A virtual local area network (VLAN) is an abstracted LAN that is created to operate through the data link layer (layer 2) of the OSI network model. Unlike a physical local area network or LAN, in which a hardware setup accommodates point-to-point identification and access through a physical network, VLANs are made with isolated partitions in workstations, so that an individual node address moves with the virtual partition, not the physical workstation.
One of the biggest benefits of setting up VLANs has to do with the dynamic nature of workflows on modern networks. In the old days, a user was typically assigned a particular hardware station, through which the end user, the employee, accessed all of the data that he or she needed to do his or her job, and inputted all of the data that he or she was responsible for contributing.
In the smartphone age, this model is outdated. Users will be submitting information from various points: from a personal or company issued mobile device, from the field, or from various parts of an office. The VLAN essentially solves this problem of “musical chairs.” In addition, with the rise of remote work and distributed models, most workers can’t be counted on to use a specific desk or desktop within an office: the VLAN solves that issue as well, by tying the user’s identity to the virtual network partition.
Another good use of a VLAN involves reducing traffic. By segmenting network traffic into different non-connected VLANs, administrators can cut down on network traffic. For example, messages meant for only one group of workstation users can go to only the computer group in a single VLAN. VLANs can also help with user provisioning, where, as mentioned above, the use of a partition can help to achieve better kinds of tracking for individual user processes.
VLANs may also help with the handling of applicable enterprise standards and protocols. A business might have several operations or departments operating in the same physical building. With a simple LAN, all network traffic would travel across the entire network.
To wall off operations, administrators can create different VLANs for two different departments that are not supposed to communicate with each other. One prominent example is in finance, where different arms of a financial institution are said to be independent of one another for the purposes of the Sarbanes-Oxley Act or other rules or standards.