Q
Problem solve Get help with specific problems with your technologies, process and projects.

What kind of security is available for VLANs?

What kind of security is available for VLANs?
To begin with Virtual LANs (VLANs) operate at Layer 2 of the OSI model. However, a VLAN is often configured to map directly to an IP network, or subnet, which gives the appearance it is involved in layer 3 (logical VLAN). VLANs provide security in two ways:

  • This first method is authentication, which requires that users authenticate before they are assigned to a VLAN. Employing this method is much more powerful than simply basing VLAN assignment on the port a user is connected to or their MAC address. This method offers the only true type of mobility in VLAN.
  • The second security feature is communication control. Once a user is assigned to a VLAN, communication flow into or out of that VLAN can be controlled by any standard Layer 3 service like ACLs, firewalls, etc.

    To summarize: High-security users can be grouped into a VLAN, possibly on the same physical segment, and no users outside of that VLAN can communicate with them. And secondly, because VLANs are logical groups that behave like physically separate entities, inter-VLAN communication is achieved through a router. Thus, all the security and filtering functionality that routers traditionally provide can be used.

  • This was last published in August 2004

    Dig Deeper on Campus area network

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchUnifiedCommunications

    SearchMobileComputing

    SearchDataCenter

    • How do I size a UPS unit?

      Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

    • How to enhance FTP server security

      If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

    • 3 ways to approach cloud bursting

      With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

    SearchITChannel

    Close