What's new

Managed / Smart Switch for secure home networking

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

erraticsemotional

Occasional Visitor
So after years of consumer grade networking, I'm taking the plunge into something more robust.

My plan includes an Access Point, Pfsense router, FreeNAS. I plan on using 9 wired clients, with another 5~6 wireless clients. My primary concerns with the switch is security, stability, performance, low noise, and energy efficiency.

I am looking for a 10 ~ 16 port 1GbE switch, more ports is OK. I think I may need to look into smart / managed switches to enable Link Aggregation and Vlans.

Requirements:

- Must be quiet (fanless maybe? I live in a small apartment, so I can't really escape it)
- Well support firmware (something that's going to be updated more often and for longer than most consumer routers / isn't end of life)
- Link Aggergation
- Vlan
- Somewhat easy to use for a novice / home use (I am willing to learn and experiment)
- Nominal LAN / WAN performance penalty
- Budget $200 range
- Longevity (something I potentially wouldn't replace for 7+ yrs)

Nice to haves - but not dealbreakers:

- PoE

I've done some research and looked through the forums for advice and am considering the Cisco's Sg200 range, but wanted SNB's advice and feedback. Is there something better? Are my requirements unrealistic?

Thanks!
 
16 port Gigabit Ethernet switches are pretty run-of-the-mill. Yes, you'll need a smart / managed switch for VLANs and Link aggregation. Today's gigabit 16 port switches are fanless. They also are fully non-blocking meaning they'll support Gigabit wire-speed between all ports simultaneously.

Keep in mind link aggregation doesn't increase bandwidth for single clients. It is used to make a larger pipe either between switches of to devices like NAS.

PoE will push you above your budget.

Some people swear by NETGEAR ProSafes...some swear at 'em. I've been going cheap lately with 8 port TP-LINK and TRENDnets (unmanaged) and they've been fine.

This review of two 8-port smart TP-LINKs will give you an idea of features. They're available in 16 port versions.
 
This review of two 8-port smart TP-LINKs will give you an idea of features. They're available in 16 port versions.

Not much help for those of us that are primarily Mac/Linux - the management util for the TP-Link switch is Windows only...

"Configuring the SG108E requires installing TP-Link's Easy Smart Configuration Utility, shown below, which supports only Windows. I was able to install the utility on both Windows 7 and Windows 8.1 PCs."​
 
My understanding is that the Ubiquiti switches are pretty nice for the money. Check the warranty though. I did a quick check and it looks like a 1 year warranty, but I could be wrong. I personally use TP-Link switches in my house (I have 6 of them). I have never had any sort of problem from any of them. Only the Easy-Smart series of TP-Link switches have to use the Windows program to manage them. The Smart series and Managed series use built in Web management. I use this switch as my "core" switch. It is in the Smart series. Very good value for the money. If you are really against TP-Link then my recommendation would be HP. They make good switches across a huge spectrum of prices and their warranty is outstanding. I have also heard good things about Netgear but have not used any.
 
I like the Cisco SG300 series switches. You also have the option to run at layer 3 which I do. They are low power and can be had used. Cisco still puts out firmware updates for them. I had a new firmware update about a month ago.
 
Abaily,

Thanks for the feedback. I wrote off that TP-Link because of reports of noise.
Any thoughts on the updated version?

The TP-Link TL-SG3216 you linked to is actually in TP-Link's Managed series, which is their top of the line series. One series above the Smart series switches which I linked to. I have not used them but I would assume they are every bit as good as the Smart series plus offer more features. You would need to compare features to see if you needed or wanted any from that line that the Smart series do not deliver.
 
The amazon reviews indicates fan noise? Was there a previous hardware revision?
Is the firmware still update?
You need to pay close attention to Amazon reviews. They often mix reviews for different models together.
I have no idea whether firmware is updated. I've never checked, nor needed to.
 
Thiggins,

Regarding firmware - doesn't that usually patch up security problems? Is there a reason you wouldn't want to update the firmware?
 
There was a Version 1 hardware for the TL-SG2216. Don't know if it had a fan or not. Mine is fanless. I did update the firmware when I first purchased the switch and I assume there is newer firmware available, but like Thiggins said, I have never needed to update the firmware since I have had the switch in production.

Added: I am of the mind if it is not broke don't fix it. And that applies to firmware updates except for my firewall. Since it is exposed to attacks from the internet I make sure it is updated.
 
