Looking for an industrial PoE switch? This article offers are some guidelines that help end users choose one that suits their demand.
For end user entities or projects in harsh environments, chances are
industrial PoE switches are needed. The following are some guidelines that help end users choose one that suits their demand.
What projects are industrial PoE switches suitable for?
Projects in harsh environments can benefit from industrial PoE switches, which are operable in a broad temperature range, have power redundancy features and are often placed in hardened enclosures. This makes them fundamentally different from commercial-grade PoE switches typically used in indoor, conditioned environments.
“Dirt, dust, vibration, shocks, electrical noise, blistering heat and freezing cold are the parameters that push the use of industrial switches. Business IT switches may have a lifecycle of only 1.5 to 3 years; industrial Ethernet switches may be kept working for 10 years or more,” said Vinayak Sane, COO of Elmark Engineers.
“The commercial Ethernet switches are preferred in a neat closet with controlled temperature and where latency/measurable lag is tolerated; usually they are most suitable for normal business/IT environment,” said Dhananjay Birwadkar, Director of Homeland Security and Smart City at MitKat Advisory Services. “The industrial Ethernet switches are the preferred choice in severe industrial environments with dust, vibration, shock, electrical noise and extreme operating (+/-) temperature and where reliability, bandwidth availability, switch security, switch manageability and network redundancy are critical.”
“We mostly use commercial ones for small- and medium-scale projects like less than 500 cameras/devices. For above 1,000 cameras/devices we will go for industrial grade L3 managed switches that have more features like power redundancy, spanning tree, ring topology, replace card by modularized design, design for harsh environments and more durable components,” said Sakchai Somsuk, CTO of T-Solutions.
That said, industrial PoE switches are suitable for certain vertical markets where harsh conditions are more common. “Among vertical markets where industrial PoE switches can be of use are transportation, oil and gas, and city surveillance. Connectivity is very important in these projects and hence Industrial grade required,” said M. R. Krishnan, Executive Director of Adtech Systems.
“My personal experience for one of projects done for Indian Railways – that was the provision of Wi-Fi Internet in Rajdhani Express in the year 2012-13, where for within the coach and coach-to-coach wiring, industrial PoE switches were used, so that it can sustain the vibration and other mechanical disturbances during its journey,” said Sanjay Kumar, Chairman of Railway Recruitment Board at Indian Railways. “There are other examples of industrial grade PoE switches, like train traffic control office application management, where the critical train operations are being managed. Even for all metro rail coaches/compartment indoor equipment’s such as surveillance camera, VOIP phones and other IP devices, on-board vehicle control and monitoring system are connected with industrial PoE switches.”
How to select the industrial PoE switch that fits your need?
Right now, there are different PoE standards that specify maximum power supplied from each port. These include PoE, supplying 15.4W; PoE+, 30W; and PoE++ Type 3 and 4, supplying 60W and 90W, respectively. The right industrial PoE switch, then, should be selected with the total system and power budget requirement in mind.
“You need to match the power required by all the devices. For example, if you plan to attach several IP cameras to the network, you can probably use one that supports 15.4 watts on each channel. It is essential to make sure that the switch’s power budget supports the power on all the ports. If you need to provide power for one of the new IP face recognition and temperature measuring panels, then you select one that can provide 40 watts to the device. The switch is determined by the application and device requirements,” said Bob Mesnik, President of Kintronics.
“Prior to buying any PoE switches, we do a thorough study and calculation around the edge devices that will be connected to each switch. We create a table per switch, showing the devices’ power consumption and type of PoE,” said Ahmad Zoua, Senior Project Manager at Guidepost Solutions. “Many focus on the type of PoE and forget about the power supply that will support the PoE consumption per edge device. For example, one client reported that some cameras are offline, although these cameras were tested before. Our due diligence revealed that the switch power supply was not sufficient enough to support the connected POE edge devices.”
James Hsiung, Application Engineer at Antaira Technologies, meanwhile offers other additional tips for selecting the industrial PoE switch including:
- Determine the network traffic types. For example, if data transmission is based on unicast traffic, the user should consider the deployment of unmanaged industrial-grade PoE switches. However, if data transmission is based on a mix of unicast, multicasts, and broadcast traffic, then deployment of managed industrial-grade PoE switches should be considered.
- Determine the network bandwidth needs. First, the user should estimate the network bandwidth required for each end device. Then, they should figure out the total network bandwidth needs for each industrial-grade PoE switch.
