Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2404
  • Last Modified:

Connect Unmanaged switch to Cisco Switch Network

Hello Experts,
One of the Cisco Switch in our existing network running out of ports. I am going to add unmanaged 8 ports switch to it.

- Is it a wise decision to add unmanaged switch ? I know its not :). However, lets assume I added what problems I can face.

Thanks in advance.
0
cciedreamer
Asked:
cciedreamer
  • 4
  • 3
  • 2
  • +1
1 Solution
 
jburgaardCommented:
Since you ask the q, I guess you are not in a business where security is a concern.

Where I work, education, it is vital that no one can create a broadcast-storm by connecting  two ports. On a managed switch the Spanning Tree Protocol can protect in such a case.
0
 
cciedreamerAuthor Commented:
I work at hospital.
Just I need understand for my knowledge as well, what can happen ?
0
 
Darr247Commented:
If where you're adding the unmanaged switch is a secured location (such as locked cabinet, closet or room), I don't see the security concern... anyone authorized to physically access the location could potentially have more access to the LAN's inner workings and performance than an unmanaged switch would present.

Disregarding the security implications, if the managed switch is gigabit, I would use an 8-port gigabit switch, and offload seven 10Mb/100Mb devices onto the unmanaged switch, if possible... that should mitigate any bandwidth bottleneck from the 7-into-1 connection.
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
cciedreamerAuthor Commented:
Its in the locked cabinet.

My concern is related to networking what are implications could happen when connecting a unmanaged switches to the cisco network.

Thanks
0
 
Craig BeckCommented:
1] If you use VLANs in your network you'll only be able to use one VLAN on the unmanaged switch.

2] You'll not be able to stop people connecting their own switches/routers etc, to the network via that switch.  This could effectively allow people to host their own DHCP (for example) and disrupt services for other users connected to that switch.  It could even allow for man-in-the-middle type or denial-of-service attacks on that segment.

3] You'll not be able to collect any individual logs per interface.

4] You won't be able to remotely disable ports if you need to.  You'd have to disable the port which links to the switch itself, which would disable all devices.

...the list goes on.

I will say this though - I'd NEVER even consider doing it on a production network in a hospital, especially if it's going to be hosting network connections for critical systems.  Obviously though I don't need to tell you that :-)
0
 
Darr247Commented:
You could also go halfway... i.e. not fully managed, but to one of the semi-managed 'smart' gigabit switches like Netgear's GS108T, et al, that support VLANs and QoS (et cetera), if you need those features.
0
 
Craig BeckCommented:
...really though they're either unmanaged, or managed, meaning they either can be configured or they can't.  Half-way isn't really that :-)
0
 
cciedreamerAuthor Commented:
Thanks craigbeck for your explanations. Well I was thinking the other way that It might created loops in the network or mac address flooding something like that.

Samir
0
 
Craig BeckCommented:
Loops can be restricted to the unmanaged switch only as STP will mitigate that at the switchport where the unmanaged switch connects.

MAC flooding can be mitigated by using port-security on the switchport too, and by maybe also using DAI.
0
 
cciedreamerAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now