A quarantine VLAN is a dedicated network segment into which devices are moved automatically when they fail to meet defined security requirements. Common triggers include missing patches, expired certificates, or outdated antivirus signatures. While a device resides in the quarantine VLAN, it cannot access production resources. It can typically only download updates or reach the helpdesk. Once the device passes the compliance check, it is switched back to the regular VLAN. Combined with Network Access Control (NAC), this entire process can be fully automated.