NETGEAR 16-Port Gigabit Smart Managed Plus Click Switch, ProSAFE Lifetime Protection (GSS116E)

September 02, 2019 No Comments

NETGEAR 16-Port Gigabit Smart Managed Plus Click Switch, ProSAFE Lifetime Protection (GSS116E)

NETGEAR 16-Port Gigabit Smart Managed Plus Click Switch, ProSAFE Lifetime Protection (GSS116E)

PROS:
- true 802.1q VLAN tagging support, at a very low price

- excellent wire-speed performance, tested @ 950+Mb/s in iperf on 6 ports at once, so long as Flow Control is disabled (see below). The main chip is a Broadcom BCM53128, which seems slightly faster and more efficient than the Realtek RTL8380 used on competing switches from TP-Link and Zyxel.

- very low power use, approx. 1W - 3W dependent on ports in use (~ 0.25W DC / 0.45W AC base plus 0.3W per connected 1000M port, or 0.2W per 100M port). Traffic levels seem not to affect this much, though cable length might, since it tries to use lower transmit power on short cables. The switch-matrix core runs on 1.2V, with 3.3V for I/O, both provided by efficient switchmode buck regulators (unlike some switches that use a hot-running, linear step-down from 3.3V to 1.2 or 1.8V, at < 50% efficiency).

- silent operation, with no fan or coil whine. Despite the lack of a fan, mine never even gets noticeably warm. There is a reasonably sized heatsink on the main chip, and a thermal pad under the PCB, allowing the case bottom to serve as an additional heatsink.

- good build quality. Just one electrolytic capacitor, which is a Nichicon (reputable Japanese brand) 220uF on the power input, over-rated at 25V when operating at 12V. Main switch chip is a Broadcom BCM53128. Case is solid metal, compromised slightly by a stick-on platic piece around the ports for labeling, which another reviewer complained about.

- happily runs on the variable 12V battery bus (10.5-14.4V) from an offgrid DC power system

- starts up quickly, from cold-powerdown to forwarding traffic in about 8 seconds, far faster than any "true" managed switch (Catalyst, Juniper, Procurve etc.)

CONS:
- management interface, whether via web or Windows app is limited and cumbersome, especially when configuring VLANs, though is most cases this is only a one-time annoyance, set-and-forget

- typical of switches in this class, there's no CLI management, nor SNMP, so tracking port activity with MRTG, etc. is not possible. Omitting these probably does reduce both cost and power use, though.

- The management controller, integrated within the BCM53128 is a weak CPU derived from the 1980s-vintage, 8-bit Intel 8051, which is easily overloaded. This explains the lack of HTTPS SSL support, occasional dropped HTTP requests, etc. It's actually impressive they managed to squeeze an IP stack and web interface onto such a small CPU at all.

- This limited 8051 service processor would only affect management functionality (it isn't part of the main switch-fabric data path at all), except for a dumb decision on Netgear's part to configure the switch registers to send a copy of *all* HTTP (tcp port 80) traffic, originating from any port, to this tiny management CPU.

This has the effect of badly crippling the layer-2 Flow-Control feature, causing any and all HTTP traffic flowing through the switch to be bottlenecked to about 10Mb/s whenever Flow Control is switched on. The reason is that flow-control rate limiting kicks in whenver any port receiving the traffic gets overloaded, the weak management CPU effectively connects to a internal 9th, on-chip port that seems to run at only 10Mb/s, AND all web traffic from anywhere to anywhere (even when bearing an 802.1q VLAN tag!) gets uncontrollably copied to the phantom port-9.

This wouldn't be so bad if the web interface could be moved to a less important port than tcp/80, set to listen to requests only from one specific switch port, or disabled entirely (until next power-cycle, say, or even semi-permanently until a factory reset), but none of these options are provided.

Netgear does seem to ship these switches with Flow Control turned OFF by default, masking the performance problem, and in many cases Flow Control is undesirable anyway, but it can be useful in cases where a node on your network can't keep up with full Gigabit rates, but can do better than 100M. Many low-power single board computers fall into this category and can benefit from FC.

The management controller can also be a big security hole, since it doesn't respect VLAN boundaries at all, and copies of its transmissions get relayed to ALL ports, in-the-clear and untagged, regardless of VLAN membership status. The switch effectively reverts to just a dumb hub whenever the hidden Port 9 is involved.

HARDWARE MOD:

If you don't mind voiding your warranty with a small bit of soldering, it's thankfully possible to disable this ill-behaved web interface and completely disconnect the BCM53128's 8051 management controller from its switch fabric, eliminating its security exposure and letting Flow Control work as intended, with no more weird slowdowns affecting port 80 . Here are the steps:

1. First Get everything configured as you like in the web interface, setting up and testing all VLANs, etc. Reboot the switch and verify it comes up in the desired configuration.

2. Open the cover and find tiny surface-mount resistor R75, between the main chip and the ports, near the crystal oscillator. Desolder this resistor. See my first photo, where it's already been removed, leaving bare pads.

R75, which I measured at 4.4k in-circuit, pulls BCM53128 pin 43, "EN_8051_TxRx" high, to 3.3V. It CAN just be left floating if you don't mind losing the web (and Windows-config-tool) interface permanently after initial setup.

3. If you want to be able to toggle the web interface off and on, solder a very fine-gauge wire to the removed R75 resistor's pad nearest the main chip, and another such wire to a 3.3V power pin anywhere on the board-- you could use the other side of R75, but it's easier to grab this voltage from a less closely-spaced area. I chose to use the power pin (pin 8) of U5, the 8pin serial EEPROM at upper-right.

4. drill a hole on the back panel somewhere to mount a small toggle switch. Solder one of its terminals to the R75 pin (BCM531128 pin43, EN_8051_TxRx signal) through a 3.3k-ohm resistor. Solder the other toggle switch terminal to any convenient 3.3V pin, through a 1k-ohm resistor (optional - these two resistors in series approximate the original 4.4k-ohm pullup, but anything in the ballmark should work)

Note that EN_8051_TxRx is only latched during reset, so after flipping the switch you have to power-cycle the switch for it to take effect. At least this Netgear is fast to reboot, but having to do so makes its port traffic & error counters effectively useless, unless you leave management enabled all the time.

If you want to add a RESET button also, solder a fine wire to the right-hand (near the coil) terminal of resistor pad R7, which should be empty to begin with. This goes to the Shutdown terminal of the 3.3V switchmode regulator, and grounding it (through a 1k-ohm resistor) even briefly will cause a clean reset via 3-pin power-supervisor chip U3. That IC actively drives the BCM53128 RESET pin both high and low, so you can't safely pull RESET down directly.

Rather than mounting a physical toggle switch, since my GS108e is in a hard-to-reach spot I decided to bring out these control signals (EN_8051_TxRx, +3.3V, RESET-via-regulator-shutdown) to a 4-pin header, which plugs into GPIO outputs on a nearby router, allowing management-enable and reset functions to be controlled remotely. Anyone going this route should ensure both systems share a common logic ground, and take care to never drive either signal to more than 3.3V Documentation on the BCM5128 is hard to come by, but I very much doubt it's 5V-tolerant.

Price to feature set is amazing. You get a nice set of layer 3 features but you don't need a degree in IT Networking to figure it out. I've been a corporate IT consultant for 12 years now and I hold certs with HP networking and Cisco and I can say that bang for the buck, this Netgear switch series has all the features your standard office setup would need. You can Vlan, traffic prioritize and get some good analysis from the device.

We've had this series installed for years now at some high use facilities and they are going strong, and compared to a Cisco of similar specs, well priced.

This is perfect for someone that needs that extra management ability because of VoIP or other networking needs but doesn't need or want to get into full layer 3 switching. The web interface is easily learned and accessible. You can lock it down as well. Netgear has been really good about product support as well and they fix issues fast with firmware updates as needed. I've yet to have one of these fail (knock on wood) and we have these installed in most of our clients' locations.

