Whether we like it or not, there are just some devices in our homes that are, and always will be insecure. Is there a safe way to add those devices to a home network without compromising the security of other devices? Today’s SuperUser Q&A post has the answer to a security-conscious reader’s question.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
The Question
SuperUser reader user1152285 wants to know how to safely add insecure devices to a home network:
I have a few Internet connected devices that I do not trust as being secure, but would like to use anyway (a smart television and some off-the-shelf home automation devices). I do not want to have them on the same network as my computers.
My current solution is to plug my cable modem into a switch and connect two wireless routers to the switch. My computers connect to the first router while everything else connects to the second one. Is this enough to completely isolate my computers from everything else?
I am also curious if there is a simpler solution using a single router that would effectively do the same thing? I have the following routers, both with DD-WRT:
- Netgear WNDR3700-v3
- Linksys WRT54G-v3
Except for a single computer on the first network, all of my other devices (secure and insecure) connect wirelessly.
How do you safely add insecure devices to a home network?
The Answer
SuperUser contributor Anirudh Malhotra has the answer for us:
Your current solution is ok, but it will increase one switching hop plus the configuration overhead. You can achieve this with just one router by doing the following:
- Configure two VLANs, then connect trusted hosts to one VLAN and untrusted hosts to another.
- Configure your iptables to not allow trusted to non-trusted traffic (and vice-versa).
Hope this helps!
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.
Image Credit: andybutkaj (Flickr)
- › Microsoft 365 Integration Is Coming to Chromebooks
- › You’ll Finally Be Able to Buy a PS5 in 2023
- › Sonos Beam (Gen 2) vs. Sonos Ray Soundbar: Which Should You Buy?
- › Should You Defrag Your SSD?
- › This Schlage Smart Lock Works on Doors Without Deadbolts
- › Why Did Google Stop Using Android Dessert Names?
