Do VLANs Increase Security On Your Network?

What are VLANs?

Most consumer routers only have two networks (WAN & LAN).

  • WAN (external) having 1 physical interface
  • LAN (internal) having 1 – 5 interfaces
  • Back of router

Virtual Local Area Network or VLANS are network segmentations.

If your router or switch has VLAN functionality, then you can separate your LAN into multiple segments. They create isolated sections of your network.

VLANs Example

How is security improved?

By segmenting your network, you can control what access is allowed between each segment of your network.

With having this control, you have much more granularity in what systems can access other systems.

Another way VLANs improve security is broadcast or flooded unicast traffic is limited to only the VLAN the source is in.

How are VLANs different from Subnets?

VLANs and subnets have similar purposes of separation, but they are done at different layers of the OSI model.

VLANs are a Layer 2 function. This is where network switches live and MAC addresses are used.

Subnets are a Layer 3 function. This is where network routers live and IP addresses are used.

Layer 7: Application
Layer 6: Presentation
Layer 5: Session
Layer 4: Transport
Layer 3: Network
Layer 2: Data Link
Layer 1: Physical
The OSI Model


VLANs do improve security in a network. They provide isolation and access control. This is just one of the many layers you should have in place to make a network secure.

Learn more about layered security.

Share your love