The VLAN can create great value...


For example, I segment our software developers into several of their own VLANs.
They are always running protocol analyzers or packet sniffers to debug this or that. This sets off my IDS which required me to investigate which makes me want to scream.

I also like to segment workgroups like HR and Accounting from the rest of the corp for obvious reasons.

With a good enough switch, you can also have better bandwidth control over each group instead of doing rate shaping stuff on individual ports...Mostly on layer 3 equip tho.


Just a few ideas..