Importance of Virtual LANs in Maximising Uptime and Reliability

Virtual Local Area Networks (VLANs) have become a necessity, especially since more and more devices are now capable of connecting to networks to access network resources or the internet. They allow organisations to assign devices to a specific network ‘group’ to ensure better network performance, and so maximise the uptime and reliability of the network.

What is a Virtual Local Area Network (VLAN)?

When you hear the word “virtual” in front of any other techy word, it usually refers to a simulated or digital version of something that exists physically. Specifically, in terms of computing and networking, “virtual” typically refers to a software-based or logical representation of a physical resource. “Virtual reality” refers to a “reality” created on top of the current reality. A “virtual server” is a software-based representation of a physical server that can run its own operating system and applications, giving the illusion of a physical server. We can therefore conclude that a virtual local area network, or VLAN, is a software-based representation of a local area network.

But, if we stopped there with our definition of a VLAN, it’d be inaccurate. Instead a VLAN allows us to partition an existing network into multiple logical networks, all running on the same LAN infrastructure. This is primarily achieved with a physical network device called a switch.

How VLANs Improve Uptime and Reliability

VLANs are used to improve the performance, security, and management of a network by segmenting a LAN into different groups or “broadcast domains”. They also make it easier to enforce network policies and can help cut costs on unnecessary network equipment and cabling. Here’s how:

Network segmentation

Without a VLAN, a local area network (LAN) is one big broadcast domain. In other words, broadcast traffic is sent to all devices on the LAN. Every device needs to process broadcast traffic to determine whether the traffic is relevant to it or not. In time, as more devices are added to the network, this can lead to a lot of overhead which can slow down the network, and even slow down devices on the network.

When we create VLANs on the network and assign devices to a VLAN, each VLAN becomes its own broadcast domain, with broadcast traffic only sent to devices on that VLAN. This reduces the overall amount of unnecessary overhead traffic sent to all devices, and can dramatically speed up the network.

In a real-world scenario, this means we can divide a network into several VLANs: one for each department (like Marketing, HR, and Finance), one for servers, and maybe another one for printers. With this setup, a broadcast message sent by a device in the Marketing VLAN will only be sent to other devices in the same VLAN.

Load-balancing

But what if there’s a scenario where network segmentation isn’t enough? Imagine a scenario where, despite the presence of VLANs, peak times can occur where hundreds or thousands of devices simultaneously connect to and access network resources. The sheer volume of network traffic can put strain on network devices such as switches and routers, or even overwhelm them, with the result being slow response times, dropped connections, or even a complete network outage. Further network segmentation or adding additional resources may not always be the answer, or even feasible.

With VLANs in place, load-balancing techniques can be introduced to evenly distribute network traffic across network resources (e.g. servers or secure shared network drives)  to ensure that no single device is overwhelmed. Quality of Service (QoS) rules can be added to prioritise critical traffic to ensure that those services perform well, even during peak times.

To be clear, load balancing isn’t an inherent feature of VLANs, but is often employed alongside VLAN implementation to optimise resource usage, maximise throughput, minimise response time, and prevent overload of any single resource.

Security

VLANs can be used to improve network security by isolating sensitive systems, limiting potential exposure in case of a security breach.

As an example, we can compare a network with no VLANs against one where different departments (Marketing, HR, and Finance) are each on a separate VLAN. Without a VLAN, one compromised device can put the entire network at risk. An attacker can potentially gain access to sensitive information across all departments.

Where VLANs have been implemented, a breach will be limited to the scope of that VLAN. VLANs also allow for the implementation of access policies and firewall rules which can be used to limit access (based on access roles) and restrict traffic.

It’s important to keep in mind that VLANs on their own are not a comprehensive security solution. Proper network security requires additional measures such as firewalls, intrusion detection and prevention systems, regular patching and updates, and user training.

Simplified management

Managing a network can be tough, especially if it is sprawled across a few floors, and especially if there are no VLANs. In this scenario the switch for, say, Marketing might be located on the 5th floor, while the Marketing department itself is physically located on the 1st floor. When a new team member joins Marketing, the network manager may have to reconfigure the switch on the 5th floor and run a cable through to the 1st floor.

A VLAN solves this problem since the network manager can logically group devices regardless of their physical location. This means that HR can use the boardroom on any floor and still connect to the HR VLAN. The new guy in Marketing will always connect to the Marketing network wherever and whenever necessary.

What to do next

VLANs come with a lot of benefits in terms of network uptime and reliability. Better performance, more intelligent networking, enhanced security, and better network management are just a few of the perks. But, it requires a specialised skill set to set up and maintain. Storm’s Virtual LAN Services fills that skills gap for networks of all sizes, no matter how complex.