Virtual LAN Network Administrators Once essay

Download this essay in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from essay:

" The presumed isolation increases overall network security by limiting the possibility of intrusion. Rabinovitch (nd) notes that "VLANs can significantly improve security management by automatically placing unrecognized network users into a default VLAN, with minimal accessibility, secure from the rest of the network." The Media Access Control (MAC) address is commonly used as a first line of defense in the VLAN security system. Because switches do not automatically perform authentication checks, network administrators can configure VLAN software to perform identity checks.

However, Farrow (nd) identifies several security weaknesses with Virtual LANS. Virtual LANS do not exactly create protected network segments impenetrable to the outside world as Cisco had claimed. "Hopping" is possible, as virtual bridges may be established between VLANS. In fact, Farrow (nd) claims that security was never considered to be a feature of virtual LANS and that the presumed ability of VLANs to isolate workgroups is incomplete at best. Furthermore, firewall technology has evolved so that VLANs are detectable and therefore penetrable. Another drawback with VLANS is that "VLANs tend to break down as networks expand and more routers are encountered," ("Definition of Virtual LAN). Virtual LANS limit the number of supported tagged terminals. Interestingly, Rabinovitch (nd) claims that one of the reasons VLANS are used is "to ease network adds, moves, and changes."

Virtual LANs operate and function similarly to their traditional LAN counterparts, with physical ports, layers, authentications, protocols, MAC addresses, and IP subnets all playing a role in network design, segmentation, and management. VLAN does ease some of the constraints on network managers. For instance, "VLAN management software can then automatically reconfigure that station into its appropriate VLAN without the need to change the station's MAC or IP address." (NetworkWorld 2006). The IEEE's 802.1Q standards accommodated developments in VLAN technology, establishing ground rules for tagging and assigning membership regardless of the VLAN software vendors.

In Open Systems Interconnection (OSI) terminology, VLANs function on the data link layer: Layer 2. Using Layer 2, "packets are switched between ports designated to be within the same VLAN" (Cisco 1997). Virtual LANS can be configured to mimic functionality on the network layer, Layer 3. Traditional router switches can operate and move between multiple layers, whereas VLANs cannot. However, VLAN technology involves a robust tagging system that allows switches and ports to be configured as trunks (Farrow nd). Trunks in the network are the foundation for multiple VLANs in the same large network.

Bridging between one VLAN and another generally requires router switches and so VLANs and traditional LANs are not mutually exclusive. In fact, router switches are necessary in organizations with multiple VLANs. Router switches pose some architectural and security-related advantages over VLANs, and network administrators must take care to prevent VLAN hopping in complex network systems. To solve some of the structural and functional problems associated with VLAN technology, "the industry is working towards "virtual routing" solutions, which allows the network manager to view the entire network as a single routed entity," (Defnition, PCMAG). However, virtual routing and virtual bridges do not solve security-related issues associated with VLAN technology.

Virtual LANs offer network flexibility. The virtual LAN software interfaces with and overlaps traditional hardware-based network architecture. Large organizations with multiple functions, departments, and workgroups need virtual LAN technology to link together geographically distinct terminals that share the same network needs. Networks that change frequently via adding, subtracting, or moving terminals also need virtual LAN technology. Network administrators can enhance network security by preventing VLAN hopping but in general the security risks posed by virtual LANs are not appreciably different from those on a traditional LAN.

References

Cisco (1997). "Overview of Routing between Virtual LANs."

Definition of Virtual LAN." PC Mag. Retrieved Dec 8, 2008 at http://www.pcmag.com/encyclopedia_term/0,2542,t=virtual+LAN&i=53925,00.asp

Farrow, R. (nd). VLAN Insecurity. Retrieved Dec 8, 2008 at http://www.spirit.com/Network/net0103.html

Homan, C. (1998). VLAN Information. UC Davis. Retrieved Dec 8, 2008 at http://net21.ucdavis.edu/newvlan.htm

NetworkWorld (2006). "VLAN (virtual LAN)." Network World. Retrieved Dec 8, 2008 at http://www.networkworld.com/details/471.html

Rabinovitch, E. (nd). Migrating to VLAN: Tips, Tools and Standards. UniNews. Retrieved Dec 8, 2008 at http://www.uniforum.org/web/pubs/uninews/970701/feature2.html