Thiggins,

Regarding firmware - doesn't that usually patch up security problems? Is there a reason you wouldn't want to update the firmware?
Switches aren't exposed to the internet. So there isn't much that can be compromised.
 
Switches aren't exposed to the internet. So there isn't much that can be compromised.

My earlier post, regarding the TP-Link 8 port switches and Windows only util for management...

I don't have one of these handy to check - but I'm told that one can SSH in (same credentials as the Win app), and then do a Crtl-Z, which gets one into an interactive shell... is this true?

If so, these devices become much more useful for non-Windows folks, and it's a powerful tool for scripting...
 
Thiggins

I am new to switches, so forgive the seemingly basic question: I know a switch routes based on MAC addresses, and doesn't interact with IP addresses, but how is a switch immumed from being exploited either by rouge users on LAN or by traffic passing by from WAN?
 
I am new to switches, so forgive the seemingly basic question: I know a switch routes based on MAC addresses, and doesn't interact with IP addresses, but how is a switch immumed from being exploited either by rouge users on LAN or by traffic passing by from WAN?

Traffic passing through the switch from the WAN is not a problem. The traffic would have to be directed at the switch, which should not happen if your firewall is set up correctly. Now the switch is not immune from rouge LAN users. I thought you were talking for your home. If your talking for business then that is a different story. You may want to update your switch firmware more often. But then again if this is a business it would be better practice to put the switch management IP on a management VLAN (and subnet) that is not accessible to normal LAN users and employees.
 
When it comes to unmanaged some switches still do poorly or freeze. However even tp-link unmanaged switches are fine.

When it comes to managed switches they vary a lot by features and firmware. Like a router a bad firmware for a switch can cause problems and manage switches vary so much that even for the same line of netgear prosafes some support some features while some dont. I have a netgear prosafe and not everything works on it but almost all the features on it work fine. Its an older model that isnt fanless though.

Fanless switches are fine, the manufacturing process have gotten smaller that a 48 port switch can now be fanless and use a lot less power than last time. While POE switches are more expensive they can still be within the budget depending on what you're looking for. For a POE switch there can be some variances like only POE on some ports and you must calculate the power use of what you will plug into it. If you do go for POE get a managed switch as it will give you the capability to manage the POE interface vs a dumb switch with POE. Whether the switch has fans or is fanless temperature is important so dont block the vents and make sure it has adequate airflow. POE switch with a fan is better because the power unit also needs cooling.

Ubiquiti and mikrotik both actually make switches but ubiquiti has POE switches. To get a smaller switch from either brand is hopeless so while they may seem to have a good price they arent any better than what you find around for smart/managed switches however their higher end switches (usually their rackmountable ones) offer quite a lot and are fully managed (good for the price if you want a fully managed switch). The only problem with a fully managed switch is that when you add filters it stops forwarding at wirespeed (For those that get confused im referring to the switch chips actually processing filters not the CPU). If you want to consider one of these 2 would mean having a non critical network that doesnt always need performance, but wanting the features of a fully managed switch for a lower price point instead of a cisco/juniper fully managed switch. Dont forget like every other brand these 2 brands lack support that cisco and other similar brands give for their very high end products.

The cisco SG is a semi managed switch (basically cisco's lower end switch that is better than consumer quality). One thing you can do is go for switches aimed for business instead of low end as they will usually have better firmware and features. Do some search, post some models here and we can help you find which of them would best suit you. When buying a managed switch it is important to know what you want from it and what will you want from it. Not all switches with fans are noisy and i can say for certain that i have modified get my very noisy CCR router to be much quieter than the ubiquiti edgerouter pro while using 45W so fans arent that bad. Just because a switch has a fan doesnt mean it is noisy and for some switches you can replace the fans with silent ones. Some non consumer class equipment have fans to reduce the temperature even if it is not needed but to increase the lifespan of it. If you do go for a switch with a fan make sure it uses a 12V fan because those are plentiful and easy to get especially the silent ones.

Switches are usually the last ones to get upgraded as they do fine for much longer than a router does nowadays.
 
System Error Message,

Thanks for the reply.
It definitely gives me more to think about - I would like a more prosumer / business class switch. I have a bias against most consumer grade tech hardware. I posted the Cisco SG200 as a starting point, but I was looking for more options from folks who follow this space more closely.

The TP-Link TL-SG2216 recommended looks like it fits the bill, but I'm trying to understand the difference between the the SG2216 and the SG3216. Since this is my first switch aside from features (which I need to research more and understand) is there anything that would differentiate them in terms of performance?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top