How do I choose a PoE switch for residential video security?

J39028

n3wb
Joined
May 9, 2019
Messages
5
Reaction score
0
Location
US
This is for residential home
6 cameras
8MP/4K resolution
I don't have a rack

I looked at the Google sheet, and considering Amcrest, D-Link, HP, Mikrotik, Netgear, TP-Link, Ubiquiti.
Ubiquiti seems to be the narrowed down choice because I don't have a rack.
Not sure edgeswitch (es-8-150w) versus unifi switch (us-8-150w)?
I don't have Ubiquiti cameras, but might in the far future. Don't want to be stuck in an ecosystem, unless its awesome.
Strongly considering BlueIris softare.
This is leading me to the Ubiquiti EdgeSwitch.
But I also don't want to overspend on stuff I don't need. $200 seems like a lot of money for an 8 port switch.

Thanks in advance.
 

Dramus

Getting the hang of it
Joined
May 7, 2019
Messages
148
Reaction score
90
Location
New Jersey
This might do ya: NetGear GS108LP. Eight PoE ports. Up to 30W/port. 60W total PoE budget. $99 on Amazon. $110 on Newegg.

People have reported varying degrees of success/satisfaction with NetGear kit. I've experienced good results with their ProSafe stuff at home, and did when I used it at work. The product above looks like it gets high marks on the two sites. YMMV.

Ubiquiti... I've a love/hate relationship with Ubiquiti. Other than my Internet border router, an ERLite, I'm tending to shy away from them.
 

Jose R.

Getting the hang of it
Joined
Mar 14, 2019
Messages
104
Reaction score
78
Location
Miami, FL

Ajax

n3wb
Joined
Aug 6, 2018
Messages
3
Reaction score
0
Location
USA
Been looking at the Netgear GS108PP (~$130) and the Ubiquiti ES-8-150W (~$193). A couple BVTech ones caught my eye too, but I know nothing about the brand reputability (above post isn't reassuring).

Unless I'm looking in the wrong places, there doesn't seem to be much in the way of reasonably priced POE+ switches. Understandable I suppose given that most consumers just want WiFi cloud-based devices.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
31,673
Reaction score
10,618
Been looking at the Netgear GS108PP (~$130) and the Ubiquiti ES-8-150W (~$193). A couple BVTech ones caught my eye too, but I know nothing about the brand reputability (above post isn't reassuring).

Unless I'm looking in the wrong places, there doesn't seem to be much in the way of reasonably priced POE+ switches. Understandable I suppose given that most consumers just want WiFi cloud-based devices.
It all depends on what you mean by reasonably priced. There are 8 port poe+ switches for 70 bux unmanaged or 100 managed. Nothing unreasonable about that.
 

Ajax

n3wb
Joined
Aug 6, 2018
Messages
3
Reaction score
0
Location
USA
It all depends on what you mean by reasonably priced. There are 8 port poe+ switches for 70 bux unmanaged or 100 managed. Nothing unreasonable about that.
I know I used to be able to get Netgear 8-port gigabit switches new for $20. So yeah, it seems obscene by comparison.
 

J39028

n3wb
Joined
May 9, 2019
Messages
5
Reaction score
0
Location
US
For a home network, is there an advantage to a "managed" switch to consider?
 

J39028

n3wb
Joined
May 9, 2019
Messages
5
Reaction score
0
Location
US
Here's another showing up in my search: D-Link DGS-1010MP for about $130.
PoE (doesn't advertise PoE+, not sure if that's important)
1 Gigabit
8 ports @ 30w (but 125w total)
Fanless (so it doesn't suck up junk)
Unmanaged (don't know what this really means for a home owner)
Don't know if it is passive/active (don't really know what that means either).
 

Dramus

Getting the hang of it
Joined
May 7, 2019
Messages
148
Reaction score
90
Location
New Jersey
For a home network, is there an advantage to a "managed" switch to consider?
Not from any kind of network performance or reliability standpoint, there's not. There is a potential network security benefit.

The two things a managed switch can give you is:
  • You can access the switch's management and status from elsewhere on your network (or even off-site [properly-configured VPN for that strongly recommended]). With that you can see what's connected, with what connection parameters, what's using what bandwidth, etc. (N.B.: Depending upon products management interface.)
  • You can implement VLANs (Virtual LANs). With properly set up VLANs you can "logically" isolate different devices on you LAN from one another. This is the security advantage.
For the purpose of this discussion: VLANs are the next best thing to a purely separate physical LAN for an IP-based surveillance system. (Or any other IoT devices.)

