A Virtual Local Area Network (VLAN) is a group of endpoints, servers, and other network devices that communicate as if they are on the same LAN segment, regardless of their location. Endpoints and servers can belong to the same VLAN even though they are geographically scattered and connected to numerous network segments.

A VLAN segregates devices logically, not physically. Each VLAN is treated as a broadcast domain. Devices in VLAN 1 can connect with other devices in VLAN 1, but cannot connect with devices in other VLANs. Communication among devices on a VLAN is independent of the physical network.

A VLAN segregates devices by adding 802.1Q VLAN tags to all packets sent and received by the devices in the VLAN. VLAN tags are 4-byte frame extensions that contain a VLAN identifier as well as other information.