HPE Community
Servers & Systems: The Right Compute
1776966 Members
1724 Online
109061 Solutions
New Article
 
Subscribe to RSS Feed
|
marksimpkins

Re: Tech Tip: Why you really don’t need VLANs and why you must have them

‎07-25-2022 11:28 AM

Understand the purpose of Virtual Local Area Networks, how they can help smart small businesses stay that way, and when and why you might not need them.

VLAN-Networks-Small-Business.pngWhat is a VLANA Virtual Local Area Network (VLAN) is a group of ports designated by the switch as belonging to the same broadcast domain. That is, all ports carrying traffic for a particular subnet address would belong to the same VLAN.

Using a VLAN, you can group users by logical function instead of physical location, for instance marketing, finance, sales, and customer support might have their own VLANs. This helps to control data access (think security here) as well as bandwidth usage by allowing you to group high-bandwidth users on low-traffic segments and to organize users from different LAN segments according to their need for common resources.

While an older non-VLAN style networking model might assign users to networks based on their physical location, superseding that with a modern network structure using VLANs allows one to ignore such geographic barriers and assign users based on more logical, virtual requirements.

Example VLANs could include:

  • Marketing
  • Finance
  • Support
  • Phone system (VoIP)
  • Guest network
  • Employee smart phones (are we still using that term?)
  • IT Management
  • Storage Area Network (SAN)
  • Separating home office equipment from the home
  • Separating cloud-based VMs

Why you must have VLANs

Three(-ish) words: security, manageability, and a foundation for growth.

While VLANs are not a security panacea—nothing is since security is a multi-layered beast—VLANs can augment security.

For example, if someone’s laptop gets malware, a VLAN may help prevent that from spreading to other clients and servers. Implementing a guest VLAN surely sounds like a good practice to me, and different organizations and functions may not need to see one another’s data.

Keeping management ports separate is also a good idea. Want to have a cleaner and easier to read network map and handle employee and device relocations more simply? VLANs can help with simplified administration and flexible responses to changing network needs.

VLANs also allow you to scale your network more easily and establishing even a simple mapping of VLANs early on can help keep your network under control as it grows.

Why you really don’t need VLANs

One could argue that you really don’t need VLANs in your network, especially if you are a small business with few users and no IT staff to help.

After all, manageability and security for Aruba Instant On switches and access points is already very good. Maybe you don’t expect to grow very much. Why would you add that extra bit of complexity to your network in that case?

Aruba Instant On 1930 48G Class4 PoE 4SFP/SFP+ 370W SwitchAruba Instant On 1930 48G Class4 PoE 4SFP/SFP+ 370W Switch

Well, for early users, it may add some complexity to the network, but as you grow, this ugly duckling of minor complexity yields benefits as it is revealed in all its glory to be like a beautiful swan, a transforming framework for controlled growth.

My advice?

Use VLANs. A simple mapping for a growing small business might look like this:

  • Servers
  • Laptops
  • Voice
  • Smart phones
  • Guests

I propose a maxim that “you don’t need VLANs until you need VLANs,” so plan now to set them up and be ready. Aruba Instant On makes it simple. They’re easy to set up early, best practices are available for planning, and the minimal early effort provides you a solid foundation for growth and security.

Learn more about Aruba Instant On for your business! 


Mark Simpkins
Hewlett Packard Enterprise

twitter.com/HPE_Compute
linkedin.com/in/mark-simpkins-526a941/
hpe.com/servers

 

Labels:
0 Kudos
About the Author

marksimpkins

Mark is the marketing manager for the Small and Midsized Segment here at HPE. He blogs on topics of interest that can help our SMB servers and solutions customers and partners.

Comments
‎08-04-2022 12:58 PM

The article has been written well while covering the very important aspects of a V-LAn and its purpose in an organization whether it be a traditional or a modern V-LAN. I second the author's opinion that a modern V-LAN definitely increases security posture of the organization if configured and managed well A modern V-LAN can also provide better end user experience by optimizing bandwidth.

Does HPE offer V-LAN as a service via its Greenlake?

0 Kudos
‎08-04-2022 03:54 PM

the My Advice is solid, i would only add a management VLAN, the seperation by departement is way over board IMO as going from finance to HR who is packet sniffing in a corperate environement..  But HPe has all the bases coverd with the aruba switches

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.