POE Switches

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

T_Minus

Build. Break. Fix. Repeat
Feb 15, 2015
7,625
2,043
113
That piHAT is awesome, going to keep that saved for future "DIY" security options :)
 
  • Like
Reactions: Monoman

PigLover

Moderator
Jan 26, 2011
3,184
1,545
113
...

Basically want to monitor the complete border around the house as well as the 2-3 possible entrance points onto the property.

Originally got the big switch to run lines to them all and centrally manage it... now thinking running 1k+ of Cat5e snaked underground isn't the best idea, and I should focus on more homerunning to central locations, and then connecting POE cameras for a short 5-20' run.

Thoughts, suggestions?
One thing to plan for just a bit: how to secure the cable plant itself.

With everything home-run to a single POE switch you can do a lot of things to prevent someone from disconnecting the RJ-45 from one of your cameras and monitoring and/or injecting traffic onto your network. You can MAC screen the connection, you can kill the port on disconnect, etc. But as soon as you start distributing small (not very) smart switches around your property you create a number of additional intrusion points that are much harder to protect - e.g., MAC screening is a PITA when there are multiple MACs expected behind one port. And the little switches like the GS110TP don't do much to help you.

You probably also need to make sure you have camera view of the switch housings - just in case. For much the same reason you have (or you should have) camera view of your electric meter, main breaker box and wherever your internet service enters the house.

Paranoia is a gift to a network designer.

Not that you'd be subject to a sophisticated intrusion - or perhaps you would - you rural guys are sketchy sorts :)
 
  • Like
Reactions: maze and T_Minus

T_Minus

Build. Break. Fix. Repeat
Feb 15, 2015
7,625
2,043
113
One thing to plan for just a bit: how to secure the cable plant itself.

With everything home-run to a single POE switch you can do a lot of things to prevent someone from disconnecting the RJ-45 from one of your cameras and monitoring and/or injecting traffic onto your network. You can MAC screen the connection, you can kill the port on disconnect, etc. But as soon as you start distributing small (not very) smart switches around your property you create a number of additional intrusion points that are much harder to protect - e.g., MAC screening is a PITA when there are multiple MACs expected behind one port. And the little switches like the GS110TP don't do much to help you.

You probably also need to make sure you have camera view of the switch housings - just in case. For much the same reason you have (or you should have) camera view of your electric meter, main breaker box and wherever your internet service enters the house.

Paranoia is a gift to a network designer.

Not that you'd be subject to a sophisticated intrusion - or perhaps you would - you rural guys are sketchy sorts :)

I like the idea of killing port on disconnect, that sounds doable. But you're right, def. one of my concerns, and yeah, one of the cameras I've had setup for a while is pointing back at the house where electrical/water/gas/internet comes in :) got another on that wall facing away too.

This network will be separate than the 'home' network, directly connected to the camera VM, but that still does leave it open for connections... hopefully less of a concern :)

Honestly, I think I'll have more to worry about in regards to someone driving off with my chain saw, trailer, atv, etc... than connecting something to my RJ-45 and knowing wtf to do with it :) LOL!!

The other problem with POE switches around property = power... if power is out = no cameras, and this is a huge issue/concern. We only power what we need during outages so adding 5 circuits to a transferswitch for cameras alone isn't happening.

Leaning more toward the run home and the big switch, and using the Netgear smaller ones in my office and home where power IS, and just save running a handful of cables, but still run them for the rest.
 

amalurk

Active Member
Dec 16, 2016
311
116
43
102
Adding power at multiple remote locations sounds like a real pain and more to go wrong in future. Seems like it would be better to centralize in house with a UPS. What are using for conduit for the lines running in the ground?
 

Jon Massey

Active Member
Nov 11, 2015
339
82
28
37
MAC screening is a PITA when there are multiple MACs expected behind one port. And the little switches like the GS110TP don't do much to help you.
Indeed, but it's not that hard to add a bunch of MACs to the ACL. If you're getting into the many tens of devices and they change fairly regularly then yeah I can see it being a pain. Good ol 802.1x is always an option, too.
 

whitey

Moderator
Jun 30, 2014
2,766
868
113
41
I know we all have storage related ebay searches... but what about POE switches? I know a lot of us here like to stick to one manufacturer or models, so maybe this is easier if we all 'combine' into this thread?

I'm looking for 4-8 POE port POE switch for cameras in another office/building/room, ideally it would also have 1x SFP Gigabit.

I was looking at: NetGear GS110TP-200NAS because I have a couple of them and they work, but for $120 it seems like I could be getting MORE bang for my buck, especially used.


What are your " GO TO " small POE switches? Make/Model and expected/deal price?

NETGEAR ProSAFE 8-Port PoE Gigabit Smart Managed Switch with 2 Gigabit SFP Ports 53w (GS110TP-200NAS) - Lifetime Warranty-Newegg.com
$10 rebate card, not best deal but direction I'm going.
My HP procurve 2520-G-8 or HP procurve 2530-8G-POE+ have never let me down for a small POE switch that typically run $100-200 depending on how hard you hunt for a deal.
 
Last edited:
  • Like
Reactions: T_Minus

pc_doom

Member
Nov 2, 2016
50
17
8
29
UBNT switches, I've invested into their infra so I'd go with them. I have the US-8-60w, it's an 8 port (4 of poe) for $112. If you need SFP, the US-8-150w which is 8 POE ports with 2 SFP.

Or the cisco SG300 line, we use them at work.
I also run UBNT switch in my home network, but it's ES-16-XG, with 12 SFP+ ports. I got compatible UBNT SFP+s from fiberstore, all works well.
 

Cheddoleum

Member
Feb 19, 2014
103
23
18
I've been using a zyxel gs1900-8hp for a year or so with the intent of driving a couple of cameras, right now it's just powering a ceiling mount access point. They can be found retail for as little as $90 from time to time. Fully managed, 70w budget, all ports powered, fanless, external PS -- thankfully inline and not a wall wart. It's my root switch (i.e. the one directly connected to the router and other key infrastructure like file servers) and has been completely stable. But I don't use very many managed features besides LAG, port-based VLAN and turning individual ports on/off as a security measure for devices that only need to be visible on the lan for maintenance purposes. No complaints at all.