NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

geof1's avatar
geof1
Tutor
Feb 20, 2020
Status:
New Idea

Management VLAN

Not having a way to clearly understand what VLAN the device is communicating on is a terrible security flaw... essentially then anyone on the untrusted VLAN simply has to guess one password and then is able to completely reroute any traffic by retagging ports and changing membership.

 

In addition, the device appears to be sending out DHCP requests on all VLANs, so it is receiving IPs from random VLANs as well, so impossible to manage from the trusted network.

 

As an aside, I also have Smart Managed Pro switch, much more expensive and many more features.  This is the ONLY feature that needs to be added to make this is a "basic" managed switch.  (Keep in mind this is a 10gbe product as well).

 

Without this, however, there is a clear security issue since the only thing protecting the network is a single password.  

Smart Managed Plus Switch

2 Comments

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Feb 20, 2020

    geof1,

     

    What is the specific NETGEAR device model are you referring to? 

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

  • geof1's avatar
    geof1
    Tutor
    Feb 20, 2020

    Sorry, I thought I had specified in the title area.  GS110EMX