I have seven network switches in my home: six unmanaged switches, and one managed switch. Why did I choose unmanaged in most areas, but a managed switch in my study?

I answer this question and more in this video, and I also dive into a hands-on demo of the Ubiquiti management dashboard (the UniFi web UI) because this helps to clearly show the benefits that a managed switch will bring.

I also wrap up with some important points about whether you should buy a managed or unmanaged switch.

If you prefer text over video, please read on for the guide/transcript version of this video.

Video Transcript And Guide

The TPLink switch and box that I ended up buying

Hey everyone, THIS is an unmanaged network switch – they are really convenient because you just plug them in and they just start working. I have SIX of these in my house in-fact – including two in this room [the study] alone. BUT when I recently “needed” to buy a SEVENTH switch, I went for a MANAGED switch. Now to be clear: not everyone needs a managed switch, especially because they are more expensive and they require more configuration to set them up. However there are still MANY awesome benefits that managed switches provide over unmanaged ones, as I show off in this video.

Switch Recap

A look at the ports section of the Ubiquiti UniFi management console

So a managed switch will give you access to a dashboard – one that you often access through your browser. This allows you to see LOADS of information about all your connected devices including how busy each device is on the network, what Ethernet speed they have negotiated with the port, any issues with the device, and a whole lot more. Equally you can disable or lock down specific ports (if you need that for a particular security reason), so for example you might leave one port open to guests but not allow it to “speak” to your other devices – and also limit the speeds that it runs at. You can also create VLANs which is a really powerful feature of managed switches, and I’ll show all these features off in more detail later in the video, but everything I’ve mentioned so far is a SOFTWARE difference between these two types of switches.

But there’s actually a physical, hardware difference too. When I first took my Ubiquiti managed switch out of the box, it simply dropped onto the floor really quickly – because I didn’t realize just how heavy it was. That thing is absolutely built like a brick. The package as a whole weighed 1.6 kilograms, whereas the switch by itself was 1.2 kilos – which is over 2.5 pounds My unmanaged TP-Link switch is more like 300 grams, which is just over two-thirds of a pound – so that’s a big difference. And that.

And that’s because unmanaged switches often have fairly basic hardware inside (as these useful pictures from ServeTheHome actually show), and they just blindly forward network packets on without really understanding what each packet is. However a MANAGED switch will have more powerful hardware inside allowing it to deliver the management features that I touched on earlier due to the bundled ASIC, an application-specific integrated circuit. This then allows the managed switch to better “understand” a bit more about what’s going on within the network, and this then allows you to track various stats, optimize ports or VLANS for specific applications like voice over IP phones – and a whole lot more.

Managed Switches are DIFFERENT to Routers

Three of my four Eero Pro 6 routers

Now at this point you might be thinking “well my router allows me to go onto a management app and do a bunch of stuff, so isn’t that ALSO a managed switch” and the answer is yes… and no. Helpful I know. Basically a router will:

  • Give you WiFi
  • Route internet traffic all around your home
  • Will Probably have some form of firewall to protect against malicious attacks.

This is known as a level 3 networking device. However a managed switch is USUALLY a level 2 device and it’s mainly designed to give you very fine grained control of which networks can “access” each port.

That’s essentially the difference between a router and managed switch – the router is quite a “public facing” part of your network and deals with internet traffic via its firewall, whereas a managed switch often sits behind your router and gives you that extra fine grained control of everything at the port level, something that a router can’t do.

Managed Switch UI Demo

UniFi web console homepage

So at this point I really wanted to show off what a managed switch console looks like, and run through all the features and since I have a Ubiquiti switch, THIS is the UniFi Web Console on a PC – although you can also download a simpler compassion app for your phone which is nice.

So this is the UniFi dashboard, and there’s a lot of data missing here just because this is designed to show all your Ubiquiti devices, including wireless access points, which I don’t have. I’ve only got the wired switch. As a result, I just got my two clients up here: my home app NAS, which has downloaded over 1 Terabyte for this particular time range, and then my study PC, which it’s saying is active right now because I’m actually using it. I’m not sure if it’s actively being used at the moment, but that’s why the study PC is actually flashing, or maybe that’s just because I’m actually connected to it.

If we look at the topology page, it’s a very simple diagram because I only have two connected devices. You can see the study PC there is flashing because this is the computer I’m using, and then I got my HomeLab NAS as well. It tells me how I’m connected on each of them and it gives me the uptime data and things like that. So my NAS has a 10 Gigabit networking card, so that’s 10 Gigabit Ethernet. My study PC then is 2.5 gig just because I’m using the motherboard one. I’m going to upgrade that at some point.

Then we come to the UniFi devices page. I only have one device, then it’s got two connected devices, and again it shows me all the data. I can go into there and I can see exactly what ports I have. I can see what devices are connected on each port and go into the port manager, and you get a lot of information here.

What you can do as well is go into a port, and then you’ve got lots of extra control because this is a managed switch. This one feature is something you would not be able to do on an unmanaged switch. So you can go into a port and you could say, “Right, that port is disabled completely,” so no one can actually plug into that Ethernet port. What you could also do instead is restrict it, and you can assign it a VLAN. I’ll discuss VLANs more in the future, but that’s one option you have.

