Minimize risk and maximize the user experience

Modern networks must support an ever-increasing number and diversity of devices. Often these are unmanaged devices, including BYOD and guest devices, that can be riskier than those owned by IT. IoT devices may also be especially vulnerable to security threats. Absent any means to prevent them, security threats can readily propagate horizontally within the network environment once they have penetrated the network perimeter.

Device proliferation can also contribute to a poor user experience, particularly in certain industries such as multi-dwelling units. Users have visibility into devices that are not relevant to them, and this can create confusion. Data-intensive applications accessed by visitors may compete for bandwidth with mission-critical applications. Network segmentation—or the practice of dividing the network into multiple smaller subnetworks—can help address these challenges.

Strengthens security

IT teams can improve the security posture of the network using network segmentation to isolate certain devices and groups of devices from others. This can keep threats from propagating on the network. Unmanaged and IoT devices can be placed upon their own virtual networks to mitigate the risk. That means that, if a device connects that is affected by a security threat, it won’t be able to infect other devices that are on a separate virtual network. IT can grant guest users internet access only on a separate guest network. Network segmentation can also isolate users and devices that are subject to stringent compliance requirements, making it easier to meet these requirements.


Enhances the user experience

Network segmentation can help IT teams deliver a better, more personalized experience for users. This is especially true in multi-dwelling units, including in higher education. RUCKUS® technology enables IT teams to segment a single physical network into multiple virtual networks—even down to the level of individual users. Since each user is on their own virtual network, they see only the devices that are relevant to them. They can roam about the network environment and still be connected to their personal virtual network. IT teams can also use network access policies to prioritize mission-critical data traffic—providing superior quality of service where it matters most to the organization.

Supports a variety of deployment options

The RUCKUS product line enables two kinds of network segmentation—VLANs and VXLANs. VLANs can be employed whether or not the underlying network is a RUCKUS network, and this approach scales to about 4,000 separate virtual networks. VXLANs have much higher scalability than VLANs, and enable virtual networks that span physical network segments. RUCKUS products automate many tasks associated with setting up VXLANs to dramatically simplify the process.

Customer Stories
AVE Union

AVE Union is a luxury residential community in Union, New Jersey. They chose a RUCKUS network for always-on, high-performance Wi-Fi®. Cloudpath Enrollment System lets residents connect to the network quickly, easily and securely. The new network helps differentiate the property from its competition.

How to buy

Looking for a local partner that understands your unique business and industry needs? Find a RUCKUS Channel Partner.

Find a Partner

Additional resources

Sort By:


  • Solution Brief: Network Segmentation