Using virtual local area networks (VLANs) to divide up a network makes a number of separate networks within the data center. Each network has its own area for broadcasting. When it is set up right, VLAN segmentation makes it very hard to get into system attack surfaces.
Mohsen Arzani ,
A VLAN is a way to segment your network logically instead of physically. For example, in my home I have my wireless network connected to a VLAN segment made on my switch. By doing this I can route the wireless traffic (which I consider insecure and used for guests and friends) to the internet but do not allow the wireless traffic to go into my wired network (which is on another VLAN in the same switch). I also have a second wireless network which has the same rule but can also access the internal network printers through an access list in my router(also in the same switch). Note that, for the VLANs to work the switches need access lists that are provided by the router (or router/firewall).
The advantage of having this setup is that it controls the traffic any given segment sees by treating VLANs as separate entities needing a router for access. This provides security and efficiency. Also by having LANs logically segmented as VLANs can save you money since routers with many physical ports can be costly.
- Badges
- Science topic
- Similar topics
- Engineering
- Control Theory
- Control Systems
- Control Systems Engineering