A
subnet divides a network into smaller segments — controlling which hosts can communicate directly. Security use: segment sensitive systems, create security zones, implement least-privilege networking.
Subnets are the foundation of network segmentation. Different subnets route through firewalls/routers — enabling ACL enforcement between zones. /24 = 254 hosts, /25 = 126 hosts, /30 = 2 hosts (point-to-point links).