However, VLANs are a fairly advanced networking technique. By no means a "plug and play" thing.
 
Last edited:

J39028

n3wb
Joined
May 9, 2019
Messages
5
Reaction score
0
Location
US
For my SOHO:
I have a cable modem gateway to the Internet.
Connected to WiFi router (Netgear R7000).
Want to connect a separate dedicated IP camera PoE via separate network switch.

I presume these are all on different LAN's/subnets, and "isolated".

Something I haven't thought about is what is controlling the security to the IP camera switch/LAN. So if someone does have access to my LAN, I can prevent access to the camera network switch.
 

Jose R.

Getting the hang of it
Joined
Mar 14, 2019
Messages
104
Reaction score
78
Location
Miami, FL
The typical goal on this forum is to isolate the camera network from accessing the internet so the cameras can't do anything nefarious. That's done either buy using a second network card on your PC (physically different network) and denying that network any internet access (blank gateway) or using a VLAN on a managed switch which is more complicated professional IT guy type stuff. I did the former.

Now you're asking about someone physically on your LAN not having access to the camera network? That's less common but I think if your camera network is physically separated or done thru VLAN, it works the same. They won't be able to access that network unless they can actually plug into an actual switch on the camera network which you can hide away. An easier idea is to just remove a camera outside and plug into that. I don't think anyone here is really worried about that one. The real threat is from the internet.
 

Dramus

Getting the hang of it
Joined
May 7, 2019
Messages
148
Reaction score
90
Location
New Jersey
The typical goal on this forum is to isolate the camera network from accessing the internet so the cameras can't do anything nefarious. That's done either buy using a second network card on your PC (physically different network) and denying that network any internet access (blank gateway) or using a VLAN on a managed switch which is more complicated professional IT guy type stuff.
Or by assigning the cameras static IP addresses and blocking them on the LAN side of your Internet router. This is less secure than a VLAN or physically separate LAN, but probably sufficient. This is the method I currently use. (Until I upgrade my main switch. Then I'll employ the VLAN approach.)

Now you're asking about someone physically on your LAN not having access to the camera network? ... I don't think anyone here is really worried about that one. The real threat is from the internet.
In a residential installation, anyway. In a business/corporate installation: Insider threats are greater.
 

J39028

n3wb
Joined
May 9, 2019
Messages
5
Reaction score
0
Location
US
So somebody can't just walk up to my outdoor camera, plug into the camera network, and have access to all my cameras?
 

Dramus

Getting the hang of it
Joined
May 7, 2019
Messages
148
Reaction score
90
Location
New Jersey
So somebody can't just walk up to my outdoor camera, plug into the camera network, and have access to all my cameras?
Is the camera going to be so easily accessed, and the cabling so exposed, as to make that a viable threat? If so: IMO you're doing it wrong.
 

Lucas05

n3wb
Joined
May 23, 2019
Messages
2
Reaction score
1
Location
USA
Another option for POE switches is to use second hand rackmount POE switches. Old CISCO units can work just fine for home use and are available cheap on ebay or via classified ads all the time.

I found one that supports POE and allows me to run all my cams on a VLAN. My unit (like many of the older ones you'll see) only has 10/100 Mbit/s ratings for the individual ports, but unless you're running high megapixel cameras or demand 30+ frames per second, that's unlikely to be an issue. Play with one of the IP camera bandwidth calculators (chosen at random: Network IP Security Camera System Bandwidth Calculator ) to get an idea of how much bandwidth your individual devices actually require.

Even the older units will often have higher capacity "uplink" ports. For example, my switch is a 24 port unit that only has 10/100Mbit POE ports for the individual devices to connect to, but it has a pair of non-poe gigabit ports provided for connecting the switch to the rest of my network, so the fact that the aggregated amount of the data streams is bigger than the capacity of any specific device's port isn't an issue.
 

Ajax

n3wb
Joined
Aug 6, 2018
Messages
3
Reaction score
0
Location
USA
Went ahead with a Ubiquiti ES-8-150W and I'm pretty happy with it. For an additional $60 (vs Netgear GS108PP), the security of isolating cams on their own VLAN was too enticing. Also nice to have an interface for network diagnostics/troubleshooting.
 

MTL4

n3wb
Joined
Mar 8, 2019
Messages
5
Reaction score
1
Location
Canada
Smart move on the Edgeswitch, you’ll be alot happier with that setup, definitely rock solid and lots of ability to upgrade if you want to grow the network.
 
Top