The design of the Home Network in my opinion has changed in the last 10 years because of the rise of all the IoT devices as well as phones.
As a part of documenting this, I was taking a look at what I have implemented at home and see what I can change as well. We all know the most ideal circumstances at home may not be possible. Partially because we have significant others, parent, siblings, children that are not necessarily as technical as us and don’t tolerate as much interference in between them and the information/website they want, and they want now.
So here we go.
First device is the ISP Home Router. This is the connection to the internet thru Comcast, AT&T, you name it. If you can put your own in its place great, but some ISPs don’t allow it. They usually come with with Wireless are a few lan ports on the back. Here is what I connect directly to this router:
- Wireless, I ONLY put IOT smart “TV” devices like Smart TVs, Roku, Amazon Firestick, ChomeCast here.
- Wired, I put NOTHING directly wired to this device (except the additional firewalls below)
Here I call it the Red Layer as I treat anything directly connected to it as unsafe. You don’t “manage” the firewall, so I treat it as potentially hostile.
This will confuse some people. I would buy a small residential router from Ubiquiti or Linksys here. This router is connected to the ISP router in the Red Layer most likely by a physical cable. This router is meant to add a layer of protection between the devices you put on this network and the Red Layer. The devices you put here are usually going to be associated IoT devices that might have more personal information on them. Done probably by Wireless, things like a a Nest Thermostat, Security Cameras, etc might be put here.
This is an additional firewall that is connected to the Red Layer. It will sit “next” to or “in parallel” to the IOT Layer. This firewall for me is a Ubiquiti Edge X. It does not have wireless on it. I connect my my wired devices to it. My Desktop, work laptop, NAS, printer, etc sits here.
SECURE WIRELESS SEGMENT
This is now a Wireless Router that sits BEHIND the SECURE Segment firewall. This router is something like a Linksys wireless router. It is meant to house your devices that are needing to be on wireless and secure. Cell Phones, Laptops, Tablets, etc.