In your industrial network, switches improve and increase local network access. They can be relatively simple and manage themselves, or have more options and need to be managed by an administrator. That’s the distinction between managed switches and unmanaged switches.
While managed switches offer significantly more options than unmanaged switches for any network, they aren’t always the best option. They need much time to set up and call for an experienced network administrator. That said, these costs may be too big compared to your needs!
An unmanaged switch is significantly easier to set up: it’s mostly plug-and-play. The switch will share the same bandwidth, and it won’t send identical information at the same time. That said, the switches will still keep a media access control (MAC) table, allowing the network switch to have separate per port collision domains.
Next, I can go a bit deeper into managed and unmanaged switches. It’s actually less complex than it sounds from the outside.
What Is a Managed Switch?
As the name suggests, a managed switch is a switch with control and monitoring functions. They require more time and expertise to set up correctly, but their benefits might be significant for many users.
Primarily, managed switches allow the administrator to use quality-of-service (QoS) features, prioritizing devices that share services and applications. This way, a managed switch can’t fail if more devices are sending the same information simultaneously.
Additionally, a managed switch can use an STP protocol and other topologies. That also enables increased stability and more redundancies in the system. This will separate what different system users can access on the network.
Finally, managed switches are much easier to manage and troubleshoot. For example, you can use PowerShell to run remote commands. A network administrator can also control access, and use telemetry data, like power and data usage.
In conglomeration, managed switches have increased security and oversight. They can also use some programs that increase cybersecurity. When you monitor the system for attacks and control access to the network, you can remedy any breach relatively quickly.
Now that I’ve shown you what managed switches are, let’s move on to unmanaged switches.
What Is an Unmanaged Switch?
Unlike their managed counterpart, unmanaged switches are auto-negotiated between the network. They offer the same access to all devices on the network and broadcast domain. They’re also much easier to set up and require little maintenance.
That said, you can’t apply VLAN and other aspects to these networks. For operations where remote access is necessary, such a network would offer fewer options and many more cybersecurity liabilities.
Namely, unmanaged switches aren’t looked over, so any attempt to go through the switch from the outside will go unnoticed. Many switches may even become beachheads for someone trying to breach the devices. That means you might be at risk if you don’t implement enough protection on the devices.
Unmanaged switches can also store and make MAC-address tables as a UID marker. They’ll also improve upon simple LAN connections through Ethernet with an ethernet switch. In simple network topologies, this will offer better reliability.
Finally, an unmanaged switch can determine data rates. It can also decide if you need a half-duplex or a full-duplex mode.
Overall, unmanaged switches are suitable for networks that can be managed through different means. They’re also ideal for operations that are in close physical proximity. For such cases, where telemetry is directly accessible, managing a switch will only be a loss of time and resources.
Managed vs. Unmanaged Switch: Key Differences
|*||Managed Switch||Unmanaged Switch|
|Topology Complexity||STP, ring, mech, stacking, aggregation||Star, daisy chain|
|Multicasting||Yes, native||No, congestion|
|Management||Extensive performance and QoS features||Plug-n-play, no management|
|Security||Monitoring, restrictive access, data telemetry, native security apps, and 3rd party security software||No native security features|
The primary difference between managed and unmanaged switch options is the complexity. Unmanaged switches are simpler to set up and maintain, and they don’t need an active administrator. Yet, they don’t offer nearly as many oversight and control capabilities.
Here, I’ll break down what each of these advantages means.
Managed switches offer a much more complex topology for the network, which might be necessary for organizations that need to manage multiple devices, users, and physical locations.
A great example is observing connections inside one room of a building. You might see a simple connection topology in a single room. Look around and count the computers linked with each other or the router.
Conversely, a complex topology would be like a pyramid, where you have multiple sets of simple connections all routed to each other, supervising devices, and other groups.
For a managed switch, all that can be on the same connection, with rules set up internally. You won’t be able to do that on an unmanaged switch.
While it sounds very ‘’techy’’, multicasting refers simply to two devices sending the same information at the same time through the switch and further through the router. Something like streaming a video is a great example, but company files and CRM tickets are much more frequent.
For a managed switch, it’s easy to dedicate specific names to both requesting devices and storage devices. Multicasting can’t fail with a managed switch.
Unmanaged switches won’t allow the device to discern a separation between the two sets of information. Instead, it’ll simply drop both as a mistake. In smaller, unmanaged networks, these identical requests may indicate a security issue, so it’s better that way.
Network administrators with managed switches can use apps like PowerShell to instruct commands remotely. They’ll also have access to better telemetry from each device, provided by the switch itself.
Yet, that also makes a difference in acquiring the hardware and maintaining it. Setting up a connection is more difficult, and you’ll need a dedicated network administrator. The additional hours will, in time, surpass the added cost of hardware.
Cybersecurity capabilities differ greatly between managed and unmanaged switches. Managed switches allow for cybersecurity protocols to be, in part, moved from the device itself to the switch. In complex systems, this decreases the chance that human error or unauthorized device access will cause a breach.
The unmanaged switch itself isn’t a liability, but it doesn’t allow oversight. It also doesn’t provide the same security level as managed switches.
Next, let me focus on the performance of both managed and unmanaged switches. This is the most contested subject because it isn’t always obvious which is better.
Managed and unmanaged switches can work similarly. More accurately, managed switches can offer each device the same access, priority, and bandwidth. Still, a more complex option won’t be possible with an unmanaged switch.
Managed switches allow you to configure the network differently, allowing separate traffic handling depending on the status of the device in the network. Additionally, it can allow devices with higher authority to monitor those under them, without the ability to monitor those over them.
