Whether you are setting up a home network or a small network for a business, you have to think about security and traffic. One way to address both of these issues is through network segmentation. By segmenting a network, you limit your exposure to security threats while increasing the reliability and efficiency of your network.
The basic implementation of network segmentation, or the creation of network "segments," involves using hubs, routers and possibly security software such as firewalls to isolate particular clusters of computers from the rest of the network. In doing so, you create a noncontiguous network. This means that unlike a typical network in which all computers share access to the Internet through a common Internet Protocol address without any differentiation, segments are sectioned off as separate entities within the network, even though they may have a common Internet source.
Video of the Day
One advantage of segmenting a network is traffic efficiency. When computers communicate with one another, they send bits of data called "packets" containing the content of communication as well as information about the sender and receiver. If two computers send each other data at the same time -- or if multiple computers send data to each other -- "packet collision" can occur, which garbles the information sent and ruins the communication. When dealing with large unsegmented networks, all computers can communicate with all other computers, and the chance for collision arises. With a segmented network, computers can, under most circumstances, communicate within segments, thus lessening the volume of traffic on the general network and reducing the chances of packet collision.
Efficiency and Expansion
Segmenting the network also allows for increased efficiency of communication. Beside packet collision, a large volume of computers on an unsegmented network increases the bandwidth usage of the network. If the network contains servers that provide Web pages, you can dictate that the incoming traffic be "balanced" between segments, so that no one particular segment or network has to deal with all the traffic coming in or going out. This means that your network can handle larger volumes of traffic overall, as well as be better prepared for expansion at a later date.
Segmentation gives you several security benefits. The first comes from having segments that do not share traffic, which means that if a computer becomes compromised in one segment, it does not automatically give the attacker access to computers on another segment. This limits threat exposure. Secondly, you can secure each segment differently through security software and firewalls, so that an attacker would have to breach different security suites to access different segments, which makes it harder to compromise the system as a whole.