Jake Snyder of Transmit Failure comments:
There’s a lot of talk in the industry about getting away from VLAN segmentation and relying on stateful firewalls at our access-layer edge to govern control over what users have access to. This is a great idea, it solves issues with IPv6 and it simplifies network design. But there are some significant challenges that make it a no-go for today’s enterprise networks. Most vendors are touting their “stateful” firewalls in the AP and edge switches solves those challenges. But I find the current generation of these solutions inadequate to solve this issue in enterprise networks.
Love them or hate them, VLANs aren’t going away any time soon. They’re too useful in a multitude of ways. Newer technologies like the ones Jake discusses will help the issue, but they aren’t widely deployed just yet.
Read more at: Thoughts on Eliminating VLANs at the Access-Layer Edge