Wireless VLANs can boost network security and protect business assets by segmenting traffic
Small business networks don’t have to be basic. In fact, they should apply some advanced networking technologies to their networks to get the same benefits as large enterprises, such as virtual LANs (VLANs). Just like larger companies, smaller businesses can use VLANs to bolster security, increase usability, and improve network performance. And with a wireless VLAN, you can segment wireless traffic on your network into groups that keep certain types of traffic separate from the rest of the traffic on your network.
A LAN is defined as all the devices that connect to each other in the same broadcast domain, whether that’s a wired or a wireless network. A VLAN uses software to create a virtual network of devices that are assigned to a broadcast domain; a wireless VLAN is like a separate, mini network within your wireless LAN. You can set up one or more wireless VLANs to support different groups of users, depending on their needs and the risks inherent to your company.
Most commonly, small businesses use VLANs to:
- Create a safe guest network that separates guest users’ traffic from company network assets
- Group employees using the same data-intensive applications, such as voice-over-IP (VoIP) phones
- Restrict access to highly sensitive data by separating financial and HR employees, for example, from the rest of the network
You can use VLANs to improve network security by, essentially, putting all sensitive traffic and the users who have access to it on a separate network. No other types of traffic can travel on that VLAN and only authorized users have access to it, whether it’s a guest network or a VLAN for your financial application users. VLANs can also improve network performance, management, security and usability for data-intensive applications by limiting broadcasts to just a certain type of traffic, such as VoIP.
Setting up a wireless VLAN
The software in your wireless networking equipment, either a switch or wireless access points (WAPs), is used to configure VLANs. Several of Cisco Small Business products support VLANs, including RV Series Routers and Wireless Access Points.
The details of setting up a wireless VLAN may differ depending on the device, but the basics are the same. You configure the ports on all the devices you want to include in a given VLAN to the same number—except “1,” which is the default. For instance, you would configure specific ports on your switch, the WAPs Service Set Identifier (SSID), and the SSID of any wireless client devices to VLAN 10, making all the devices part of the same broadcast domain. The client devices access VLAN 10 through the WAP, and only those devices can communicate with each other on the VLAN. A single switch can accommodate more than one VLAN because each port can be configured individually.
Calling in the cavalry
Whenever you make changes to your network configuration, you run the risk of accidentally breaking a connection somewhere in your network. Setting up a VLAN isn’t necessarily difficult, but not every small business has the in-house expertise to correctly configure wireless devices. If that’s the case with your company, a local Cisco reseller can help set up a VLAN for your business.
A VLAN offers several benefits for a small business, which may surprise those who think it’s a technology suitable only for the enterprise. VLANs offer greater security and, like many advanced networking technologies, can help you build the right network for your company’s future growth.
How would using a wireless VLAN help your company?