Current virtual local area network (VLAN) switches can implement multiple distinct local area networks (LANs) in a single switch. A VLAN switch allows different hardware ports of the switch to be statically assigned to different LANs. Each LAN operated on by the switch is referred to as a VLAN and the hardware ports assigned to a common VLAN are said to be in a common VLAN group. A user manually configures the switch to statically assign the hardware ports of the VLAN switch to a respective VLAN.
Current VLAN switches, however, are susceptible to corrupted data structures controlling packet switching decisions, which could cause the VLAN switch to leak traffic from one VLAN to another VLAN. Such a corrupted data structure could be caused by a surreptitious action, e.g., an intentional memory overflow, or a random action, e.g., a single event interrupt. Accordingly, such VLAN switches are not suitable to situations in which high assurance isolation is desired between respective VLANs. The current method of ensuring that data does not leak from one LAN to another is to use distinct switches for each LAN, with distinct network connections for each LAN.