Options exist for additional network security on all of your systems. Learn about unmanaged and managed switches and vLAN to determine what are the best options for additional security.
Unmanaged Switches (US)
Understanding how switches work can help you determine what switch options may provide better network protection. If you have questions, contact ITC staff to help you switch up your network for added security.
Unmanaged Switches (US) use auto-negotiated ports to determine parameters, like data rates and whether to use half or full duplex mode. These switches have no concept of vLANs, therefore, all devices belong to the same broadcast domain.
Managed Switches (MS)
Managed Switches (MS) allow users to adjust each port on the switch to any setting. This enables them to manage, configure and monitor the network in many ways. MS also provides greater control over how data travels over the network and who can access that data.
MS also offers Simple Network Management Protocol (SNMP), which allows users to monitor the statuses of the switch and individual switch ports, while providing stats like traffic throughput, network errors and port status. Network admins can track this data over time and use it for both troubleshooting and network capacity purposes.
Functionality of US
US maintains a media access control (MAC) address table, which tracks dynamically learned addresses on the corresponding switch port where the MAC addresses were learned.
The inclusion of a MAC address table means unmanaged network switches offer a per-port, separate collision domain. A collision can occur when two devices within the same domain attempt to send data at the exact same time. A collision can cause the switch to drop both packets, and the end devices are forced to retransmit.
Managed Switches = More Options
MS ports can be configured as trunks, which is a process that tags data frames with a vLAN ID and transports multiple vLAN frames across a single link. Trunk ports are used to connect two switches together or to connect a switch to a VM server that requires access to multiple vLANs.
Admins can combine multiple ports to form port-aggregated links that transport at two, four and eight times the speed of a single link. MS almost always has a remotely accessible console, command line or web interface, which enables admins to make configuration changes or adjustments from different physical locations.
DIFFERENCES of US vs. MS
Control and Performance
A networking team is responsible for maintaining both MS and US. Teams can configure MS to handle network traffic differently and can do so with remote access configurations and the ability to monitor devices using monitoring protocols, such as SNMP, NetFlow and other network telemetry data. MS allows admins, who understand network configuration and monitoring concepts, to apply those concepts to a switch configuration. US have more of a plug and play installment process.