VLANS means virtual local area networks. They enable the logical separation of multiple networks on the same physical network hardware. VLANs can be configured untagged and tagged. If one can mean e.g. divide a switch in half. The first half is Network A (green) and the second is Network B (red). Instead of two physical switches. With untagged, all packets that do not have labels are routed to the VLAN which is configured as untagged on the network port. However, several networks can use the same port (port 8 - green and red). At tagged all packages get a sticker with the respective vlan. So the network hardware can use the sticker to see if the package is allowed for the VLAN or where it is allowed.      So here you can see port 1-7 are configured as untagged and use the red or the green network. Port 8 are tagged. So port 8 are in used by both networks red and green. PC A-1 can talk with PC B-1 (over port 😎 but not with PC A-5 or PC B-5. PC B-6 can talk to PC B-5 but not to PC B-1 or PC A-1.     (License: CC BY-SA 3.0, see https://creativecommons.org/licenses/by-sa/3.0/)   VLANS simplify managing multiple separate networks in one environment. Separating networks provides greater security in the network environment because not all network clients can intervene in all networks. Thus, e.g. a guest network or production network is segregated from the normal corporated LAN. ... View more