There are many benefits of creating a Virtual Local Area Network such as decreased bandwidth consumption, increased security, and geographical separation which means users of a VLAN do not have to be in the same geographical location to share resources. A plan to segment the network is that the network will be split into broadcast domains which will reduce network congestion and this will also add to security.
The different segments of the network will be divided by group functions, the marketing group will have a segment, the engineering group will have a segment, operations will have their own segment, and the call center will have their own. The plan to improve security is that each segment will be separated from the rest of the network, so access is restricted form the segment to segment. The best way to increase security is by controlling access to the individual segment by user groups based on the segments of networks.
This will ensure that the engineering staff will have the access they need but also anyone else that needs it has access too. The same will apply for the other groups, providing security barriers around the data that needs to be protected. A Port assigned based VLAN membership will be used to facilitate the ease of future reorganization of the physical layout of the network. This will allow the centralized administration of the network and the user of the network, so that if further relocation of office space is needed, a simple location of the user can be accomplished without regard to the network or the resources that are needed.
This option will provide for a simpler administration that MAC addresses, user ID, or Network address VLAN membership when it comes to the placement and the changing the personnel assignment of the groups. Using Layer 3 switch will provide a greater control if the network, VLAN, and user assignment in VLAN membership. Layer 2 switches could satisfy the requirements of the VLAN, security, and the membership of personnel by department, but it would not provide as efficient control of the network or the speed of network operations. IEEE 802. Q trunking protocol will be used on the network which will reduce the dependency on any single vendor for the hardware used; this will enable more cost effective expansion in the future. VLAN Trunking Protocol (VTP) will add speed and efficiency to the network and automate and administration of the VLAN, reproducing the administrative overhead required and increases the network to accommodate the future needs of the company. Switches on the network must be configured in two ways for VTP to work properly, at least one VTP Server, and VTP clients.
VTP Server mode is used to administer the VLAN and VTP. All changes to the VTP must be made in VTP Server mode. The changes will be advertised by the switch in Server mode to all other VTP client switches. As a backup to the VLAN operating model to ensure that the network continues to operate during a VLAN fault or outage, the network should be physically laid out to provide a star topology in the absence of the VLAN while the VLAN and the VTP are reconfigured and repaired.