Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
VLAN
Amr Elchouemi
VLAN 2
March 8, 2011VLAN
This is a plan to create a Virtual Local Area Network (VLAN) over several remote
conform to the organizational structure instead of the physical structure of the network. It
provides privacy and security while using a public network for its backbone like the Internet.
This plan segments the network into different broadcast domains to avoid bandwidth
consumption and that ensures the network is not flooded with packets.
A VLAN is a network that allows network components spread over different geographic
locations to communicate as if they were part of a LAN. “A VLAN is a logical local area
network (or LAN) that extends beyond a single traditional LAN to a group of LAN segments,
given specific configurations. Because a VLAN is a logical entity, its creation and configuration
Client switches and management switches will comprise this VLAN. The management
switch will identify all client switches. A random character string will identify each segment
differently. Client Switches forward to the correct Network Segment by the segment
identification. Packets filtered to network segments so the network will be less chance of
The VTP mode used to configure the switches is transparent. Transparent schemes do not
broadcast their configuration (Cisco, 2009). Once configured, they will not attempt to
reconfigure. This means that a tech will reprogram every switch when it expands. This will
provide an extra level of security in case of a compromised network segment. The type of switch
is a multilayer switch that will be able to read further into the packets to ensure correct
Simple identification by IP address and MAC address is not sufficient. When spoofed,
the switches and routers will not be able to tell the difference. To improve security an open
source encryption system with a proprietary set of keys. Encryption systems configured to give
only certain keys to certain network segments so that management has control over information.
VLAN membership by MAC address shall be the protocol of the Network. The value of
this type of membership is near positive identification; one has to know a MAC address and its
component function in order to spoof it. Backing up the vlan.dat file of the switches to save the
configuration of each network so incase of switch failure reconfiguration only takes as long as
Conclusion
This plan segments the network into different broadcast domains to avoid bandwidth
consumption and that ensures the network is not flooded with packets. It creates a VLAN over
security plan calls for an open source encryption system with a proprietary set of keys. VLAN
References
http://www.articlesbase.com/networks-articles/what-is-vlan-3017766.html.