I'm thinking about buying a 24-port ZyXel GS1920-24 switch. See
http://www.zyxel.com/products_services/gs1920_series.shtml?t=p&tabOrder=2I'm also thinking about the Cisco SG300 switch range but these devices are going to be something like two or three times the price. Also I'm not sure if I would even be able to purchase config tech support for it from Cisco, nor do I have any idea how to go about obtaining it, also costs might be ludicrous for all I know, and without full tech support it might be a waste of money. I'm it certain what software is in this box, whether it's a variety of Cisco IOS or not.
Questions:
1. Does anyone have any experience of these devices? Are they any good?
2. Would any kitizens care to read the spec or even flick through the manual and comment on what they think, if you can spare me the time. What are your thoughts?
3. Which model of ZyXel switch should I buy? Is there a better one in the ZyXel range?
4. Would a competitor's box be able to provide stronger security features at a similar price?
5. Could anyone enlighten me about Cisco switch quality, and about purchasing rituals and costs?
Non-requirements:
1. Ultra-high performance is not a critical factor as I don't expect it to have a great number of devices using it flat-out, although obviously it
2. Don't care about stacking or crazy uplink ports
3. VLANs not import at the moment, although that could change
My requirements:
1. IPv6 support in all features
2. Security, security and security. At least. Need defence against evil devices inside the LAN, also alerting.
3. Excellent QoS including IPv6 - a future requirement, not going to happen at the present since my current WAPs don't do QoS anywhere near as well as I would like and currently they are the limiting factor. I'd really like to be able to (i) get performance improvements from QoS-tweaking if I can, (ii) to make thinks more useable when hogs are present, and (iii) further limit users on the Guest WLAN BSS. Regarding the latter, my firewall/router has already had some success in this respect, but I have ultimately failed because while rate-limiting of guests is being done sometimes, it only applies to internet IPv4 traffic in or outbound; it doesn't apply to IPv6, nor to non-IP nor to LAN-internal traffic, and in some circumstances I would prefer to use strict priorities rather than rate limiting.
4. Regarding (2) and (3), it has to provide excellent usability both in initial setup and during maintenance / config changes, as without this it is useless. The box simply _has to_ be configurable in a sensible way that humans can actually understand, and without making horrible mistakes. (In addition, unless I can find another source of info, it also has to have docs that actually tell you what to do rather than merely paraphrasing or describing the UI in complete sentences which are slightly longer than the phrase you see in the UI itself.)
5. Manageability, must be able to backup the config and restore it easily. Ideally would be able to edit the config with a text editor. In fact, the ultimate dream would be to have the config file in XML.
6. Low power, reasonably so, anyway, as I want to run it off a UPS and run time is already woefully inadequate now.
7. In relation to security features, where appropriate it would be very nice to be able to be alerted to evil going on as well as defending against it. But only as long as the alertingreporting mechanism is not itself a potential way of causing DoS by overloading network, or the switch's CPU or RAM or by DoS'ing some external server or service, so it would have to be both filterable and rate-limited to be safe.
I'm thinking about getting one of the models without PoE, as I think as the PoE models are probably way too expensive and I only have a couple of PoE devices. This is probably a short-sighted decision, but I can always change my mind later if circumstances change, and also kit might have become cheaper if that day comes anyway.