it onto the correct network, the correct VLAN. Once the plug is removed, the port deactivates until the next device is introduced.
AvaLAN provides a very easy-to-use wireless solution that allows segmentation for increased data security, and to help fuel centers become PCI-compliant.
Read more at avalan.com
Latest
Biden Nears Win as Japan, Dutch Back China Chip Controls
For more on the West’s race to implement China chip controls, read Bloomberg’s explainer on the computer chip “arms race.” (Bloomberg) — Japan and the Netherlands are poised to join the US in limiting China’s access to advanced semiconductor machinery, forging a powerful alliance that will undercut Beijing’s ambitions to build its own domestic […]
NYSE Mayhem Traced to a Staffer Who Left a Backup System Running
(Bloomberg) — More than 700 miles from Wall Street, the New York Stock Exchange’s backup data center on Cermak Road in Chicago is supposed to safeguard US markets, standing by at all hours in case disaster ever strikes the world’s largest venue for trading shares. When markets are closed, it participates in a well-worn routine, […]
California Storms Have Farmers Rushing to Avoid Crop Shortfall
(Bloomberg) — California farmers are facing costly damages from weeks of severe California storms that may trigger more expensive US fruits and vegetables in a time of massive food inflation. “The numbers are going to be somewhere in the hundreds of millions and perhaps in the billions,” Dave Puglia, head of the trade group Western […]