Why are PoE switches needed in video surveillance?
PoE switches matter in video surveillance, providing both Internet connection and power to the IP camera, which is more and more PoE-based. This has various advantages, especially when cameras are located in places where running both Ethernet and power cables is difficult.
“The primary benefit of deploying PoE switches is to make installation easier and save labor costs. Since the delivery of power and data over a single Cat5e/Cat6 cable can be simply achieved, there is no need to hire a qualified electrician in order for installing electrical outlets for IP cameras,” Hsiung said.
“Video surveillance is mostly IP-based, and one of the system challenges is having the right infrastructure to support all cameras, especially in parking lots and airports, which can become a costly proposition. Using a managed industrial-grade PoE switch is the solution. Some airport security and IT teams already adopted these recommendations, and they do not allow the use of converters but rather industrial switches as part of their IT standards,” Zoua said.
For video surveillance, do you need PoE switches with 60W ports?
The answer really depends on the user’s own scenario and the cameras they use. Yet PoE++ switches that provide 60W from each port may be preferred due to certain reasons. First, these switches allow more flexibility and can support a broader range of cameras.
“The PoE switch is selected based on the type of IP camera. Most fixed IP cameras only require less than 15.4 watts. PTZ cameras usually require more power, so you may need to use a 60-watt PoE. There’s no need to spend more money than what is required by the cameras,” Mesnik said.
“With cameras getting more intelligent, with night vision capability, PTZ functionality and additional I/O points, it is important to have more power from each port,” Krishnan said.
“For video surveillance cameras support a growing number of functions to fulfil customer requirements while performing in harsh environments, industrial PoE switches with 60 watts per port can be deployed to resolve the problems of power of PTZ surveillance cameras in order to patrol large outdoor area during periods of low light. Therefore, for video surveillance systems mainly for outdoor large areas with a lot of activities taking place, it is important to have industrial PoE switches that are capable of supplying 60 watts per port,” Kumar said.
“PoE consumption depends on the devices that are connected; some still use 15.4W or 30W,” Somsuk said. “The PoE switch should be capable of supplying 60W or 95W in some ports.”
Furthermore, as video surveillance becomes more integrated with other security and non-security systems, switches with 60W ports can support other devices that the cameras are integrated with. “It is better due to the PoE switch’s growing importance as a method for delivering power, not only to security devices but also to other devices as well, in the world of Internet of Things. More and more, streets lights, room lights, and other building automation systems are all connected on the Internet to enable better control and management,” Sane said.
Finally, from a forward-looking and futureproof perspective, 60W-port switches are ideal. “In current mainstream market, video surveillance is rarely required to use 60 watts, but for sure there are devices such as advanced PTZ, laser cameras, and more that will become more popular in the coming years,” said Molly Chu, Product Marketing Engineer at EtherWAN Systems.
What are some cybersecurity best practices for using industrial PoE switches?
To
prevent hacking or intrusion against the industrial PoE switch, the SI or end user should configure it at both the network level and at the device level. “Network-level authentication entails VPN and firewalls to deny unauthorized access to the network, VLAN to segregate and secure network traffic, SNMPv3 authentication and 56-bit encryption. Switch-level security measures include user access authentication, IEEE 802.1X for port-based access, and HTTPS, SSH, SNMPv3 for data encryption. Role-based account management is also an important security measure include multilevel user passwords, SSH/SSL (128-bit encryption),” Birwadkar said.
According to Zoua, both the physical and cyber security of the industrial PoE switch need to be addressed. “We recommend having the switch installed in a lockable enclosure and have a camera that monitors the switch enclosure to report incidents and record events,” he said. “All switches should be managed but also support layer 2 and 3 security configuration best practices to mitigate cyber concerns.”
Below are some examples of Layer 2 security best practices that Zoua mentions:
• Disable DTP on all non-trunking access ports.
• Deploy the Port Security feature to prevent unauthorized access from switching ports.
• Use the Private VLAN feature where applicable to segregate network traffic at Layer 2.
• Disable CDP where possible.
• Prevent denial-of-service attacks and other exploitation by disabling unused services and protocols.
• Shut down or disable all unused ports on the switch, and put them in a VLAN that is not used for normal operations.
• Use port security mechanisms to provide protection against a MAC flooding attack.
• Use port-level security features such as DHCP Snooping, IP Source Guard, and ARP security where applicable.