Not a bad switch for the price. I needed to extend managed VLANs to a guest house on our property which is connected to a Netgear GS724T 48-port managed switch.
This GS105Ev2 is pretty straight forward. Took me a minute to figure out how to configure the 802.1Q VLANs as there are four different VLAN setup configurations you can choose from (Port Based - Basic; Port Based - Advanced; 802.1Q - Basic; and 802.1Q - Advanced). For true VLAN support choose 802.1Q Advanced. Configuring the VLANs is a little clunky: you have to assign the VLANs to ports, assigned the PVID to the port, then go back and remove the unneeded or untagged VLANs from the ports. Not intuitive but for less than $50.00 I'm not complaining.
Device firmware upgrade required a TFTP server although the documentation says HTTP upgrade is available.
For the security professional out there, I port sweptTCP 1-1024 and the device only responds on port 80. Advanced sweeping (meaning try to access even if port shows closed) still only showed port 80 open. A small SSL/TLS server probably would be nice but, since this device is isolated upstream and restricted access is in place elsewhere in my network, managing via port 80 isn't too much of a concern for me.
I monitored my firewall and found no evidence that the device was trying to connect out to the internet (NTP, updates, "phone home") which is nice. Only traffic I saw initially was a DHCP request.

Worked right out of the box, cheapest way to get VLAN tagging.

Words of wisdom:
- I have changed my network from 192.168.1.1 to something else for security's sake, so I could not navigate directly to the firmware webpage.
- In order to find the device, I had to install the software that came on the CD to assign an IP address to the switch.
- The software that comes on the CD is VERY old and VERY intrusive.
- The advice: make a restore point before installing the software, change the IP Address of the switch, then restore your PC.
- Yep, the software on the CD is THAT bad.
- And another thing...as soon as you've assigned a static lease to the switch on your router, backup the router. Otherwise...you'll have to go through all these steps again if you need to restore your router to a previous backup.

PASSWORD CHANGE ISSUES:
1. manual says 20-character limit.
2. Trial and Error: you must manually type in the new password in order to change it.
3. It bears repeating: If you copy/paste from your password manager into the "New Password" field, it will not change the password. You have to type it in manually in order to get it to change.

I stand by the 5-star rating because it functions as advertised and it's 1/2 the price of higher-end managed switches. Just beware that the web interface is rudimentary at best, and the software that comes on the CD is worse.

These switches are perfectly designed to give you just the right amount of ports with just the right amount of management software in a web browser. This switch is built like a steel vault. I doubt this will ever stop working. Ethernet standard worldwide will likely die out first!

Anyway, as an IT admin I use these at scanning workstations, printer depots and in equipment rooms to give extra ports where I need them. I can't always run a new line back to my primary Cisco SG-300 business switch because our building is old and running cable is expensive and difficult. I have had ZERO issues with saturation, conflict, LAN dropping, address issuing/resolution and port speed. ALL devices run at gigabit and perform as expected! Thanks Netgear for yet another bulletproof product!


Get it Now

Feature Product

  • VIRTUALLY ANYWHERE - Innovative Click mount for vertical, horizontal, flat of perpendicular mounting capabilities
  • GIGABIT ETHERNET - 16 Gigabit Ethernet ports deliver up to 2000 Mbps of dedicated, non-blocking bandwidth per port
  • ESSENTIAL NETWORKING - Segment and prioritize your traffic with VLAN, QoS, IGMP Snooping, rate limiting and traffic monitoring
  • EASY-MONITORING - Monitor your network status and your cabling with the port statistics and cable health
  • CABLE MANAGEMENT - Integrated cable management system keeps your deployments clean and organized
  • PROSAFE LIFETIME PROTECTION - Lifetime Limited Hardware warranty, Next Business Day Replacement and 24/7 chat with a NETGEAR expert
  • " 16 Gigabit Ethernet ports
  • Flexible 1-2-3-4 mounting system
  • Cable management system
  • Plus Switch software features
  • LIFETIME WARRANTY
  • LIFETIME Next Business Day Replacement
  • LIFETIME 24/7 Advanced Tech Support via chat"

Description

NETGEAR ProSAFE Click Switches with the 1-2-3-4 mounting system offer the most flexible deployment options combined with effective cable management. Designed to enable easy and neat switch placement in all locations, Click Switches also have the full set of Plus Switch software features such as traffic prioritization, VLANs and cable testing. Two USB ports can charge tablets or smartphones. Lifetime Hardware Warranty, Lifetime Next Business Day replacement and Lifetime Tech Support.


