Ask the Expert

Will a VLAN help secure my small network?

My sister-in-law runs a payroll business from a home office with three networked PCs and a Win2000 server. They have a router to a broadband Internet connection. Their son has his own PC in his room and I'm worried about it being on the same network as the business. Would a VLAN provide additional security, and if so, how can I learn more about setting one up?

    Requires Free Membership to View

Answer: If the objective is to restrict Son's PC from accessing the Internet, it can be achieved by making some changes in the router configuration. Enable the following:


  • IP filters
    Use IP filters to deny particular LAN IP addresses from accessing the Internet. You can deny specific port numbers or all ports for a specific IP address.
  • MAC filters
    Use MAC filters to deny computers within the local area network from accessing the Internet. You can either manually add a MAC address or select the MAC address from the list of clients that are currently connected to the unit.

    Additionally, you can create security policies on W2K server for that particular user ID to allow restrictive access to the network.

    Setting up a VLAN for such a small home office network would be very expensive in terms of hardware and setup required. If you can let me know the exact requirement, I might be able to guide you better.

  • This was first published in March 2005

    There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: