Managed vs Unmanaged PoE Switch

Arjun

Arjun

Known around here
Feb 26, 2017
10,227
13,347
USA
Managed vs Unmanaged PoE Switch, which do you prefer and why?

I'm comparing a TP-link 8-port PoE+ Unmanaged and a Zyxel 8-port PoE Managed for attaching the cameras, thanks
 
If you have to ask then unmanaged is likely all you need..
 
  • Like
Reactions: spinrut, DavidDavid and cryptelli
I'm aware of the differences, but for a PoE environment and ensuring the cameras are within are a VPN, is the unmanaged way still doable here?

nayr said:
If you have to ask then unmanaged is likely all you need..
Click to expand...
 
nayr said:
If you have to ask then unmanaged is likely all you need..
Click to expand...

I can probably answer for everyone this forum when I say, if you know how to utilize a managed switch, you would prefer a managed switch. If you don't know how to use the management function of a managed switch, you should save yourself some money and get an unmanaged switch.

Unless you feel like experimenting with the management functions, then spend the extra $20 or so to get a managed.

I just got the ZyXEL GS1100-8HP (unmanaged 8 port Gigabit switch with four 802.3AT POE ports) and the first couple days kinda kicked myself for not spending the extra $20 for the managed version. Then after a few days of it just up, running and doing its damn thing all by itself and I completely forgot it existed, I rememberd why I got unmanaged. Just plug it in and boom, it works and you don't have to spend time messing around with it. (edit: a managed switch Will also plug right in and start working, you might need to set an IP address for it but other than that I meant that you'd be tempted to screw around with the settings. Wasting your valuable time)

Also, go read (and/or re-read) nayr's VPN primer. The switch has nothing to do with anything VPN related. And a managed/unmanaged switch definitely doesn't matter as far as a VPN is concerned.



OK, PS about the only positive thing I can think about for managed vs unmanaged is the ability to remotely reboot the switch. This would reboot any POE devices you have on it. That could be a good thing or a bad thing depending on why your wanting to do it.
 
  • Like
Reactions: Arjun
Thanks for your feedback, the TP-Link really stands out with PoE+ ports and added watt capacity. I'm thinking about just comparing the two and call it from there. It is an additional hassle though with a managed switch, at least with unmanaged we know that settings cannot be modified.

DavidDavid said:
I can probably answer for everyone this forum when I say, if you know how to utilize a managed switch, you would prefer a managed switch. If you don't know how to use the management function of a managed switch, you should save yourself some money and get an unmanaged switch.

Unless you feel like experimenting with the management functions, then spend the extra $20 or so to get a managed.

I just got the ZyXEL GS1100-8HP (unmanaged 8 port Gigabit switch with four 802.3AT POE ports) and the first couple days kinda kicked myself for not spending the extra $20 for the managed version. Then after a few days of it just up, running and doing its damn thing all by itself and I completely forgot it existed, I rememberd why I got unmanaged. Just plug it in and boom, it works and you don't have to spend time messing around with it. (edit: a managed switch Will also plug right in and start working, you might need to set an IP address for it but other than that I meant that you'd be tempted to screw around with the settings. Wasting your valuable time)

Also, go read (and/or re-read) nayr's VPN primer. The switch has nothing to do with anything VPN related. And a managed/unmanaged switch definitely doesn't matter as far as a VPN is concerned.



OK, PS about the only positive thing I can think about for managed vs unmanaged is the ability to remotely reboot the switch. This would reboot any POE devices you have on it. That could be a good thing or a bad thing depending on why your wanting to do it.
Click to expand...
 
Not sure about the TP link price, but my ZyXEL is POE+ as well. For normal cameras that's not necessary, but I figured I'd be set if I ever want to add a PTZ or something that requires POE+ I'll be set. Was also worried about only getting four POE ports, but with the +I can always get the POE+ to regular POE that nayr reviewed if I find I need more POE ports.

I figured with 70W available, I could put two of those splitters on it, and end up with 10 POE ports. At 8W max for the Turret Starlight 5231 cameras, I could potentially run 8 of those cameras from one switch and 2 splitters.

It would be pretty convoluted set up doing it like that, depending on where I put the splitter, but I figured it offers me a way to scale up as needed over time.
 
Last edited:
  • Like
Reactions: Arjun
Makes sense, then we don't have to run long lengths of ethernet cabling and use patch cables instead. :)

DavidDavid said:
Not sure about the TP link price, but my ZyXEL is POE+ as well. For normal cameras that's not necessary, but I figured I'd be set if I ever want to add a PTZ or something that requires POE+ I'll be set. Was also worried about only getting four POE ports, but with the +I can always get the POE+ to regular POE that nayr reviewed if I find I need more POE ports.

