Announcement

Collapse
No announcement yet.

Your Favorite Hardware Recommendation - Managed Switches

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Your Favorite Hardware Recommendation - Managed Switches

    Heya,

    I am hesitant to post this, not because it will seem like i'm soliciting tech support, but rather because it will reveal the degree to which i'm out of touch on one aspect of the tech field. While I rode the dotcom boom and worked for lots of tall-building, suit-and-tie gigs back around the turn of the century... lately a lot of folk here know that I have taken some time to just relax with small-business and educational contracts. Way less pressure, and wickedly flexible schedules... which allows me to be at so many cons that i'm routinely greeted with "Jeebus... what the fuck are you doing here?? Weren't you just <somewhere halfway across the country/world> last week?" (Another key benefit pertains to attire... aside from renderman's wedding, i can't remember the last time i wore a tie or footwear other than my boots or sandals in the past year or so)

    However... one negative thing that working in small environments like that has done to me is made me woefully out of touch with a lot of enterprise hardware. At present, none of my major clients are using managed switches. One school, however, really should be.

    Today was the second time in as many months that their whole network was blown offline by some doofus kid pluging both ends of a CAT5 cable into a small network switch in some classroom... which results in a cascade effect and a panicked phone call to me, then I drag my ass all the way out there just to see one port in the switch rack going fucking bananas, etc etc etc.

    I've worked with a number of really nice enterprise and large-facility devices... but never selected one outright. Some of them that i've used have really sweet management features that go beyond simple traffic shaping and mirroring mode for an IDS on one port.

    Perhaps the coolest thing I have seen thus far was a series of switches that were managed through a web interface... there were actual graphics showing every port on the switch bank, color coded to reflect certain states like "not enabled" or "enabled and in use" or "enabled but no device connected" etc etc. I'd love something like that but I don't even know who made that gear (I was on a campus somewhere just hanging out with a friend, as opposed to on a job.)

    Does anyone have any thoughts here? What are your favorite devices with which to backbone a facility's network and why? I really just want to prevent one port from idiotically flooding the hell out of the system (and I would like to have the opportunity to mirror all traffic to a snort box or something perhaps) but most of all i don't wanna break the bank.
    "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
    - Trent Reznor

  • #2
    Re: Your Favorite Hardware Recommendation - Managed Switches

    I've seen generic tools that work with SNMP and RMON to aggregate data about devices on a network. About 6 years ago, I seem to recall seeing a demo of some Cisco software that worked with Cisco devices, and permitted detail views of hardware, and web-based service to the switch itself. (It was on the "Free swag" floor at an Expo of some sort.)

    Sorry, I don't know the name. Keyword searches for RMON and SNMP and network devices should give you a list of software.

    One of the more interesting (proprietary) systems I saw was one which put all specified ports on one VLAN with a specialized dhcp server. A newly connected machine would have all IP traffic redirected to a single web server, that required authentication. Once the user was authenticated, software on the web server would switch the port on the switch they were using to be on the "real" VLAN for Internet access. Combined with auto-learn single MAC (to prevent users from putting another switch on a port to "share" their authenticated port) and reset on disconnect so the next single MAC user could authenticate, the results made for a more stable network. People did try defeating the system, and there were some successes, but eventually, they got tired of the delays when their port was disabled, and they lost network access for other "fun" stuff.

    Methods to "defeat" the "one MAC per port" should be obvious to anyone that has done much, if any kind of networking. Heck, it can be defeated with common off the shelf stuff -- of course, such defeats can be detected. ]:>
    On the plus side, even if they do share their network, the primary risk they have with that is breaking their own network access.

    Comment


    • #3
      Re: Your Favorite Hardware Recommendation - Managed Switches

      I haven't used them personally, but I've been doing a bit of research on topology lately for setting up my new place with, and one of my friends in networking swears by the HP ProCurve line.
      " 'Yields falsehood when preceded by its quotation' yields falsehood when preceded by its quotation."
      - Willard Orman Van Quine

      Comment


      • #4
        Re: Your Favorite Hardware Recommendation - Managed Switches

        Cisco(big bucks, but you really have to try hard to go wrong)(also lots of used gear always available every where on the net)(not to mention books, books, and more books and doc's, big fan and reader of Cisco Press), HP, Nortel, Juniper(cheaper than Cisco and I have people swear by them), and Nokia are probably the players you want to look at for enterprise grade high density managed switches.

        xor

        Just a note, one bad think about Cisco is their web site. Very hard to find what you are looking for, plus they have like a million and a half part numbers.
        Last edited by xor; May 12, 2008, 16:18.
        Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

        Comment


        • #5
          Re: Your Favorite Hardware Recommendation - Managed Switches

          Originally posted by Deviant Ollam View Post
          Perhaps the coolest thing I have seen thus far was a series of switches that were managed through a web interface... there were actual graphics showing every port on the switch bank, color coded to reflect certain states like "not enabled" or "enabled and in use" or "enabled but no device connected" etc etc. I'd love something like that but I don't even know who made that gear (I was on a campus somewhere just hanging out with a friend, as opposed to on a job.)
          One of my clients has this type of managed switch. It's a Dell 3348, and while perhaps not as robust as some other devices out there, it has some nice features and an attractive price.

