Solved

Connect Unmanaged switch to Cisco Switch Network

Posted on 2013-12-14
10
1,819 Views
Last Modified: 2013-12-30
Hello Experts,
One of the Cisco Switch in our existing network running out of ports. I am going to add unmanaged 8 ports switch to it.

- Is it a wise decision to add unmanaged switch ? I know its not :). However, lets assume I added what problems I can face.

Thanks in advance.
0
Comment
Question by:cciedreamer
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 17

Expert Comment

by:jburgaard
ID: 39718716
Since you ask the q, I guess you are not in a business where security is a concern.

Where I work, education, it is vital that no one can create a broadcast-storm by connecting  two ports. On a managed switch the Spanning Tree Protocol can protect in such a case.
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39718720
I work at hospital.
Just I need understand for my knowledge as well, what can happen ?
0
 
LVL 44

Expert Comment

by:Darr247
ID: 39718774
If where you're adding the unmanaged switch is a secured location (such as locked cabinet, closet or room), I don't see the security concern... anyone authorized to physically access the location could potentially have more access to the LAN's inner workings and performance than an unmanaged switch would present.

Disregarding the security implications, if the managed switch is gigabit, I would use an 8-port gigabit switch, and offload seven 10Mb/100Mb devices onto the unmanaged switch, if possible... that should mitigate any bandwidth bottleneck from the 7-into-1 connection.
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39718860
Its in the locked cabinet.

My concern is related to networking what are implications could happen when connecting a unmanaged switches to the cisco network.

Thanks
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39718871
1] If you use VLANs in your network you'll only be able to use one VLAN on the unmanaged switch.

2] You'll not be able to stop people connecting their own switches/routers etc, to the network via that switch.  This could effectively allow people to host their own DHCP (for example) and disrupt services for other users connected to that switch.  It could even allow for man-in-the-middle type or denial-of-service attacks on that segment.

3] You'll not be able to collect any individual logs per interface.

4] You won't be able to remotely disable ports if you need to.  You'd have to disable the port which links to the switch itself, which would disable all devices.

...the list goes on.

I will say this though - I'd NEVER even consider doing it on a production network in a hospital, especially if it's going to be hosting network connections for critical systems.  Obviously though I don't need to tell you that :-)
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 44

Expert Comment

by:Darr247
ID: 39718965
You could also go halfway... i.e. not fully managed, but to one of the semi-managed 'smart' gigabit switches like Netgear's GS108T, et al, that support VLANs and QoS (et cetera), if you need those features.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39718972
...really though they're either unmanaged, or managed, meaning they either can be configured or they can't.  Half-way isn't really that :-)
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39719165
Thanks craigbeck for your explanations. Well I was thinking the other way that It might created loops in the network or mac address flooding something like that.

Samir
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39719212
Loops can be restricted to the unmanaged switch only as STP will mitigate that at the switchport where the unmanaged switch connects.

MAC flooding can be mitigated by using port-security on the switchport too, and by maybe also using DAI.
0
 
LVL 3

Author Closing Comment

by:cciedreamer
ID: 39746085
Thanks
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now