Previous Table of Contents Next


Virtual LANs (VLANs)

Virtual LANs are software-defined LANs that group users by logical addresses into a virtual, rather than a physical, LAN through an intelligent hub or LAN switch (Figure 9.10). The LAN switch can support many virtual LANs which operate as subnets [9-22]. Users within a virtual LAN are grouped either by IP address or by port address, with each node attached to the switch via a dedicated circuit. Users also can be assigned to more than one virtual LAN, should their responsibilities cross workgroup domains.


Figure 9.10  Virtual LAN configuration.

The LAN switches can be networked, thereby extending the reach of the virtual LAN. The networking is generally provided through FDDI, Fast Ethernet (100 Mbps), 100VG-AnyLAN, or 155 Mbps ATM over SDH/SONET fiber. VLANs can also be extended across the WAN through routers and via dedicated leased lines or ATM. Remote LAN access currently cannot be accommodated on a true VLAN basis. VLANs are proprietary; standards are not likely in the near future.

The advantages of switched virtual LANs are that bridge and router networks can be flattened and simplified, including the elimination of source-routing bridge hop restrictions. Congestion can be reduced through intelligent microsegmentation, yielding increased throughput, increased access, and reduced response time. Workstations can be provided with full bandwidth at each port. Physical Move, Add, and Change (MAC) activity is reduced because these requirements can be resolved through software changes; the cost of a MAC is estimated between $300 to $1,000. Additionally, security is much improved, through the association in software of users and terminals with subnetworks and hosts. Additionally, a measure of security is provided through software firewalls within the confines of each domain [9-23] and [9-24].

On the downside, VLANs are not easily implemented or managed. It takes a good deal of effort to develop the switch database and identify the various logical subnets. Further, VLANs typically require a complete replacement of the typical switch or router network—software upgrades just aren’t available. Costs are likely to come down and processes are likely to be automated in the future, as is always the case with successful new technologies.

Remote LAN Access

Remote LAN access is the ability to access a LAN from a remote location. The need for remote LAN access is increasing, worldwide, especially in the United States and Western Europe. A recent study by Forrester indicated that 75% of U.S. companies will need remote access solutions in 1995, with 70% of U.S. professional workers spending 20%+ of their time away from their desks, according to BIS [9-25].

As predicted ten years ago, Telecommuting is now growing at a fast pace. According to Dataquest, the number of teleworkers in Western Europe will double to 10.6 million in 1997, and telecommuters in the United States will roughly triple to 10 million in 1996. While most of these teleworkers will work out of the home only part time, the need for remote LAN access is clear [9-25].

The concept is one of providing access from remote locations to a LAN. Access to one or more host computers is often required as well. In support of telecommuters, contractors, remote offices, and the Small Office/Home Office (SOHO), remote LAN access is often essential to the operation of the enterprise. Additionally, remote access is often provided to customers, suppliers, and trading partners. The yield is that the remote user is provided access to resources with the same level of privilege as though he were onsite [9-14].

Key components to be examined are the network, the equipment and the applications supported. Other issues include security management and network management.

The remote LAN access network can assume a variety of forms, depending on issues such as availability, cost, and bandwidth. Network options literally run the full range of conventional data networks from the analog PSTN to ISDN, Switched 56, DDS, and T-carrier. Emerging network technologies such as Frame Relay, SMDS, and ATM are also appropriate. Finally, and in order to support truly mobile remote LAN access, cellular radio and packet radio data networks are commonly employed [9-25] and [9-26].

Network equipment varies according to the nature of the network employed. Improvements in equipment, as well as improvements in network technologies, have enabled cost-effective remote LAN access. That equipment can include high-performance workstations and high-speed modems for access to the PSTN. Access to X.25 networks requires PADs (Packet Assemblers/Disassemblers), ISDN requires TAs (Terminal Adapters), and Frame Relay requires FRADs (Frame Relay Access Devices). Access via a cellular wireless packet network requires the use of wireless modems. The LAN side of the connection requires the installation of modem pools, routers, and various other devices to support remote user access. According to Dataquest Inc., remote access routers accounted for $1.4 billion of a total $4 billion in routers shipped in 1995 [9-27].

Applications most often supported include e-mail, file transfer, and database access. Additional applications include scheduling, printing, access to online services, client support, and Internet access (Figure 9-11).


Figure 9.11  Remote LAN access applications [9-25].


Previous Table of Contents Next