3
·
Network Hardware
· ·
· ·
·
17
Security
High-security users can be grouped into a VLAN, possibly on the same physical
segment, and no users outside of that VLAN can communicate with them. VLANs
can also assist in securing plant-floor systems by limiting access of production
floor personnel (such as a vendor or contractor) to certain functional areas of the
production floor.
Performance
The logical grouping of devices prevents traffic on one VLAN from burdening
other network resources. Performance within the VLAN is also improved because
the VLAN acts as a dedicated LAN.
Network management
A device can be logically moved from one VLAN to another by configuring a port
into the appropriate VLAN. The device does not have to be physically
disconnected from one network and reconnected to another which can result in
expensive, time-consuming recabling.
Full duplex capability on all ports
Configuring the ports on a switch to run in full duplex operation gets the link up as
fast as possible, maximizing uptime. With full duplex transmission, data can be
simultaneously transmitted in both directions on a single cable. Switches running in
full duplex mode provide point-to-point connections for end devices, virtually
eliminating collisions between devices on the network.
Autonegotiation and Manually Configurable Speed/Duplex
Autonegotiation is designed to let devices select the most optimal way to
communicate without requiring you to configure the devices. However, if you connect
a manually configured device to an autonegotiation device, there can be problems
which result in a high rate of CRC (Cyclic Redundancy Check) errors.
A switch that supports both autonegotiation and manual modes eliminates potential
incompatibilities in the implementation of the autonegotiation by different device
vendors.
Best Practice...
When configuring a switch, hard-code the fixed baud rate and duplex of your devices.
TCP network settings are configurable at point to point. Refer to the User Guides for
your personal computers and hardware devices to find their baud rate.
IGMP (Internet Group Management Protocol) Snooping
The Internet Group Management Protocol (IGMP) is a communications protocol that
is used to manage the membership of IP multicast groups. By default, a Layer 2 switch
floods multicast packets to all ports within the same subnet, creating unnecessary
network traffic to devices within that subnet. Layer 2 switches can use IGMP
snooping to constrain this flooding of multicast traffic by dynamically configuring the