What is the difference between managed and unmanaged switch?

07 March 2018 Knowledge Base

We got used to the fact, that a switch is a device with RJ-45 jacks and/or fiber optic ports. These devices may differ by functions, so it may turn out, that you do not necessarily need a switch at all. The possible options here might be the following: media converter, firewall, concentrator, hub, router, etc.

Before choosing a switch, it is required to define the main needs and tasks that the device must deal with. In this article we will consider the main differences between managed and unmanaged switches, thus, helping you to make the final decision when choosing a switch.

Network switch is a device for combination of several network devices (or nodes) for data transmission, usually, in a single segment. This device operates on a data link (L2) or a network (L3) layer of an OSI model. We will discuss it later.

Switches differ by operation speed (data transmission rate): 10/100 Mbit, 1 Gb, 10 Gb or even 100 Gb. Many switches can support automatic rate detection. In the modern world, you do not need to decide what cable to choose: straight-through or crossover cable, that is why you can always use a straight-through cable for connection to any devices (MDI/MDIX function).

So, what is the difference between managed and unmanaged switches? It is in the stuff and functionality.

Let us have a closer look on features of every switch.

Unmanaged switch is a device, which is similar to a hub in function, i.e. capable of transmitting data packets from one port to the others. BUT! Unlike a hub, the switch transmits data directly to the receiver rather than to all devices, as it has a table of MAC-addresses that helps a switch to remember, which port a device is located on.

Unmanaged switch with optical fiber ports can work as an alternative media converter with limited amount of ports, e.g. when it is required to convert optical fiber and to transmit data packets to several ports/devices simultaneously.

It should be noted, that there is no web-interface in these switches as there is nothing to be set or configured in there.

The most well-known use case is combining computers, cameras, controllers and other ethernet devices into a single network.


Managed switch is a more complex device that can operate as an unmanaged switch but can be controlled manually, has multiple functions and supports network control protocols via network, thanks to a microprocessor (basically, a managed switch is a special purpose computer).

The device configuration can be accessed in a number of ways: by means of Telnet protocol or SSH protocol, WEB-interface or via SNMP; using a graphic menu, a text menu or a command line.

One of the major advantages of a managed switch is that it can segment a local network by means of VLAN. Thus, not only does it fill in MAC-tables, it also adds information about the belonging of a received frame to a definite network segment. As a result, we can avoid great broadcast traffic, configure the accessibility of devices for a particular subnetwork and increase security.

Another peculiarity of a managed switch is redundancy protocols that allow creating complex topologies. Ethernet standard supports only serial connection, however, by means of special ‘tricks’ with devices’ operation logics it is possible to arrange physical rings, semi-rings and Mesh type networks (mesh topology). Whereby, the logic connection will remain bussed.

Below is given an example (scheme) of solving several tasks at a time. Firstly, that is switches redundancy in the ring, i.e. there is a main ring - Turbo Ring with a few switches connected to it through Turbo Chain with basic ring topology remaining unchanged.

Secondly, it is possible to connect a switch to various devices for combination in a single network, and, as an example, segmenting by VLAN. Thirdly, that is increased security from unauthorized connection, as there are Access Control Lists (ACL) by MAC-address applied. So, the device A, which is not included in the list, shall not have access to the SCADA server. Apart from Access Control Lists (ACL), a RADIUS server with MAB function (MAC Authentication Bypass) can also be used for this task.


Another type of devices becomes popular these days – a smart-switch. It is sometimes also called a semi-managed or a configurable switch.

This is, basically, an unmanaged switch that supports main protocols of managed switches, such as STP, RSTP, VLAN, etc. Thanks to this feature, a switch can, for example, become an ideal solution for CAPCS engineers that require unmanaged switch detected by the SCADA system.

There is a notion of “switch layer”. It is based on OSI (open system interconnection) network model. It is a conceptual model of communication. There are seven layers of communication. Let us consider only L2 and L3 that we are interested now.

L2 – Data link layer. This layer works with frames. The switches of this layer identify and transmit data through MAC-addresses, i.e. here we do not encounter the IP-addresses yet. LS switches are divided into managed and unmanaged. In our article these switches were mainly described.

L3 – Network layer. The switches already understand IP-addresses of devices, determine the ways to deliver data and the shortest routes (routing) using protocols, e.g. RIP v.1 and v.2, OSPF etc. L3 switches can be managed only.

Fast Product Request