So with the IoT gaining ground, tv, light switches, elec points etc., what firewalls are people using to prevent unwanted access to your homes network?
Most routers have a firewall function. Ideally you shouldn’t rely on the router that was bundled with your ISP. It does help going for something a bit more secure, in my case Ubiquity.
Can you provide a model, number or name, please.
The last time I looked they were difficult for a networking layman to configure, but nows probably the time to learn.
Ok. So if need the gateway+cloud gen2.
So the cable from the fibre box will go into the gateway and the wife router into the LAN port of the gateway?
I will need the cloud key to manage remotely…
If you want the lazy option go for an Asus router that run on the AsusWRT firmware. It is super easy to setup and manage and a bit cheaper if you don’t want to go with the big bucks Ubiquity
1 Like
I run the standard Mikrotik my ISP gave me. But with one small difference, I set it up myself. The ISP has no access to it. At the moment I still have my IoT devices just on the same subnet as the rest, but ideally (of course) they should have their own. At the moment I switch one floor lamp and one geyser. No pool pumps or security systems yet. So no real motivation yet…
Also have a Mikrotik with just about all ports closed.
Also, if an IP address tries to log in to my Mikrotik from the outside, and has 3 failed attempts, that address gets put on a blocked list for 24 hours.
Ideally, one requires separate VLans for each class of device. E.g, windows Laptops, PC’s VLan1. All dependent on the risk profile and use of the device.
IoT devices connect to VLan2 and Android phones etc connect to VLan3.
The IoT devices should not be allowed to talk to the outside world, in either direction. If they are required to do so then one needs special rules about what they can do.
Cross VLan talking should not be allowed either…
The issue is cost, technical know how and of course, is it actually required. Maybe not, but I’d like to know who is opening my phone or PC’s camera, listening to my microphones, turning my alarm, elec points on and off…All this is possible and happening all the time, we are not always aware of it.
Big organisations spend millions trying to prevent this and I think in the future ,every well connected home will require a more robust technical solution to prevent the above.
Now, to do some more research…