We're looking for a solid Ethernet switch for our medium-sized enterprise. I've been reading that several vendors...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
are coming out with Ethernet switches for SMBs that claim to offer enterprise-grade security features. Are these switches viable when it comes to security, or should we spend more for something higher-end?
Ask the Expert!
Have questions about network security for expert Matt Pascucci? Send them via email today! (All questions are anonymous.)
Before looking into purchasing an Ethernet switch or stack of switches for your environment, ensure that the models you're looking at are in fact capable of meeting industry standards, regardless of what size company a vendor says they're intended for. Here are a few things to look for when weighing the decision to purchase an enterprise switch or an SMB switch, from a security point of view:
- Verify that you're able to setup VLANs on the switch and that they're able to span to other switches in a stack, in case your network ends up growing. This is important and should be a default feature in whatever switch you choose to ensure secure network segmentation as network demands increase.
- Make sure that there can be security on the port level. Security at this level helps mitigate a number of issues, such as rogue workstations being plugged into your network. It can also help detect multiple media access control addresses coming from one port, which could mean it is a Trojan or someone plugged in a hub to the port.
- The ability to log in to a switch securely either by SSH or HTTPS with a Web GUI is mandatory. If you can't authenticate securely to the switch, you are leaving a hole in the network.
- Similarly, the ability to log in to a centralized repository is another area that you should review. Determine if the switch can perform syslog to back up its logs for review when needed.
In today's economy, it's important to justify security with the budget at hand. If you don't have the budget to spend on enterprise Ethernet switches, then an SMB switch will have to do for now. If you do have the budget, it's prudent to conduct an overall network risk assessment to determine the most significant risks to your organization and use that budget to address those risks.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Matthew Pascucci
Researchers found several Dnsmasq vulnerabilities that affect Google's Android operating system. Matt Pascucci explains how these flaws can be ...continue reading
After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci...continue reading
A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this '...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.