What Is a MAN (Metropolitan Area Network)?

A Metropolitan Area Network exists because of a specific problem: your organization has grown beyond one building, but everything is still in the same city.

You could connect your buildings using WAN services—renting bandwidth from telecommunications providers the way you'd connect offices in different countries. But that feels wrong. These buildings are five kilometers apart, not five thousand. Why should you pay per-megabit fees and accept carrier latency for something you could theoretically run a cable between?

A MAN is the answer. It's network infrastructure that spans a city or large campus, typically covering a few kilometers to about 50 kilometers. You own it, or you lease dedicated fiber that feels like owning it. The buildings become one network.

The Real Distinction: Ownership

The textbook definition says LANs connect devices in a building, MANs connect buildings in a city, and WANs connect cities across countries. That's true but misses the point.

The real distinction is control.

A LAN is yours. You own the switches, the cables, the access points. When something breaks, you fix it. When you need more capacity, you add it.

A WAN is rented. You buy services from carriers. When something breaks, you open a ticket. When you need more capacity, you negotiate a contract.

A MAN sits in between—and increasingly, organizations choose to own it. A university runs fiber between its buildings across campus. A city government connects municipal facilities on infrastructure it controls. A hospital system links its facilities on dedicated lines.

A MAN exists because someone asked: "What if we didn't have to rent access to connect our own buildings?"

Metro Ethernet Won

Several technologies can build a MAN, but Metro Ethernet dominates for a simple reason: it's just Ethernet, extended.

Every network engineer knows Ethernet. Every device speaks it. When you extend Ethernet across metropolitan distances using fiber optic cables, your MAN feels like a really big LAN. Same protocols, same tools, same mental model. You get symmetrical bandwidth from 10 Mbps to 10 Gbps or higher, and it just works.

The alternatives exist for specific situations:

Fiber optic rings connect sites in a loop. Cut the fiber at one point, traffic flows the other direction. SONET/SDH protocols historically dominated here, though modern deployments usually run Carrier Ethernet over the fiber anyway.

Dark fiber means leasing raw fiber optic cables and installing your own equipment on both ends. Complete control, but you need the expertise to run it. Large institutions with serious bandwidth requirements and technical staff choose this.

Wireless links—microwave, millimeter-wave, or laser—connect buildings without cables. Useful when you can't dig trenches (historic districts, temporary connections, crossing obstacles). Building-to-building wireless can hit gigabit speeds with line-of-sight, though weather affects some technologies more than others.

But for most organizations building a MAN today, the answer is Metro Ethernet over fiber. It's boring in the best way.

Who Actually Builds MANs

Universities are the classic case. A campus spreads across city blocks—academic buildings, research facilities, student housing, administrative offices, the medical center across town. A MAN makes them one network. Students don't notice when they walk from the library to the engineering building; their connection just works. Research data flows between labs and computing clusters without touching the public Internet.

City governments connect everything municipal: city hall, fire stations, police precincts, schools, libraries, public works facilities. Shared resources, coordinated services, unified communications. When the systems talk to each other over infrastructure the city controls, things work better.

Healthcare systems with hospitals and clinics scattered across a metro area need to share electronic medical records, imaging systems, and administrative applications. They also need to meet compliance requirements that are easier when you control the infrastructure.

Large corporations with multiple buildings in a business district or campus use MANs to create what feels like one big office network. Users don't think about which building they're in.

Service providers build MANs as infrastructure to sell—aggregating customer connections across a city, routing traffic to Internet exchanges, feeding into long-haul networks.

Performance: Better Than Renting

A well-built MAN delivers performance between a LAN and a WAN, but closer to the LAN side:

Bandwidth typically runs 100 Mbps to 10 Gbps for most connections, with higher speeds where needed. This exceeds typical WAN bandwidth but might not match the multi-gigabit speeds in a modern building's LAN.

Latency between sites usually falls in the 1-10 millisecond range, depending on distance. Higher than LAN latency (under 1 millisecond) but far lower than cross-country WAN connections (30-100+ milliseconds). For delay-sensitive applications like voice and video, this matters enormously.

Reliability can be excellent. Fiber-based MANs with redundant paths achieve 99.99% uptime or better. When you own the infrastructure, you control maintenance schedules and equipment quality.

The performance advantage comes from two factors: shorter distances (physics) and dedicated infrastructure (no sharing with other customers' traffic).

The Ring Is Your Friend

MAN topology often comes down to one question: what happens when something breaks?

Ring topology connects sites in a circle—each location links to two neighbors. Cut one link, traffic flows the opposite direction around the ring. Many fiber-based MANs use dual counter-rotating rings: two rings running opposite directions, so even multiple failures might not bring down connectivity.

Star topology connects all sites to a central point, usually a data center. Simpler to manage, but that central point better not fail.

Mesh topology provides multiple paths between sites. Excellent redundancy, but expensive and complex. Partial mesh designs compromise between resilience and sanity.

Most serious MANs use rings. The redundancy is worth the extra fiber.

Security: Trust but Encrypt

A private MAN might feel secure—it's your fiber, your equipment, your buildings. But "private" doesn't mean "invulnerable."

Encrypt anyway. Fiber can be tapped. Equipment can be compromised. Defense in depth means encrypting even on infrastructure you own.

Control access. 802.1X authentication, network access control, MAC filtering—prevent rogue devices from joining just because they're physically connected.

Segment traffic. VLANs and routing policies separate different user populations and traffic types. A university MAN keeps student traffic away from research networks away from administrative systems.

Monitor everything. Anomalous traffic patterns, unauthorized access attempts, performance degradation—you need visibility across all MAN connections to catch problems.

Physical security matters too. Fiber in underground conduits, locked equipment rooms, secured rooftop wireless installations. The infrastructure exists in the physical world.

The Category Is Dissolving

Here's what's interesting about MANs in 2024: the boundaries are getting fuzzy.

5G networks deliver high bandwidth and low latency across metropolitan areas. When your phone gets gigabit speeds citywide, what exactly distinguishes that from a MAN? The ownership model differs, but the capability converges.

Software-defined networking makes MANs more dynamic. Instead of static configurations, administrators programmatically adjust routing and policies across the entire metropolitan network. The MAN becomes software.

Cloud changes the destination. MANs traditionally connected an organization's sites to each other. Now they increasingly connect sites to cloud on-ramps and Internet exchanges. The MAN becomes a path to somewhere else rather than a thing in itself.

Bandwidth keeps growing. 100 Gbps backbone links, 10 Gbps to individual buildings—what seemed like overkill becomes baseline. The performance gap between MANs and LANs narrows.

The concept of a MAN—dedicated metropolitan-scale infrastructure under organizational control—remains useful. But the sharp lines between network categories continue to blur as technology evolves.