          It seems to be superceded by another model number, but if you look through the Dell switches you'll see similar items.
          Thorn
          "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

          Comment


          • #6
            Re: Your Favorite Hardware Recommendation - Managed Switches

            Originally posted by Thorn View Post
            One of my clients has this type of managed switch. It's a Dell 3348, and while perhaps not as robust as some other devices out there, it has some nice features and an attractive price.

            It seems to be superceded by another model number, but if you look through the Dell switches you'll see similar items.
            First forgot 3COM, Thorn the Dell switch maybe just a re-branded x(insert any of the brands mentioned above here) switch.

            D.O. if you are looking to purchase try and get a switch the supports both SNMPv3, as well as RMONv2 which will enable you get the most out of security/monitoring solutions.

            If you are new to SNMP or want to learn more O'Reilly Essential SNMP is ok. A lot of the examples use HP's Openview which mite be hard to come by as its very very expensive and a licensed product.

            However, there are many other OSS monitoring tools like Nagios, Zappix, and MTRG that do both Windows & NIX.

            I just got a client a 3COM 48 port managed switch new for like something between $300 - $400. Though admittedly 48 ports maybe a little much for most hacker labs. Though you could easily spend that on an new 8 port managed Cisco switch and not get any where near as many features as you did with the 3COM.

            xor
            Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

            Comment


            • #7
              Re: Your Favorite Hardware Recommendation - Managed Switches

              I have 3Com switches through out our network. One 48 +2, one 24 +2 and one baseline 16 Port. All of them have web management that show the status of the ports. The two bigger ones have pretty much any feature you're looking for in a managed switch. I think I paid around $1100 for the 48, around $700 for the 24 and around $350 for the 16.
              A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

              Comment


              • #8
                Re: Your Favorite Hardware Recommendation - Managed Switches

                There was one company I did not see mentioned yet Asus. Yes, this sounds weird, but Asus makes managed switches.

                We bought two of these for the lan parties at the university I am attending:

                http://usa.asus.com/products.aspx?l1...69&modelmenu=1

                The Asus GigaX 1024P, 24 ports 10/100 and 2 10/100/1000. They have a proprietary tool, which I have not taken the time to reverse engineer or see what it does on the network, but it allows you to see all of the switches you have in a network topology. It displays the port speeds, the amount of traffic, you can trunk them together, mirror them (so data goes on both ports, for IDS I am guessing), and it does traffic management. It also has some protection against ARP spoofing and does loop detection, so plugging in a cat 5 into the switch into itself is not going to cause the problems you saw (I know, from testing it :P).

                They are $100, and solid stable products. Their interface is like what you described though, except it is through a proprietary application that runs on Windows.

                Comment


                • #9
                  Re: Your Favorite Hardware Recommendation - Managed Switches

                  Here are a couple of articles on port mirroring/spanning vs using network taps:

                  http://www.lovemytool.com/blog/2007/...orts-or-t.html

                  http://findarticles.com/p/articles/m...0/ai_103448394

                  http://www.lovemytool.com/blog/2007/...ation-tap.html

                  http://www.lockergnome.com/it/2006/1...ports-vs-taps/

                  I have a 10/100 aggregation tap I carry around with me. It's very cool and invisible to the network. You could also do it with a hub if you can find one and or have one lying around. Of course the poor mans method is the crossover cable.

                  xor
                  Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

                  Comment


                  • #10
                    Re: Your Favorite Hardware Recommendation - Managed Switches

                    To be honest, I was always partial to Baynetworks/Nortel equipment for the longest time. Cisco is still king at most companies, but my Bay equipment was always easier to hop in and get stuff done without needing a cert to navigate the configs.
                    if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

                    Comment


                    • #11
                      Re: Your Favorite Hardware Recommendation - Managed Switches

                      Originally posted by converge View Post
                      To be honest, I was always partial to Baynetworks/Nortel equipment for the longest time. Cisco is still king at most companies, but my Bay equipment was always easier to hop in and get stuff done without needing a cert to navigate the configs.
                      Nortel is pushing their 40 Gig stuff(supposedly over existing backbone), I wonder if it's real or just hype. They also promise an upgrade path to 100 Gig. Usually when just one vendor has something wonderful that the others don't it's just hype.

                      Saw a Nortel commercial with that guy who resembles Budda. You know "Why make it hard when you can make it simple", guy; aka Budda. :-)

                      xor
                      Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

                      Comment

                      Working...
                      X