| Definitions | | | | Second, a VLAN controls the data flow among |
| · Local Area Network (LAN) - networking | | | | the virtual LAN segments. This means that a |
| devices such as switches, computers, and hubs | | | | VLAN can allocate bandwidth to separate |
| that are interconnected and access the same | | | | segments, in effect increasing the bandwidth |
| range of network addresses. By default all | | | | available for any given device. Segmentation also |
| information, also known as packets, that is | | | | reduces overall broadcast traffic thereby reducing |
| generated by a particular network device is | | | | bandwidth utilization. Assume that the previous |
| transmitted to all other network devices within | | | | example is being implemented on a 100Mbps |
| the LAN | | | | network. In a typical LAN situation the 100Mbps |
| · Router - a device that transfers | | | | of the network would be shared among all |
| information, also known as packets, between | | | | devices in both HR and Production. By separating |
| LANs. | | | | the two, each department has 100Mbps available, |
| · Virtual Local Area Network (VLAN) - | | | | doubling the bandwidth and reducing the broadcast |
| groups of network equipment on different | | | | traffic. |
| physical LAN segments that communicate with | | | | Third, network maintenance may be reduced. |
| each other as though they comprised single LAN. | | | | Being able to make changes within a virtual LAN |
| Disadvantages of a Standard LAN | | | | segment prevents the need of the administrator |
| A standard LAN configuration poses some | | | | to make physical changes to devices when they |
| significant disadvantages. First, a LAN cannot | | | | are relocated. It can also remove the need to lay |
| exchange information across a Wide Area | | | | additional cable to connect a device to the proper |
| Network (WAN). Next, the physical nature of a | | | | network segment. |
| LAN requires changes to network devices and | | | | Fourth, reduced network maintenance may |
| cabling whenever there are physical changes to | | | | translate into reduced costs. Additionally improved |
| the location of network equipment. A LAN also | | | | performance, due to bandwidth improvement and |
| shares all of the bandwidth available equally among | | | | broadcast decreases, will translate into improved |
| all network devices and computers equally. Finally, | | | | productivity and therefore reduced costs. |
| since a LAN broadcasts all information packets to | | | | Fifth, a VLAN provides an important piece of a |
| every device in the LAN, it is possible for an | | | | network's overall security design. The |
| unauthorized device to have access to sensitive | | | | segmentation ability of a VLAN ensures that |
| information. A traditional LAN setup is adequate | | | | packets of information are only available to the |
| for small offices with only a few networked | | | | machines and devices for which they are |
| devices but for large networks, or for networks | | | | intended. This prevents unauthorized devices, and |
| that require a LAN to be broken down into | | | | therefore unauthorized personnel, from accessing |
| smaller segments, a VLAN will be required. | | | | potentially sensitive information, such as HR |
| Advantages of VLAN over LAN | | | | information. |
| The implementation of a VLAN overcomes the | | | | While there is still a place for using a traditional |
| disadvantages of a standard LAN configuration in | | | | LAN, once the network gets larger and as the |
| several ways. These are: functional grouping, | | | | situations listed above become more critical, a |
| bandwidth separation, reduced network | | | | VLAN becomes a viable option to improve overall |
| maintenance, reduced costs, and finally, improved | | | | network performance and security. |
| security. | | | | Virtual LANs are just one piece of an overall |
| First, a VLAN allows an administrator to group | | | | network design. Cisco, a leading manufacturer of |
| devices and computer with similar functions into a | | | | networking equipment, offers certification that |
| single work group. This prevents sensitive | | | | helps to identify the place, if any, of VLANs in a |
| information from leaving the workgroup and being | | | | network. CCNA training is an excellent way to |
| accessible by other network devices. For | | | | acquire the knowledge and skills necessary to |
| example, in a traditional LAN setting, in order to | | | | achieve this certification. |
| keep the HR department function and devices | | | | Question: Your network has 100 nodes in your |
| distinct from the Production department, each | | | | location including 2 remote locations. In order to |
| department would need its own physical network | | | | isolate the HR department traffic from all other |
| and the two networks would be connected via a | | | | network traffic you could:a. Install a router on the |
| router. Using a VLAN with two segments would | | | | main networkb. Implement a VLAN with two |
| remove the need for the router and the | | | | segmentsc. Implement separate LANs at the |
| departments could be supported on a single | | | | various remote locationsd. All of the above |
| network wiring scheme. This would also allow a | | | | Answer: b. Implementing a VLAN with two |
| department, such as HR, to have multiple locations | | | | segments would allow the isolation of the HR data |
| connected by a LAN, New York and Los Angeles, | | | | from the remainder of the network and allow the |
| for example. | | | | segments to be extended over the WAN. |