· Local Area Network (LAN) – networking devices such as switches, computers, and hubs that are interconnected and access the same range of network addresses. By default all information, also known as packets, that is generated by a particular network device is transmitted to all other network devices within the LAN
· Router – a device that transfers information, also known as packets, between LANs.
· Virtual Local Area Network (VLAN) – groups of network equipment on different physical LAN segments that communicate with each other as though they comprised single LAN.
Disadvantages of a Standard LAN
A standard LAN configuration poses some significant disadvantages. First, a LAN cannot exchange information across a Wide Area Network (WAN).
Next, the physical nature of a LAN requires changes to network devices and cabling whenever there are physical changes to the location of network equipment. A LAN also shares all of the bandwidth available equally among all network devices and computers equally. Finally, since a LAN broadcasts all information packets to every device in the LAN, it is possible for an unauthorized device to have access to sensitive information. A traditional LAN setup is adequate for small offices with only a few networked devices but for large networks, or for networks that require a LAN to be broken down into smaller segments, a VLAN will be required.
Advantages of VLAN over LAN
The implementation of a VLAN overcomes the disadvantages of a standard LAN configuration in several ways. These are: functional grouping, bandwidth separation, reduced network maintenance, reduced costs, and finally, improved security.
First, a VLAN allows an administrator to group devices and computer with similar functions into a single work group. This prevents sensitive information from leaving the workgroup and being accessible by other network devices. For example, in a traditional LAN setting, in order to keep the HR department function and devices distinct from the Production department, each department would need its own physical network and the two networks would be connected via a router. Using a VLAN with two segments would remove the need for the router and the departments could be supported on a single network wiring scheme. This would also allow a department, such as HR, to have multiple locations connected by a LAN, New York and Los Angeles, for example.
Second, a VLAN controls the data flow among the virtual LAN segments. This means that a VLAN can allocate bandwidth to separate segments, in effect increasing the bandwidth available for any given device. Segmentation also reduces overall broadcast traffic thereby reducing bandwidth utilization. Assume that the previous example is being implemented on a 100Mbps network. In a typical LAN situation the 100Mbps of the network would be shared among all devices in both HR and Production. By separating the two, each department has 100Mbps available, doubling the bandwidth and reducing the broadcast traffic.
Third, network maintenance may be reduced. Being able to make changes within a virtual LAN segment prevents the need of the administrator to make physical changes to devices when they are relocated. It can also remove the need to lay additional cable to connect a device to the proper network segment.
Fourth, reduced network maintenance may translate into reduced costs. Additionally improved performance, due to bandwidth improvement and broadcast decreases, will translate into improved productivity and therefore reduced costs.
Fifth, a VLAN provides an important piece of a network’s overall security design. The segmentation ability of a VLAN ensures that packets of information are only available to the machines and devices for which they are intended. This prevents unauthorized devices, and therefore unauthorized personnel, from accessing potentially sensitive information, such as HR information.
While there is still a place for using a traditional LAN, once the network gets larger and as the situations listed above become more critical, a VLAN becomes a viable option to improve overall network performance and security.
Virtual LANs are just one piece of an overall network design. Cisco, a leading manufacturer of networking equipment, offers certification that helps to identify the place, if any, of VLANs in a network. CCNA training is an excellent way to acquire the knowledge and skills necessary to achieve this certification.
Question: Your network has 100 nodes in your location including 2 remote locations. In order to isolate the HR department traffic from all other network traffic you could:
a. Install a router on the main network
b. Implement a VLAN with two segments
c. Implement separate LANs at the various remote locations
d. All of the above
Answer: b. Implementing a VLAN with two segments would allow the isolation of the HR data from the remainder of the network and allow the segments to be extended over the WAN.
Tags:lan configuration, lan networking, lan segments, local area network, local area networks, networked devices, traditional lan, virtual local area networks