What is a Local Area Network(LAN)?
A local area network, or LAN, is a smaller network that is located within a very small geographical area, such as within an office or building. Devices can share resources through a local area network, such as the internet, printer, etc., without being directly connected.
A LAN comprises hardware devices such as routers, switches, hubs, and cables. A computer over the local area network can communicate to an external web server over the internet and all machines within the LAN.
A LAN machine can be located within the same home or an office building or connected to a far LAN via Metropolitan Area Network(MAN)/Wide Area Network(WAN).
Each device in the LAN gets an IP Address. The IP assigning could be static (configured manually) or dynamic. With static IP, the address of a machine does not change on a restart, while in the dynamic assignment, a DHCP server assigns the IP address if the device or its ethernet interface restarts.
Static IP is good if you have set up a service on a LAN computer and want to expose it to the outer world using port forwarding.
How is a Local Area Network useful?
- Reduces the cost by sharing the resources.
- Implementation of firewall rules centrally rather than on each machine to provide security.
- Access data remotely.
- People at different geographical locations work similarly if they are located within the same premises.
How does a Local Area Network (LAN) work?
The goal of a LAN is to provide shared access to the resources. A resource can be a file server, network printer, internet, etc., within a building or on another LAN at some distant place.
When two or more LANs at different geographic locations within a metropolitan area connect more extensive network by joining from a Metropolitan Area Network(MAN), you can think of it as if a company has two or more offices at different buildings, and they can connect and works as a single network.
There are two types of communication channels a LAN has, client-server and peer-to-peer (p2p).
In a p2p network, two devices share data. For example, using the IP address, one computer can share files with another and vice versa.
In the client-server model, the service-requesting machine, known as the client, connects to a central server. E.g., to access the printer, computers on LAN need to connect to the printer and issue the commands.
How to set up and plan a Local Area Network?
In network planning, the first thing is to know the capacity of the network and the types of devices it will connect to. Following are the steps to set up a LAN.
Planning-
- Identify how many maximum devices will connect to the network. How many will connect via ethernet cable, and how many will be via Wireless?
- There will be switches with the number of required ports. If the number of ports is insufficient for all Ethernet devices, you can extend the ports by adding more switches.
- For Wireless connectivity, a wireless router is required. A wireless router with a WAN port and VPN functionality can provide access to the internet and may connect to set up a tunnel with a remote machine or LAN.
- The number of LAN cables of different sizes.
- A machine with a DHCP server. Generally, the Wireless router comes with a DHCP server too.
Start Connecting and Configuring –
- Connect cables between switches and computers and makes them up by connecting power sources.
- Connect a DHCP server to the switch.
- Plug the WAN cable into the wireless internet router and connect the switch with an Ethernet cable from another LAN port.
- Do the router configuration, e.g., configuring ISP details, subnet masks, etc.
- For wireless, set the authentication based on a pre-shared key.
- Ping another machine and browse a website. If it works, the LAN setup is done.
What do we need to secure the LAN?
Almost all organizations have LAN as a part of basic infrastructure. The sensitive data is present on company machines or servers. So LAN security is a must to protect the information. The fundamental approach is to use a network firewall.
The firewall inspects all incoming and outgoing messages. If it detects something malicious, it blocks the LAN access. A company can configure filtering rules with the firewall as per the business’s needs.
The switches and wireless routers can be protected using robust authentication methods.