Aug 19, 2024 Secure Your Network!

Summary


In this podcast, I explain the challenges and best practices for managing internet-connected devices, also known as IoT (Internet of Things) devices, within a local network. Many people use consumer-grade routers to connect their devices to the internet, including their computers and the internet-connected products they own. The default setup with these routers allows all connected devices, both via Wi-Fi and Ethernet, to freely communicate with each other, which, while convenient, presents a security risk. It is particularly concerning since a compromised IoT device can gain access to all other devices on the network. For engineers who work from home, this means an attacker could gain unauthorized access to your company's work.

For those who want a quick and inexpensive solution, I cover how to connect two consumer-grade routers to create separate trusted and untrusted (DMZ) networks. This allows IoT devices to operate on the untrusted network, which can't request data from the trusted network. However, the trusted network can still communicate outwards to the IoT devices on the untrusted network, as well as retain a connection to the internet.

My preferred approach is to use competitively priced professional networking equipment from companies like Ubiquiti and Cisco. I cover how to use VLANs and subnets to segment the network into trusted and untrusted zones, with less networking equipment. This setup allows for better control over which devices can communicate with each other, creating a more secure environment and reducing the likelihood of a compromised device affecting critical systems.