There are many acronyms to keep track of in the IT realm. One that’s been around for over 30 years now is VLAN – virtual local area network. A VLAN offers flexibility that more and more businesses find appealing.
But what exactly is a VLAN? A VLAN allows you to segment a network without needing separate hardware. So, you can have a single physical switch, but multiple different networks connected.
You can group computers, servers, or other resources into a network based on department or user type. It doesn’t have to be based entirely on physical location. The computers might be on various floors of a building or spread out over different locations, but everyone in the network segment shares the same network resources and bandwidth.
You could think about it like a neighborhood of homes connected to the same city water main. Everyone is getting their water from the same line. But imagine there are people who want fluoride in their water and others who don’t. So, the water company needs to group the fluoride-loving homeowners in one network, whereas homes not receiving fluoride are grouped together to get their own water supply.
In business, containing a department’s traffic to a single VLAN can:
- help with network efficiency by reducing extraneous traffic;
- enhance security by creating a virtual boundary around that business unit;
- improve bandwidth performance by limiting node-to-node and broadcast traffic;
- save workplace disruption, as there is no need to physically match up ports and switches on a network.
Other Reasons for VLAN Popularity
VLANs can also prioritize data, separate private and public networks, or secure specific devices.
What do we mean by VLAN priority? You might think about a highway with a concrete barrier dividing traffic. Administrators can keep data from merging over into the voice traffic lane. Prioritizing using VLANs helps maintain the quality of service users expect.
Another common use of VLANs is separating private and public networks. When you log onto a hotel’s public Wi-Fi, you can’t access their internal business resources. That’s because the backup servers and other resources have been segmented. The back-of-house computers are all connected on the private network. The VLAN keeps you from accessing them on the public network.
VLANs have also gained in popularity with the growth of the Internet of Things. Smart devices offer many advantages, but they also represent new security vulnerabilities. Each of those sensors, wearables, and IoT devices could be an entry-point to your network. That’s no good if they’re connected to a network with sensitive and proprietary business data. With a VLAN, you can separate IoT devices to prevent them from accessing more than they need to.
The same is true of security cameras. You can’t trust they are safe. For example, many government sites have banned the world’s leading brand of camera. There are concerns a foreign power could exploit the connected cameras. With a VLAN in place, though, the security camera can be prevented from accessing the internet so it can’t “phone home.”