Isolate different traffic types, Group users, Isolate different traffic types group users – Rockwell Automation 1783-BMxxx Stratix 5700 Ethernet Managed Switches User Manual User Manual
Page 92
92
Rockwell Automation Publication 1783-UM004E-EN-P - June 2014
Chapter 3 Switch Software Features
Isolate Different Traffic Types
Isolating data traffic from delay-sensitive traffic, such as voice traffic, increases the
quality of the voice transmission. In the figure above, switch ports connected to
the IP phones belong to VLAN 3, a VLAN that is configured to provide Voice
over IP (VoIP) services on these connections, meaning priority is given to voice
traffic over regular IP data traffic. Voice traffic from the phone and IP-phone
service requests to an IP PBX server have priority over traffic from the desktop
devices attached to the IP phones.
To further isolate data traffic from voice traffic, the data traffic from the attached
desktop devices can be assigned to a separate VLAN.
Group Users
provides access to three types of network users:
• Wired employees
• Wireless employees
• Wired or wireless company visitors
Each user type requires different access levels to the company network. VLANs
and security policies on a router or Layer 3 switch can enforce privileges and
restrictions to different user types.
:
• VLAN 5 offers employee-level access to the company resources. This kind
of network access requires a direct connection to the specific switch ports.
• VLAN 7 offers Internet-only access to company visitors. Visitors with
wired or wireless connections to switch ports are assigned to this VLAN,
which automatically restricts guest access to only the Internet.
• VLAN 9, which has one or more switch ports connected to the wireless
access point, enforces security policies to identify the wireless user (for
example, as employee or a guest) and to determine what the user can do on
the network (for example, access only the Internet or access other network
resources).