In an enterprise network, Virtual Local Area Networks (VLANs) are the key Layer 2 technology used

to logically segment a network into multiple broadcast domains. VLANs allow network

administrators to assign individual switch ports to specific VLANs, enabling effective network

segmentation and traffic management.

This configuration extends to access layer devices, such as switches where end-user devices connect.

By isolating traffic into VLANs, administrators can improve network performance, enhance security

by separating sensitive departments (such as finance and HR), and simplify network management.

Unlike routing protocols such as BGP and OSPF, which operate at Layer 3, or MPLS, which is a Layer

2.5 forwarding technology used primarily in service provider networks, VLANs are explicitly designed

for Layer 2 segmentation within LAN environments.

Reference: Supporting Cisco Devices for Field Technicians (FLDTEC) – Cisco Equipment and Related

Hardware