Add VLAN detection and configuration recommendations #31
Description
Summary
Add VLAN-aware discovery and reporting so scan results can surface segmentation structure, likely VLAN boundaries, and operator guidance around network separation.
Why It Matters
The product already discovers hosts, ports, services, and reporting metadata, but it does not help users reason about segmentation. For enterprise and MSP-style assessments, VLAN context is often as important as host inventory.
Desired Outcome
- capture VLAN-related signals during or after scan execution where practical
- correlate discovered assets into likely VLAN or subnet groupings
- surface segmentation observations in the UI and reports
- provide cautious recommendations rather than pretending to infer full switch configuration from host scans alone
Scope
- Discovery
- determine which VLAN-related signals are realistically available from the current scan model
- separate directly observed data from heuristic inference
- avoid overstating certainty where the app only has subnet/routing evidence
- Analysis
- group hosts by subnet or other detected segmentation signals
- flag likely network-boundary or routing patterns
- generate basic recommendations for segmentation hygiene where appropriate
- Presentation
- add VLAN/segmentation context to report metadata and report output
- expose the information in the UI without overloading the primary asset view
Implementation Notes
Likely touch points in the current architecture:
- scanning and scan-result processing modules
- reporting and metadata generation
- frontend report/display components
This should be implemented as segmentation analysis built on current scan data, not as a promise to fully enumerate switch-level VLAN configuration from Nmap alone.