In today’s fast-evolving technology, managing and securing data traffic is very crucial and important. In Shared LAN there are multiple constraints including a single domain, no segmentation, Security issues, and less control, but Industries are more concerned and focused on security. Virtual LANs are tools or technology for efficiently dividing and organizing networks in segmentation. The aim of this article is to explore the concept of VLANs, What is a VLAN and how it works. Vlans divide the physical network into Logical or Virtual LANs.
What is a VLAN
A virtual LAN (VLAN) is a logical LAN or a logical subnet which is used to break or device multiple broadcast domain. It is a technique to divide a physical LAN into multiple Virtual Local area network or LAN.
During Local area designing and connectivity, we use L2 Switches which come with a default VLAN, by default all switch ports are part of that default VLAN. If we connect all local devices on switch ports, they will start communicating with each other because they are a member of the same domain and all departments like sales, Accounts, IT, HR, etc., can access each other’s data without any restrictions which is not good for a healthy and secure.
You may interested to read this also to understand more that What is a VLAN on switch: How Switch Works
How VLAN works
By Now we are understood that What is a VLAN. Its provide better segmentation of organizational flexibility and scalability. Generally, Switch works for the same LAN and subnet, but what if, we have different or multiple subnets or networks? The organization wants to segregate the users or departments who are connected to the same Switch ports.
By configuring multiple VLANs we can group these ports and users into a single domain or subnet without investing in implementing multiple switches for each and every department or service.
In the above Diag-1, All departments were part of the same VLAN-1 and everyone can access each other’s data. Although it is simple and easy to setup, has security breaches, and constraints that IT can also see account data (maybe other salary and Balance sheets), do you feel it is good for an organization?
So, how to make secure it, Should the organization buy a switch for each and every department and connect the respective team’s laptop and PC with that Switch only? I don’t think this is a good or feasible solution and also not practically possible because users can have seats on different floors or buildings. So, what is the feasible solution?
Creating and dividing a single LAN into multiple Virtual LANs is the feasible and best solution.
In Diag-2, we can see that all department have their own VLANs [(10 (Sales), 20(Accounts), and 30 (IT Team)] and have the same on another switch as well. Now, all departments can communicate with their department securely and don’t have access to each other data because on switches we have configured multiple VLANs and divided a single switch into multiple Virtual switches.
To know more on What is a VLAN and how it does works, pls watch also :
Advantage of VLAN
In addition to providing network segmentation, it offers other benefits that include:
- Reduced administrative and hardware costs
- Simplify to move, add, and change for any user at any time across geographical limitations.
- It can be managed centrally or NOC.
- No need to invest much in hardware, can divide a physical switch logically in multiple Virtual LANs.
- Increase bandwidth utilization
- Better control of broadcasts
- As all traffic is traveling in their specific VLANs, other traffic will not be in use, and it increase bandwidth utilization.
- Network Security Improvement
- Separate VLAN group for high-security users
- Relocate servers into secured locations
- By logically isolating different groups or departments within an organization, VLANs prevent unauthorized access to sensitive information. This improves network security by limiting the scope of potential security breaches and preventing unauthorized users from accessing resources they should not have access to.
- Scalability, Flexibility, and performance
- Microsegment with scalability
- Distribute traffic load
- It makes network administration more efficient and streamlined. Instead of managing a large, flat network, administrators can now focus on specific VLANs and their associated applications or departments
VLAN Configuration
There are two types of VLAN. Layer-2 and Layer-3 VLAN. Layer-2 Vlan only communicate with same VLAN. but on Layer-3 VLAN we can configure IP address and can use it for Routing purpose as well.
To configure Layer-2 Vlan, Below is the configuration:
config)#vlan 10
(config-vlan)#name <Vlan name>
To configure Layer-3 Vlan, Below is the configuration:
config)# Interface vlan 10
(config-vlan)#Ip address x.x.x.x <subnet mask>
To assigning access port to VLAN
config)#interface <interface-number>
(config-if)#switchport mode access
(config-if)#switchport access vlan 10
Conclusion
To conclude on What is a VLAN and how it does works and If we try to learnt then we will found that it provide secure network segmentation, enhance network performance, and simplify administration. By effectively dividing a network into smaller logical networks, VLANs enable organizations to optimize resources, increase security, and improve overall efficiency. Network administrators should consider implementing VLANs to harness these benefits and build robust infrastructures.
Visit our site: https://www.kbrosistechnologies.com/
Watch more Video https://www.youtube.com/channel/UCpcd6IshE1caAbf9EdJd3gw
