What are the differences between port isolation and VLAN?  
Home Press Resource Library
Resource Library

What are the differences between port isolation and VLAN?

Time:2019-08-22 Source:UTEPO

It is quite troublesome of IP plan for large networking. There many doubts about how to set IP address for over 1000 channels monitoring system or networking.


The usual way of IP plan for large networking is through VLAN segmentation, with the benefits of convenient management and improving the security of network. Are there any other ways except the VLAN segmentation? Definitely yes, one of them is the port isolation. These two ways are most commonly used in the IP plan.


VLAN SEGMENTATION

The function of VLAN is used to isolate broadcast. It could achieve communication between different VLANs through VLAN segmentation in layer 3 managed switch.


Eg.:

There are 1000pcs PC in a company but in different department. How to plan for IP address to ensure communication between all departments?

We can set up 6 IP segments for these 1000pcs PC with a view to the future expansion. Of course, you can also set up 5 IP segments in here. Then the IP address plan can be as follows:

Vlan1:192.168.1.1/24

Vlan2:192.168.2.1/24

Vlan3:192.168.3.1/24

Vlan4:192.168.4.1/24

Vlan5:192.168.5.1/24

Vlan6:192.168.6.1/24



BENEFITS OF VLAN

1.Improve the network processing capacity through limiting the broadcast to a VLAN.

2.Enhance the security of LAN. The internal broadcast and unicast traffic within a VLAN will not be forwarded to other VLANs, therefore, it helps to control network traffic, reduce equipment investment, simplify network management, and improve network security.

3.Flexible construction of virtual work group. VLAN can be used to divide users into different work groups, users of a work group are not limited by their physical locations.



PORT ISOLATION

It wastes VLAN resources to set different ports into different VLANs, but if using port isolation, users can isolate ports which are in the same VLAN, through setting ports into the isolation groups.

Port isolation is generally used in an Intranet, and the isolated ports cannot communicate with each other. Therefore, the port isolation provides a more secure solution for users.



Eg.:

The methods and application scenarios for port isolation are shown in the following figure. PC1, PC2 and PC3 are belonging to VLAN 10.

It requires the implementation of pc2 and pc3 can not communicate with each other, but can communicate with PC3 respectively.

Pc 1 10.10.10.1   255.255.255.0  Connect to Port GE1/0/1

Pc 2 10.10.10.2   255.255.255.0  Connect to port GE1/0/2

Pc 3 10.10.10.3   255.255.255.0  Connect to port GE1/0/3

Gateway address is 10.10.10.4

VLAN vs Port Isolation


The port isolation is widely used in the practical networking due to its security and flexibility. The ports in same isolation group can not communicate with each other while can communicate with the ports of different group.


It seems the same way of VLAN, but it is not! Both VLAN and port isolation are used to make part of devices independent in a space for protection, but VLAN is used to isolate broadcast, and the IP segment of users in the same VLAN is the same and share the data. If make the port isolation, they can not communicate even if they are in the same IP segment.


CONCLUSION

1. The isolated ports can not communicate with each other, but can communicate with Uplink port. The port in same VLAN can communicate with each other, but can not communicate with the ports in different VLANs.

2. The isolated ports are still in the same IP segment, while there is a separate IP segment for each VLAN.

3. Port isolation is limited to a single switch, if there are two or more switches, it can not work. VLAN can work even there are multiple switches as long as the VLAN ID is different.

4. The connected Uplink port can not distinguish the data is from which isolated port, but can distinguish which VLAN the data belongs to.

Sales Inquiry

Contact Details

+86-755-83898016-863

+86-1501-2669-765

info@utepo.net

Note: To speed up our service to you, please make sure the field with " * " mark is filled before you click on "Submit" button, Thank you!