Truth be told, and I’m speaking from a point of ignorance, I’m still running a pretty flat network. No vlans or anything. My Tasmota based devices have access to the internet, but they don’t make use of it. It’s purely for my convenience (like doing firmware updates and NTP). Things (like cameras) are on a 2nd network that never sees the internet. These go to a BI NVR with two network cards.
So, while more security is always better, I must ask (again, in ignorance) why you would want to go over the top? As long as you can manage what goes to the cloud on device level, I don’t see the point of going full nerd on the network?
Maybe help me right here, for in case I’m missing something. I’m trying to understand how your typical ‘thief’ would gain entry to your property by ‘hacking’ your network somehow