Answer

Choosing a switch: Should you splurge on enterprise Ethernet switches?

We're looking for a solid Ethernet switch for our medium-sized enterprise. I've been reading that several vendors are coming out with Ethernet switches for SMBs that claim to offer enterprise-grade security features. Are these switches viable when it comes to security, or should we spend more for something higher-end?

    Requires Free Membership to View

Ask the Expert!

Have questions about network security for expert Matt Pascucci? Send them via email today! (All questions are anonymous.)

Before looking into purchasing an Ethernet switch or stack of switches for your environment, ensure that the models you're looking at are in fact capable of meeting industry standards, regardless of what size company a vendor says they're intended for. Here are a few things to look for when weighing the decision to purchase an enterprise switch or an SMB switch, from a security point of view:

  1. Verify that you're able to setup VLANs on the switch and that they're able to span to other switches in a stack, in case your network ends up growing. This is important and should be a default feature in whatever switch you choose to ensure secure network segmentation as network demands increase.
  2. Make sure that there can be security on the port level. Security at this level helps mitigate a number of issues, such as rogue workstations being plugged into your network. It can also help detect multiple media access control addresses coming from one port, which could mean it is a Trojan or someone plugged in a hub to the port.
  3. The ability to log in to a switch securely either by SSH or HTTPS with a Web GUI is mandatory. If you can't authenticate securely to the switch, you are leaving a hole in the network.
  4. Similarly, the ability to log in to a centralized repository is another area that you should review. Determine if the switch can perform syslog to back up its logs for review when needed.

In today's economy, it's important to justify security with the budget at hand. If you don't have the budget to spend on enterprise Ethernet switches, then an SMB switch will have to do for now. If you do have the budget, it's prudent to conduct an overall network risk assessment to determine the most significant risks to your organization and use that budget to address those risks.

This was first published in March 2013

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: