322
Chapter 6
Virtual LANs (VLANs)
F I G U R E 6 . 2
The benefit of a switched network
And here's another one--security! This one's a real problem because
within the typical layer-2 switched internetwork, all users can see all devices
by default. And you can't stop devices from broadcasting, nor users trying to
respond to broadcasts. Your security options are dismally limited to placing
passwords on the servers and other devices.
But not if you create a
virtual LAN (VLAN)
, my friend! Yes, indeed, you
can solve many of the problems associated with layer-2 switching with
VLANs--as you'll soon see!
There are several ways that VLANs simplify network management:
The VLAN can group several broadcast domains into multiple logical
subnets.
Network adds, moves, and changes are achieved by configuring a port
into the appropriate VLAN.
A group of users needing high security can be put into a VLAN so that
no users outside of the VLAN can communicate with them.
As a logical grouping of users by function, VLANs can be considered
independent from their physical or geographic locations.
VLANs can enhance network security.
VLANs increase the number of broadcast domains while decreasing
their size.
Host A
Host D
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com