UniFi port control

Or you can go into manual mode, and then you’ve got a bunch of other options too. So you can turn on port isolation. For example, if you’ve got a particular port that you’re allowing your guests to actually plug into, you might want to tick that, and then what that means is that particular device won’t be able to see or talk to any of the other devices on your home network. Again, that’s something you’re actually not going to have if you have an unmanaged switch. That’s the key difference I was mentioning earlier: on a managed switch, you’ve got this port-by-port control and you can do really fine-grained things.

You can also see a bunch of insights as well. If you switch over to there, you can actually – let’s go over to a month – you can see loads of data for every single day and things like that. You can actually look at it on a packet-by-packet level. If you have PoE, which I don’t, but if you did, then you’d see data for that as well. You can filter things by broadcast or multicast traffic. You see all the data per port as well.

But the next page I wanted to show is the admin section. So in that, again, you can have lots of users. You can actually set people up, you can allow remote access and things like that. You’ve got different roles so they can view data or change things and everything like that. And then you’ve actually got your logs, so you can see exactly what somebody’s done. So you can come along and you can see, “Oh, this person’s actually opened the mobile app,” because you also have a mobile app as I mentioned earlier with UniFi. You can see exactly what they’ve done. This person created VLANs and things like that.

The nice thing with the logging page as well is you can actually come along and look at exactly what each client has done. So maybe if one of your devices kept connecting at slower speeds, you could come in here and debug exactly why.

And then you come to the settings, and that’s where things get even more interesting, at least to me. So if you had an access point, you could come in here and you could have separate Wi-Fi networks and things like that, which obviously this isn’t an access point – my switch is just a switch, it doesn’t have any wireless functionality. But you can also do things like VPNs. You can configure all of them with different types and do everything you need to do and then have VPN clients connect.

VLANs FTW

Multiple VLANs on my managed switch

And then we come to VLANs, and this is what I was mentioning at the start of the video – the really powerful thing. Because if you imagine if you go into a house or an office and it’s got, you know, five internet connections coming in and five wireless routers, everyone can then use each router for a different purpose. For example, you might have your employees connect to one of those routers – this is kind of a bad example ’cause it’d probably be wired – but they could all connect to the first router and use that for their work. You might then have guests come in and use the second wireless router for that. You might then have your TVs and multimedia streaming over the third wireless router, and then you might have your Voice over IP phones connected over the fourth wireless router. And again, this is kind of a bad example because a lot of these devices are going to be wired, not over wireless, but my point remains that what I just described would be quite a cumbersome process.

So what we can do instead on a managed switch is have a virtual network, and effectively you create lots of different buckets or groups of networks – virtual networks, VLANs – and then you have network segmentation. So effectively on a port-by-port level, what you can actually do is say these ports use this VLAN and these other ports use this VLAN, and this page is how you actually set all that up.

So you’d come in here, you’d give your network a name, you’d give a VLAN ID which is quite important for the actual network switching process, and then you configure the switches as you would need. So you might come along and you can say, “Right, you know, this is going to be against that particular VLAN, and I want port isolation so these particular ports running on this VLAN can’t speak to other things on the network.” I’m not actually going to save that, but you could actually have that profile.

And then when you come down to the ports, yeah, just leave that. What I could say is Port 2 is only for that VLAN, and you can actually apply that. And then as I said, you’ve got that port-by-port control and you really optimize exactly what you now is doing. And that is the key benefit of managed switches versus unmanaged switches: effectively you’ve got all those ports and you can control things in a really fine-grained way because this is a Layer 2 managed switch.

Running Managed Switches In “Dumb” Mode

Plugging a few Ethernet cables into my managed Ubiquiti switch

Now that wraps up many of the extra features you get with a managed switch, but I wanted to cover a few important points before wrapping up. Firstly it’s worth knowing that you CAN run a managed switch in simple, unmanaged mode – which some people call “dumb mode”. When you first take your switch out the box and you plug in a few devices, it will just run as an unmanaged switch – by default. It’s not doing anything special. Yes some logs might get saved in the background, to access later, but in general you won’t get multiple VLANs or port-by-port control out the box – not without actually going into the management dashboard and setting this all up.

The reason I’m mentioning this is that if you are looking to invest in a network switch and you ‘kinda think that you MIGHT want some management features in the future, but it all looks a bit too confusing for now, you could always pay the extra for a managed switch but leave it in its default “dumb” state (just by plugging in the Ethernet cables and doing nothing more), until you have more time to explore all the added management features that you have.

Should You Buy A Managed Or Unmanaged Switch?

And that brings me onto the next question: should you ACTUALLY pay extra for a managed switch, or will an unmanaged device suit you just fine? Well it’s difficult to say for sure because prices vary all the time. Sometimes you can get a managed switch for a very similar price to an unmanaged switch – especially with TP-Link’s entry level Gigabit switches (like this one). In this case, I’d probably say “why not?”, and then buy the managed one because I have more future proofing options if I did want to play around with the extra features – or simply wanted to look at the logs to debug an issue.

But when I wanted to upgrade beyond Gigabit networking, there was often a fairly big price difference between the managed and unmanaged switches – which might make you think again. For me personally though, in the end I DID actually go for a managed switch (the Ubiquiti Flex XG) and I show HOW I set up the management features in THIS video, and I also discussed some of the challenges I faced with my network upgrade in this other video.