Network segmentation is getting smarter as we're gearing up for the software release with support for VLAN is closing, bringing enterprise-grade networking capabilities to businesses.

VLAN will be supported on our 600-series Nodes, with the next major software release expected out Q1/25.

What is a VLAN?

Definition - A Virtual Local Area Network (VLAN) is a logical grouping of physical network devices that allows multiple separate and isolated networks to coexist on the same physical network infrastructure through the use of VLAN tags in network communication.

A Virtual Local Area Network (VLAN) allows you to create multiple isolated network segments within a single physical network. Think of it as having various separate networks running over the same physical infrastructure, but completely isolated from each other at Layer 2 of the OSI networking stack. In other words, VLAN is a software configuration on a VLAN aware networking device that defines which network devices may communicate together.

Why VLANs Matter?

Network segmentation traditionally required separate physical networks, which meant more hardware, more cables, and more complexity. VLANs solve this by allowing logical separation without additional physical infrastructure. This brings clear benefits:
•    Security - Security is perhaps the most compelling reason to implement VLANs. By separating different departments, services, or types of devices into their own virtual networks, you create natural security boundaries. Your accounting department's sensitive data can remain isolated from the guest WiFi network, even though they share the same physical network infrastructure.
•    Cost savings - Cost savings are significant when you consider the reduced need for physical networking equipment. Instead of running separate physical networks for different functions, you can create virtual separations using VLANs.

New Possibilities with VLAN-Enabled VPN Routers

The integration of VLAN support with VPN functionality opens up exciting new use cases:
Manufacturing facilities can now implement comprehensive network isolation between operational technology (OT) and IT networks. By assigning sections of the production line to a different VLAN and subnet, they can control inter-VLAN routing to ensure production systems only communicate with authorized networks. Unused physical ports can be disabled until needed, providing an additional security layer against unauthorized access.

Remote workers benefit from seamless yet secure network integration. When connecting through VPN, employees are automatically assigned to their department's VLAN, maintaining security boundaries while enabling necessary cross-department collaboration through controlled inter-VLAN routing.

Multi-tenant environments can maximize security and flexibility. Each tenant gets assigned to a specific VLAN with its own subnet, preventing any cross-tenant communication. Unused ports can remain disabled until new tenants arrive, and network expansion becomes as simple as enabling additional ports and assigning appropriate VLAN tags.

Each of these scenarios benefits from core VLAN capabilities:
•    Enhanced security through port-level control and network isolation
•    Efficient traffic management with inter-VLAN routing
•    Flexible network expansion without physical reconfiguration
•    Compatibility with both VLAN-aware and legacy devices
•    Granular access control aligned with user roles and requirements

Technical Specifications

Our 600-series routers deliver enterprise-grade VLAN capabilities with the following specifications:VLAN technical spesifications