A VLAN or virtual local area network, which is a network of computers that are all connected wirelessly in the local area network. VLANs are software configured instead of using hardware; this makes their networks flexible. One great thing about VLANs is that even if a computer is moved from their current location it can still hook up with the same VLAN without any other configurations or hardware. VLAN allows you to enable its wireless network security tool to separate technologies. There are many ways that your wireless VLANs can be implemented.
VLANs can separate traffic based on the SSID or Service Set Identifier for which the device is connected. VLANs also give you the option to isolate clients by security levels, then using the ACL or Access Control List, you can set up the routers and firewalls for each set of clients on the network. They are also great for offices that allow access to their Internet from guest. You can set up one VLAN for your staff and another for your guest, which could or could not have a password. They would access your firewall, a secondary one, or you could just have a separate ISP or Internet service provider from your main one. VLANs gives access to a management interface, which most networks use to conduct their business, they do this because they make this more secure than the main VLAN.
Think about VLANs as a pyramid of access to your Internet, at the top you have the service provider, one or two of them. Next you have the firewall and that feeds into the VLANs, which then go to the network switch and sends that to the wireless LAN controller and goes to the router. Once the wireless connection hit the computers, each connection on these computers has a different SSID or Service Set Identifier. All of the SSIDs are hosted in the router but they all have different VLAN depending on what network you are connected to and your security level. Once the traffic passes through the VLANs, the controller decrypts the WPA2 data and passes in into the wired network. Once they are on the VLANs they are separated into the network and then each get their own server and network resources. Every VLANs gets access to the outside firewall in place, which splits up the traffic in the VLANs with two ISPs. Doing this allows for loads to be balanced and fix faulty tolerant services.