TechTarget (2007). "What is virtual LAN?" Retrieved Dec 8, 2008 at http://searchnetworking.techtarget.com/sDefinition/0,sid7_gci213299,00.html

What is a VLAN?" (2008). TechFAQ. Retrieved Dec 8, 2008 at http://www.tech-faq.com/vlan.shtml[continue]

Cite This Essay:

"Virtual LAN Network Administrators Once" (2008, December 09) Retrieved December 4, 2016, from http://www.paperdue.com/essay/virtual-lan-network-administrators-once-25974

"Virtual LAN Network Administrators Once" 09 December 2008. Web.4 December. 2016. <http://www.paperdue.com/essay/virtual-lan-network-administrators-once-25974>

"Virtual LAN Network Administrators Once", 09 December 2008, Accessed.4 December. 2016, http://www.paperdue.com/essay/virtual-lan-network-administrators-once-25974

Other Documents Pertaining To This Topic

  • Network Fundamentals

    Network Fundamentals HR Gulfstream Network Proposal Network Fundamentals Cover Letter Appended information Mr. Jet Buyer 1952 Kanako Lane Gulfstream IV Network Proposal Bob Smith Customer Relations In less than one hundred years, air travel and networking and computing communications have evolved from the Wright brothers and the UNIVAC housed in several huge rooms to fully functional in-flight Gulfstream network communications. Passengers today expect their palm pilots, laptops and PC's to work as seamlessly as the flight itself. The modern day concerns

  • Network Security

    networking and TCP/IP and internetworking. Also discussed are risk management, network threats, firewalls, and also more special purpose network devices. The paper will provide a better insight on the general aspects of security and also get a better understanding of how to be able to reduce and manage risk personally at the workplace and at home. In today's world, the Computer has become a common feature in any organization anywhere

  • IPV6 in Distributed Virtual Private

    Very High - IPSec works at the protocol level, independent of applications, therefore scalability is best-in-class Comparing the technological and operational benefits specifically in the areas of client access options, access control, client-side security, installation, and client configuration highlights just how differentiated the IPv4-based IPSec vs. IPv6 -based SSL protocols are from each other. In analyzing these differences, Table 3: Comparing Technological and Operational benefits of IPv6-based SSL and IPv4-based IPSec

  • Computer Security Corporate Security Documentation Suitable for

    Computer Security: Corporate Security Documentation Suitable for a Large Corporation Item (I) in-Depth Defense Measures (II) Firewall Design (III) Intrusion Detection System (IV) Operating System Security (V) Database Security (VI) Corporate Contingency of Operation (VII) Corporate Disaster Recovery Plan (VIII) Team Members and Roles of Each (IX) Timeline with Goal Description (X) Data Schema (XI) Graphical Interface Design (XII) Testing Plan (XIII) Support Plan (XIV) Schematics Computer Security: Corporate Security Documentation Suitable for a Large Corporation (I) In-Depth Defense Measures Information Technology (IT) Acceptable Use Policy The intentions of

  • Delphi Study Influence of Environmental Sustainability Initiatives...

    Delphi Study: Influence of Environmental Sustainability Initiatives on Information Systems Table of Contents (first draft) Green IT Current Methods and Solutions Green IT and energy costs Green It and Email Systems Green IT and ICT Green IT and ESS Green IT and TPS Green IT and DSS Green IT and other support systems Green IT and GHG reduction Green IT and the Government Sector Green IT and the Corporate Sector Future Prospects of Green IT in the software industry The paper focuses on how the

  • Mcg Explain the OSI Reference Model and

    MCG Explain the OSI reference model and TCP/IP protocol architecture. The Open Systems Interconnection reference model is made up of seven layers to establish reliable communication between nodes. The first layer, the physical layer, controls how the digital information is transmitted between nodes while things such as encoding techniques, connector types, and data rate are established. The second layer, the data-link layer, is responsible for framing data, error detection and maintaining flow

  • Promising Phenomenon That Lends Itself

    66). Furthermore, social software will only increase in importance in helping organizations maintain and manage their domains of knowledge and information. When networks are enabled and flourish, their value to all users and to the organization increases as well. That increase in value is typically nonlinear, where some additions yield more than proportionate values to the organization (McCluskey and Korobow, 2009). Some of the key characteristics of social software applications


Read Full Essay
Copyright 2016 . All Rights Reserved