3.3 How to Identify and Select Networking Capabilities
3.3.7 Access-layer functions
The access layer is the point at which local end users are allowed into the network, as shown in the figure. This layer can also use access control lists or filters to further optimize the needs of a particular set of users. In the campus environment, access-layer functions can include the following:
  • Shared bandwidth
  • Switched bandwidth
  • MAC-layer filtering
  • Microsegmentation

The access layer connects users into LANs, and LANs into WAN backbones or WAN links. This approach enables designers to distribute services of devices operating at this layer. The access layer allows logical segmentation of the network and grouping of users based on their function.  Traditionally, this segmentation is based on organizational boundaries (such as Marketing, Administration, or Engineering). However, from a network management and control perspective, the main function of the access layer is to isolate broadcast traffic to the individual workgroup or LAN. In non-campus environments, the access layer can give remote sites access to the corporate network via some wide-area technology, such as Frame Relay, ISDN, or leased lines, which are covered in the following chapters.