The LGS552P allows you to filter traffic based on MAC or IP address. The configuration is modular, requiring you to create an Access Control List (ACL), create Access Control Entries (ACE) to define the traffic to filter and finally bind the ACL to a port or LAG . A MAC-based ACL can filter traffic based on source and destination MAC addresses, VLAN ID, and 802.1p value. An IP based ACL can filter traffic based on protocol, source and destination IP addresses, source and destination layer 4 port, DSCP values, and IP Precedence values. Up to 256 ACLs and 256 ACEs can be created.
The LGS552P can control access to the network through MAC-based security where you define the number of permitted MAC addresses per port. The LGS552P can also provide authenticated network access control via an external RADIUS server using the 802.1X protocol.
Other security tools on the LGS552P include DHCP snooping which allows you to control which ports can have a DHCP server, IP Source Guard which helps prevent IP address spoofing, ARP inspection which helps prevent MAC address spoofing, and Storm Control which controls the rate of packets permitted to enter the switch on a specific port.
The LGS552P allows you to configure ingress and egress bandwidth controls per port, as well as select between basic and advanced QoS modes. Bandwidth controls define ingress rate limits and committed burst size, plus egress committed information rates and burst size. I set up the bandwidth control as shown below on port 2 of the LGS552P to set the egress rate limit to 10,000Kbps. With this bandwidth control in place, a throughput test using Totusoft's LAN Speed Test tool showed traffic going to a PC on port 2 maxed at about 8,500Kbps, validating the effectiveness of the bandwidth control.
Basic QoS is enabled by default on the LGS552P, which allows you to define CoS values by port, define whether to trust QoS values received on each port and then select between strict priority or weighted round robin queuing to manage traffic congestion. Mapping QoS values to queues is not configurable.
Advanced QoS on the LGS552P is a bit more complex. You start by creating ACLs to match specific traffic flows. You then create a Class Map where you select the ACL you created to match a traffic flow. A Policy Class Map than assigns a single or aggregate traffic policer to a Class Map. A traffic policer defines the ingress committed information rate (in kilobits per second) and ingress committed burst size (in bytes.) A Policy Class Map is then bound to one or more interfaces to apply the QoS configuration to the actual traffic.
NETGEAR's M4100 and Cisco's SG300 are similar managed switch families that also vary by ports and PoE capability. The NETGEAR and Cisco models that most closely compare to the Linksys LGS552P are the NETGEAR M4100-50G-PoE+ and the Cisco SG300-52P.
The chart below provides a basic comparison of these three switches. Note, the Linksys LGS552P is the only one with 10Gbps SFP ports. While all three switches carry "lifetime" warranty, each warranty has its unique limitations. So be sure to check before you buy. Price information is from Amazon.com.
|Feature||Linksys LGS552P||Cisco SG300-52P||NETGEAR M4100-50G-PoE+|
|Copper RJ45 Ports||50||48||40|
|PoE Max (Watts)||375||375||380|
|Switching Capacity (Gbps)||140||104||100|
|Forwarding Rate (Mpps)||104.16||77.38||74.4|
|Warranty||Limited lifetime warranty||Cisco Limited lifetime warranty||NETGEAR ProSAFE Lifetime Hardware Warranty|
Overall, I found the Linksys LGS552P easy to configure and stable. Some of the configuration options could be more efficient, but those are minor nits.
The bottom line, as you can see in the above table, is the LGS552P has higher switching capacity and forwarding rate and is slightly less expensive than the Cisco and NETGEAR. If you have the need and budget for lots of Gigabit Ethernet ports, generous PoE power and a little bit of Layer 3 features, the LGS552P is worth a look.