You can even use different monitoring protocols, like PowerShell, NetFlow, or a Simple Network Management Protocol (SNMP). What’s more, you can supervise devices for telemetry data, directly or automatically at predetermined times and types.
Managed switches are more costly than their unmanaged counterparts. Consider these 3 costs when deciding to move to or implement managed switches:
1. Hardware Costs
Good quality managed switches are relatively rare, but you can still purchase those online. Their cost ranges from a couple of hundred dollars and can reach into the thousands if you have a large network with a lot of bandwidth and devices.
Conversely, you can buy unmanaged switches from any well-supplied big box store. They’ll cost you anywhere between a couple of dozen dollars to a couple of hundred.
2. Labor Costs
Labor costs will depend on your region and your industry. You’ll need at least one person knowledgeable about networking and switches. You’ll also usually look for someone with a current Cisco certificate.
3. Maintenance Costs
Amortization costs for switches in general, aren’t as significant. Switches are durable and can withstand a wide range of temperatures and moisture levels in their space. High-quality products will also withstand significantly more, making them a reasonable option.
A recommended period to change your switches would be around five years, but most products will last close to 10 years.
Cybersecurity differences between managed and unmanaged switches are very significant. Management brings forth many apps and features that’d otherwise be unreachable.
Unmanaged switches don’t have the capability for port security and can’t use 802.1X authentication. Because they don’t have a concept of virtual LAN connections, a private VLAN also won’t be possible.
Unmanaged switches also have less oversight, so it’s harder to notice a breach when it happens. If no one regularly inspects each device, threats can stay unnoticed long enough to cause harm.
Finally, an unmanaged switch won’t be able to apply many of the SIEM tools or zero-trust network access functions. When you’re prioritizing security, or devices are accessing the network remotely, these functions are necessary.
How to Choose Between a Managed and an Unmanaged Switch
When making this decision, you need to consider several aspects. For example, consider the size of your company, user requirements, and device locations. That said, you should also think of the required security of the data involved, so you make the right choice.
For smaller operations, especially if working from a single premise, an unmanaged switch can be a better option. It’s significantly cheaper, and it poses fewer, less significant security concerns if all devices are accessible.
Additionally, these operations are usually connected in a star pattern without hierarchy. They’ll need equal bandwidth, so they’ll virtually never send identical data through the network. In turn, that removes the need for management.
Use managed switches if:
- You have multiple devices or devices that will regularly send identical data like video or music.
- You need an extra layer of security for the devices.
Conversely, requirements for a managed switch come with larger operations or remote operations. Such companies will need the capability for a private VLAN between devices and a more complex hierarchy.
What’s more, managed switches become an obvious choice when the cost of a network manager and oversight apps doesn’t scale with your company’s size. It doesn’t matter if you have five or five hundred devices, you’ll still need a single network administrator. The only thing that increases is the number of physical switches.
Use unmanaged switches if:
- You have devices that don’t need anything more than a star topology or even simpler.
- You have devices that are physically close and don’t do the same job or use virtual LAN. (in this case, manage the devices directly!)
In a nutshell, don’t overestimate or underestimate your company’s needs and capabilities. That way, you can make the right decision when choosing between a managed and unmanaged switch.
Your choice will depend on your operation size. If you run a small startup, an unmanaged switch will make your work easier. Conversely, if you have many remote employees or a complex environment, go for a managed switch. (Don’t forget the network administrator to manage that switch!)
For those somewhere in the middle, using a Layer 3 switch would be the ideal option. It integrates the capabilities of a router with a switch and allows features like VLAN, without committing to the complexity!.
That said, if a general manager can handle security and oversight, then an unmanaged switch can be better. If each device is tested and monitored directly, you don’t need the added expenses, labor, and complexity.
Have more questions about managed and unmanaged switches? Read more in the FAQs and Resources below!
Do I need a managed switch for my company?
Here, it’s best to ask your network administrator. If your company doesn’t plan on getting a network administrator, the answer is ‘’no’’. An unmanaged switch for an office will be more than enough, and it’ll be much easier to set up. Yet, modern database types will also require a managed connection, because similar data will likely come from multiple places in the network.
Is an unmanaged switch a security liability?
No. While managed switches give you more security options, unmanaged switches won’t make your device less safe. If you have good security on the devices or the external router, you’ll still be safe!. It’s currently better to use threat hunting and be proactive than to wait for an attack.
How can I install an unmanaged switch?
Unmanaged switches work on a plug-n-play basis. Once you turn the switch on and plug in the ethernet cables, it’ll automatically negotiate all connections. In most cases, a modern managed switch with a smart switching portfolio will start out of the box in the same way, but you’ll need to access it and set up the additional features manually.
Is a managed switch worth it?
The cost of a managed switch is almost entirely on labor. Sometimes, it makes sense to pay a good network administrator the extra $35-$45 per hour to get extra security and reliability. In that case, you might as well let them do it on a managed switch. If not, then going simpler is the way to go.
Does an unmanaged switch give out a Unique Identifier (UID)?
Yes. An unmanaged switch will create MAC-address tables and store them in its memory. This UID might not show every individual device on the network, but it’ll leave traces of the network itself when reaching external devices.
TechGenix: High-Performance Managed Network Switches
Read more about high-performance managed network switches here.
TechGenix: Windows Server Uptime
Learn how to Check Your Windows server uptime with PowerShell here.
TechGenix: Microsoft Teams and Your Infrastructure
Find out if your network infrastructure is ready for Microsoft Teams here.
Linksys: Managed, Unmanaged Switch Settings
Learn what settings to check when using a managed or unmanaged switch here.