===== Switch =====
[[ddsf:public:guidebook:06_append:glossary:start| Return to Glossary ]]

A **Switch** generally has a more intelligent role than a [[ddsf:public:guidebook:06_append:glossary:h:hub]]. A switch is a multiport device that improves network efficiency. The switch maintains limited routing information about nodes in the internal network, and it allows connections to systems like hubs or routers. Strands of LANs are usually connected using switches. Generally, switches can read the hardware addresses of incoming packets to transmit them to the appropriate destination.

Using switches improves network efficiency over hubs or routers because of the virtual circuit capability. Switches also improve [[ddsf:public:guidebook:06_append:glossary:n:networksecurity|network security]] because the virtual circuits are more difficult to examine with network monitors. You can think of a switch as a device that has some of the best capabilities of routers and hubs combined. A switch can work at either the [[ddsf:public:guidebook:06_append:glossary:d:datalinklayer]] or the [[ddsf:public:guidebook:06_append:glossary:n:netlayer|Network layer]] of the [[ddsf:public:guidebook:06_append:glossary:o:osi]]. A multilayer switch is one that can operate at both layers, which means that it can operate as both a switch and a router. A multilayer switch is a high-[[ddsf:public:guidebook:06_append:glossary:p:performance|performance]] device that supports the same routing protocols as [[ddsf:public:guidebook:06_append:glossary:r:router|routers]].

Switches can be subject to distributed denial of service (DDoS) attacks; flood guards are used to prevent malicious traffic from bringing the switch to a halt. Switch port security is important so be sure to secure switches: Disable all unused ports and use DHCP snooping, ARP inspection and MAC address filtering.

Source: [[https://blog.netwrix.com/2019/01/08/network-devices-explained/ ]]