When the IT staff at the South Bayside System Authority wastewater treatment plant designed the organization's network, they didn't even consider using unmanaged switches, which simply pass data from one device to another and don't have the intelligence to prioritize traffic.
"You can't segment traffic with unmanaged switches, and we need to do that for our virtual LANs," says Robert Chapman, an IS analyst at South Bayside in Redwood City, Calif. The agency also required the quality of service (QoS) capabilities of managed switches to prioritize and segregate traffic for its Voice over IP system.
The use of managed switches at all types of organizations has exploded in the past several years as organizations require more complex functionality such as VLAN control, traffic segregation and increased security.
"Managed switches provide a way to control and manage the network in a granular fashion — something you just can't do with unmanaged switches," says Mike Spanbauer, principal analyst for enterprise and data center technology at market research company Current Analysis. "In most enterprises today, there's no excuse for not having managed switches. You just give up too much with unmanaged switches."
South Bayside's current network comprises a combination of Cisco Catalyst 3750 and 3560 series switches to manage network traffic. That may change over the next year as the organization begins integrating its Supervisory Control and Data Acquisition network, which monitors and controls the equipment at the wastewater treatment plant. The goal is to use the same devices for both networks while keeping the organizational and SCADA traffic separate.
Once the SCADA and production networks are integrated, the load will increase, as will the requirement for greater security and reliability. "We are an essential facility. Our SCADA system needs to be up and running consistently and reliably, and be available remotely," says IS Administrator Brent Brown.
"We'll be looking for something that focuses on modularity, reliability and future-proofing when we integrate the two networks — something like Cisco's Nexus," Brown says.
As the former director of information management at Fort Sam Houston, Jack Poland knew about the capabilities of managed switches when he joined the city of Griffin, Ga., as director of the information technology center in 2007. He also knew that the city's existing network, with its unmanaged switches, wouldn't take it where it planned to go over the next several years.
City officials had ambitious plans to implement a public-safety system for the police department, as well as a new financial system and wireless metering for the electric and public works department.
"With these major new systems coming on board, we needed to be able to monitor the performance of the network, quickly detect and fix any network problems, and prioritize network traffic. And we needed redundancy and the ability to provide alternate data paths for failover," Poland says. "The only way to do all of that was with managed switches."
Poland chose to implement a Brocade BR-6910 core switch with Brocade FastIron FSW624G-POE and FWS648G-POE fully managed switches. The network now contains about 37 managed switches, but may soon include many more, as Poland embarks on a project to bring the city's entire telecom network to multiprotocol label-switching.
Elbert Lawrence, chief of infrastructure services for the California Department of Corrections and Rehabilitation, manages a network that includes more than 3,000 HP ProCurve switches in models ranging from the 2600 series through the 5400 series. Those managed switches are the lifeblood of the massive network, which serves 36 adult and juvenile institutions, 61,000 employees and about 100,000 devices.
Many of those managed switches have been added in the past few years as the department undertook a project to automate and consolidate databases and records. As a result of that effort, about 40,000 correctional officers now use the network to do their jobs.
"We couldn't have done any of what we have accomplished without managed switches," Lawrence says. "With these switches, we can create multiple networks in the same building, we can segment data in a secure and intelligent way, and we can put QoS all the way to the desktop, if needed."
The department continues to move forward. Next up is a project that will enable the network to intelligently route multicast traffic. Lawrence says that will give the IT staff the ability to stream media to multiple users simultaneously while preserving network bandwidth.
While managed switches have come a long way, the trajectory will only increase over time. The next major evolution will probably come as manufacturers start to integrate the new OpenFlow network communications protocol with their devices, Current Analysis' Spanbauer says.
OpenFlow can manage, configure and direct traffic from a central controller across an Ethernet infrastructure. The jury is still out on how vendors will integrate the protocol, but Spanbauer says the technology promises to improve network management and simplify and reduce overhead.
Make the Most of Managed Switches
Fully managed switches offer abundant functionality, but it requires ingenuity to take advantage of all those capabilities. Here are some tips:
- Leave the programming to the pros. Small organizations without deep networking expertise should obtain help configuring the devices. Hiring an expert will save time and money and get it right the first time.
- Evaluate your network's requirements today and tomorrow. Before implementing managed switches, determine if the organization can support the cost. Unmanaged switches may suffice if the network needs are simple. But for prioritizing and segmenting traffic, managed switches are worth the cost.
- Understand all fully managed switches aren't interchangeable. Managed switches have different capabilities and features. To integrate routing and switching, for example, choose a managed switch that supports that function.
- Use the tools that come with the switches. All manufacturers include some type of central management software with their managed switches. This provides an automated way for network managers to configure and monitor devices, integrate with other systems, and create customized reports of assets, and operational and performance data.