366 Rockwell Automation Publication 1783-UM007G-EN-P - February 2017
Chapter 7 Configure Switch Features
Isolate Traffic and Users
By using VLANs, you can isolate different types of traffic, such as voice and
data. Isolating different types of traffic helps to preserve the quality of the
transmission and to minimize excess traffic among the logical segments. You
can also use VLANs to isolate different types of users. For example, you can
restrict specific data broadcasts to specific logical workgroups for security
purposes. For example, you can keep information about employee salaries only
on devices in a VLAN created for payroll-related communication.
VLANs can also reduce the amount of administrative effort that is required to
examine requests to network resources.
VLANs isolate parts of your network. Therefore, devices that are attached to
the switch ports in the same VLAN can communicate only with each other and
can share data.
Devices that are attached to switch ports in different VLANs cannot
communicate with each other through the switch, unless the switch is
configured for routing. A Stratix 5700 switch, a router, or a Layer 3 switch
must be configured to enable routing across VLANs (inter-VLAN routing),
and additional security policies must be set.
If your network is also using a DHCP server, make sure that the server is
accessible to the devices in all the VLANs.
The following figure is an example network that uses VLANs based on
different network traffic and network users. Organizing a network around
these factors helps to define the size and membership of the VLANs in the
network.
Figure 50 - VLAN Example
R
o
WAN/Internet
Router with
Firewall
VLAN 3
Switch C
Switch A
Switch D
VLAN 5
PC
MAC
VLAN 7
VLAN 9
Network
Management
Servers
Printer
Printer
Switch B
Guest
Guest
Access Point
To Next Page
Loading...
Need help?
General
