A network can be made up of many end devices, from HMIs and PLCs to Switches and Routers. Most networking devices have management services, including the ability to change the IP address or specific device settings at a more advanced level. 

Managed switches and routers can configure using firewalls, MAC filtering, or disabling unused ports. Although all these options are sometimes preferable that will come at an added cost. Unmanaged switches offer a low-cost option as an alternative in some cases. They can be used as an expansion switch in mixed media network, or to grow a network that is at maximum capacity. 

Here are four common questions about unmanaged switches.

Question 1: Should an unmanaged switch replace a managed switch in a network? 

An unmanaged switch can replace a managed one, but this is very specific to the application. If for example, you need to build a redundant ring network using FRNT, unmanaged switches lack the management facilities to deploy FRNT and be part of the ring. In this case you would require the use of a Lynx, Redfox or Viper. 

Though, the SandCat can offer redundant ring switches, which are at maximum port capacity, with the ability to supply extra ports for end devices. The SandCat is designed to grow your network capacity, not replace existing equipment. 

_{Illustration 1: A low-cost option for connecting multiple end-devices to the network. The fibre port can enable communication over larger distances or between different sites.}

Question 2: Is a SandCat secure? 

Devices are only as secure after they have been configured. Out of box, most switches (either managed or unmanaged) will operate with little or no security features in place. If these settings are missed, ignored, or not considered important, security will naturally decrease and make your network potential vulnerable. A network is only as secure as its configuration.

Security, or lack of features, is sometimes an argument against using unmanaged switches in your network. Although unmanaged switches do not offer management facilities such as MAC filtering or Firewalls, these functions must be properly configured to have a significant effect. If they are configured elsewhere on the network, since the SandCat is used for expandability and port count, they naturally can be secure through other measures in place. 

The short answer is that the SandCat is secure once the network is configured with cybersecure services. 

Question 3: Does a SandCat enable network expandability? 

Yes, an unmanaged switch can offer network expandability. Over time, a network may grow to add more sensors, HMIs, PLCS, and other end devices. This could be because the original managed switch may not be able to facilitate the expansion, yet the SandCat offers a low-cost solution.

_{Illustration 2: When the port count of a managed device has been depleted, an unmanaged switch can extend the port count, enabling installation of more end devices.} 

Question 4: Can you stop a hacker from plugging in to a SandCat and accessing the network?

This is a very serious threat when using an unmanaged switch. Securely designing your network can prevent unauthorised access. Examples could include monitoring, alarms or threat detection so that a system should flag up, alert and ensure the incident is handled correctly. 

Remember, an unconfigured managed switch operates the same way as an unmanaged switch. Configuration of security must be implemented in many layers of the system and network to protect all assets of system. 

SandCats are compact, easy-to-use unmanaged industrial Ethernet switches. The five-port fast Ethernet switch series offers a cost-effective, plug-and-play solution for many industrial applications that complements our current range of managed switches.

The SandCat series is suited to extend the port count of managed switches, enabling the installation of more end devices for various topologies.

Read more about the SandCat here

This article is written by Ant Lane, Global Training Manager at Westermo