The problem is this sort of environment is "too unusual".
I.e., if you put the DUT on the same switch as your "console" (wherever *you* are trying to interact with the device), then your IP, the IP of the (managed) switch and the IP's of every other device on the switch pollute the address space of the DUT (*it* can't conflict with any of those... but, you don't know what *it* is using -- or wanting to use -- yet!).
It exposes all of those devices to the DUT -- including, potentially, your outbound connection.
It requires you to have a DHCP/BOOTP service running on some device that is connected to that switch (in case the DUT goes looking for a lease).
If the DUT happens, coincidentally, to be using the same IP as the machine from which you are connecting, then some form of address translation is required (assume you can hide all the other hosts to minimize the number of potential conflicts -- that's what my "two device network" does).
You (or some other host on that switch) have to be capable of performing network discovery (which can require several different approaches based on what the DUT supports, protocol wise) if the device has already chosen an IP.
And, I've not even addressed IPv6! :-/
So, it seems the most effective ("safe") approach is to install a proxy that *I* can talk to (or any other node on *my* switch) and have it play the role of the "laptop" in the "two device network" that I mentioned originally. I.e., just take the display and keyboard *off* that "virtual laptop" and move them to wherever I happen to be sitting, currently.
E.g., maybe just let something like nessus hammer away at the DUT "in isolation" and see what *it* has to say...