What is a Local Area Network(LAN)?
The LAN or Local Area Network is a set of computing devices, e.g., computer, tablet, phone, etc. Each device connects to the other devices using an Ethernet Cable or a WiFi network within a geographical area.
A local area network enables the devices to share resources such as the internet, printer, etc.
A LAN consists of hardware devices such as routers, switches, hubs, and cables. A computer over the local area network can communicate to an external web server over the internet and all machines within the LAN. A LAN machine can be located with the same home or office building or connected to a far LAN via Metropolitan Area Network(MAN)/Wide Area Network(WAN).
Each device in the LAN gets an IP Address. The IP assigning could be static (configured manually) or dynamic. With static IP, the address of a machine does not change on a restart, while in the dynamic assignment, a DHCP server assigns the IP address if the machine or its ethernet interface restarts.
Static IP is good if you have set up a service on a LAN computer and want to expose it to the outer world using port forwarding.
How is a Local Area Network useful?
- Reduces the cost by sharing the resources.
- Implementation of firewall rules centrally rather than on each machine to provide security.
- Access data remotely.
- People at different geographical locations work in the same way if they are located within the same premises.
How does a Local Area Network (LAN) function?
The goal of a LAN is to provide shared access to the resources. A resource can be a file server, network printer, internet, etc., within a building, or it could be on another LAN at some far place.
When two or more LANs at the different geographic locations within a metropolitan area connect to each other bigger network by connecting forms a Metropolitan Area Network(MAN), you can think of it as if a company has two or more offices at different buildings, and they can connect and works as a single network.
There are two types of communication channels a LAN has, client-server and peer-to-peer (p2p).
In a p2p network, two devices share data with each other. For example, using the IP address, one computer can share files with another and vice versa.
In the client-server model, the service requesting machine known as clients connects to a central server. E.g., to access the printer, computers on LAN need to connect to the printer and issue the commands.
How to set up and plan a Local Area Network?
In network planning, the first thing is to know the capacity of the network and the types of devices it will connect to. Following are the steps to set up a LAN.
- Identify how many maximum devices will connect to the network. How many will connect via ethernet cable, and how many will be via Wireless.
- There will be switches with the number of required ports. If the number of ports is not sufficient for all Ethernet devices, you can extend the ports by adding more switches.
- For Wireless connectivity, a wireless router is required. A wireless router with a WAN port and VPN functionality can provide access to the internet and may connect to set up a tunnel with a remote machine or LAN.
- The number of LAN cables of different sizes.
- A machine with a DHCP server. Generally, the Wireless router comes with a DHCP server too.
Start Connecting and Configuring –
- It connects cables between witches and computers and makes them up by connecting power sources.
- Connect a DHCP server to the switches.
- Plug the WAN cable into the wireless internet router and connect the switch with an Ethernet cable from another LAN port.
- Do the router configuration, e.g., configuring ISP details, configuring subnet masks, etc.
- For wireless, set the authentication based on a pre-shared key.
- Ping another machine and browse a website. If it works, the LAN setup is done.
Do we need to secure the LAN?
Almost all organizations have LAN as a part of basic infrastructure. The sensitive data is present on company machines or servers. So LAN security is a must to protect the information. The fundamental approach is to use a network firewall. The firewall inspects all incoming and outgoing messages. If it found something malicious, it blocks the LAN access. With the firewall, a company can configure filtering rules as per the business need.
The switches and wireless routers can be protected using strong authentication methods.