I figured with 70W available, I could put two of those splitters on it, and end up with 10 POE ports. At 8W max for the Turret Starlight 5231 cameras, I could potentially run 8 of those cameras from one switch and 2 splitters.
Click to expand...
 
Yea, I actually considered buying one of the POE+ ZyXEL switches for my house, then running one cable from the POE port to my barn that's 250ft from the house and connecting it to one of the splitters to power up to 4 cameras. I figured that would limit me in the future, so for an extra $45 I'm just gonna get a second ZyXEL switch for the barn.
 
Right. You can run a managed switch just as an unmanaged switch if you want. But if you never end up using the full features you wasted money up front. But.. If 1 year from now you decide to use those features, you just saved yourself money by not having to upgrade.
 
  • Like
Reactions: Arjun and cryptelli
I'm going to stick to the Zyxel 8-Port Managed Switch which was recommended to me earlier. I have 5-Port (only 4 for PoE) PoE Switch, currently unopened and sealed which I thought about using at first (Zyxel), but I might have extra leverage with 8-ports

cryptelli said:
I wouldn't say that. When I purchased my main 24 port switch years ago I went managed, was only recently when I decided to VLAN my network was thankful that I didn't have to get another switch.
Click to expand...
DavidDavid said:
Right. You can run a managed switch just as an unmanaged switch if you want. But if you never end up using the full features you wasted money up front. But.. If 1 year from now you decide to use those features, you just saved yourself money by not having to upgrade.
Click to expand...
 
Managed PoE switches have two benefits that anyone can appreciate. 1) The ability to reboot the switch, power-cycling connected PoE devices in the process. 2) Port statistics, which shows things like the number of good vs bad packets, rough cable lengths, PoE power usage maybe. These things can be useful for troubleshooting.

At least those are the only two things I use my Netgear's management interface for.
 
  • Like
Reactions: Arjun and cryptelli
cryptelli said:
I wouldn't say that. When I purchased my main 24 port switch years ago I went managed, was only recently when I decided to VLAN my network that I was thankful it was managed.
Click to expand...

From what I understand, you also need a VLAN capable router to take advantage of those, not just a VLAN capable switch, correct?

I thought I wanted VLAN's to put my cameras on their own, but @nayr once said
nayr said:
if you want to isolate your cameras with external PoE you need a VLAN Capable Switch and Router, or a 2nd router and some static routes defined.

isolating the cameras from the rest of your LAN dont nessicarly provide security, if they are isolated from the internet the threat they pose on your network is dramatically reduced and the attack surface is minimal..

The main reason for isolating your cameras from your LAN is becuase you dont trust your LAN; not the other way arround.. ie, you have employees that should not be able to access the recorder or cameras.
Click to expand...

I'm really not worried about guests connecting to my network and viewing my cameras. Even if they did they could only do it from my house.

Eventually I'll figure out a safe way to provide a secure guest network that only has access to the Internet anyway and my wife and I will be the only ones with the main network password.
 
cryptelli said:
I wouldn't say that. When I purchased my main 24 port switch years ago I went managed, was only recently when I decided to VLAN my network that I was thankful it was managed.
Click to expand...
Same with me.
I bought a managed switch because I found a good ebay deal on one.
Was later glad I did because it lets me VLAN my cameras and keep them isolated.
Being able to check power consumption and dropped packets is also nice.
 
DavidDavid said:
From what I understand, you also need a VLAN capable router to take advantage of those, not just a VLAN capable switch, correct?
Click to expand...

Correct. When you use a router with a Layer 2 switch it's referred to as a "Router on a Stick".

Alternatively you can use a Layer 3 switch which does the routing for you.

In my situation, there is the need to isolate certain PC's from my main network which is why I segmented everything and applied firewall rules to stop inter-vlan communication. The cameras are also on their own VLAN.
 
Last edited:
cryptelli said:
Correct. When you use a router with a Layer 2 switch it's referred to as a "Router on a Stick".

Alternatively you can use a Layer 3 switch which does the routing for you.

In my situation, there is the need to isolate certain PC's from my main network which is why I segmented everything and applied firewall rules to stop inter-vlan communication. The cameras are also on their own VLAN.
Click to expand...

My router is not VLAN aware (Asus RT-AC68), but I implemented VLANs in my managed switch.
It worked since I have my BI PC, all the cameras, and the router connected to the managed switch.
Simple Port based VLAN

Randy
 
  • Like
Reactions: cryptelli
cryptelli said:
Yep, if you cannot use 802.1Q then port based is another option.
Click to expand...
Port based on my switch was easy to do, and it works, so I just used that.

I guess I was lucky, I think not all switches will let you assign a port to multiple VLANs, but mine does.
Otherwise, my scheme would not have worked.
 
You must log in or register to reply here.
Top Bottom