I purchased this switch to help me clean up my local network in our house. I had begun wiring out the house to be able to provide faster and more reliable network connections so that we could take better advantage of being a household that streams ALL of our TV viewings. As I was adding these capabilities to our home I began to place smaller 8-port unmanaged switches to help accommodate all of our devices, and next thing I noticed there were several of these smaller switches hanging off the network. Most people wouldn't notice the difference but seeing as we work in this type of environment I would notice that the network would get slow at times or would require that the devices would need to be rebooted several times a month. After purchasing this device and eliminating all those smaller switches the difference was noticeable. The quality of the streaming improved especially the ability to stream in the higher definition, the media from our local media server. There are still some minor fine tuning required to take full advantage of all the features of this device but do recommend it.

Performance-wise, this switch works wonders! I previously owned a D-Link business-class, managed switch that required a reboot about once every 3-6 months, sometimes several times in a row, especially during heavy Torrent traffic or uploads (where I back up my data from one NAS to a remote NAS). Until that D-Link would be rebooted, the internet would stop working.

I finally decided to get this ProSafe because:
1. It's design looks sleek!
2. It's easy to install: mount the base plate as desired, then click the switch into place
3. Lifetime warranty that comes with the ProSAFE line

Surprisingly (and thankfully), I haven't had to restart my switch (or cable modem or router) despite heavy Torrent traffic and uploads from one NAS to another.

I was impressed and bought a 16-port one for the attic as well, and that one has also performed well.

Update: replacement has been working solid for a while now. Giving back 4 stars :)

Original: It was an amazing 12 hours or so. QoS working perfectly with my VOIP boxes and playing online without lag spikes due to a full household streaming media. And then Christmas morning, no connectivity. DHCP requests were being dropped (dedicated DHCP server) and rebooting the switch did not work. Going back to my old dumb netgear switch brought back network connectivity without QoS. Disappointing, but netgear has been good to me in the past (my 16 port gig switch still works and it's almost 10 years old), so I've ordered a replacement and will give it another shot. Very disappointing regardless that this passed QA.

This is great. This thing is QUALITY. Not only is it just plain heavy, made out of solid metal casing, it has no capacitors and has a lifetime warranty. It is heavier than it looks and screams quality. I am an IT professional and I would recommend it for home or small office / retail use in an instant. It does full gigabit and can support full gigabit on all 8 ports at once. It does have a built in cable test as well which is nice. It supports VLAN segmenting and is just solid. You don't have to use the VLAN features, but its nice to have the model that supports it if needed. This model can be configured via the web interface by just going to the IP address of it, you don't have to load the software. By default it grabs a DHCP address, but the default IP is listed on the bottom of the unit, so if you want to set a static without trying to find out what address it pulled, just plug it in by itself for a few minutes then set a static IP on your NIC and then connect directly to it and configure it to have a static in your own range.

This is a perfect switch if you want to expand your home or small business network.

If you want to plug in multiple devices to your existing network then this device is for you.

I am giving this product a 5 stars for the reason below:

1. Plug and Play. Absolutely no programming or setup required.

2. Percect device for novices users and non IT/computer users like me. Again...no setup required. Just plug in your devices and you will be automatically connected to your LAN.

3. Excellent quality build. The entire unit looks and feel high quality. Case is metal and device is heavy. No cheap plastic and lightweight feel.

4. Netgear is a reliable and makes excellent switches. I have a 10/100Mbs 5 port netgear switch that I bought in 1999 to use in my college dorm to get multiple computers to a single network port in my dorm. I still have this switch 18yrs later and it is still 100% operational. In matter of fact I bought this 8 port to replace my 18yrs old switch. I am only upgrading because i wanted 1000Mbs speee and more ports.

Some misc tips for novices/non tech folks.
1. If your house is built after 2004 and was originally wired for telephone lines throughout your house then you already probably got either cat5e or cat6 cables installed already. Electrician will use cat5e/cat6 cables to wire your house for telephone use because they are just as cheap as regular telephone line and more readily avaiable. Therefore, no need to run ethernet cables. Just pull apart your telephone wall plates and verify.

I hope this review helps.

Get it Now