Network Growth
Network Growth
Good afternoon everyone, I’m currently connected via my ISP router from Virgin Media in the UK. With their top model, a hub 5 on a 1 gig connection, I manage 11 cameras and about 50 smart home gadgets throughout the house. That brings the total to roughly 80 devices. I also have a mini PC equipped with several LAN ports and a N100 with 16GB RAM and a 512GB SSD. It can run OPNsense, though I found it inconsistent on the router side during my testing. I also share internet with a neighbor using a guest network.
I’ve been exploring VLANs and have a managed switch. I’m considering purchasing a few PoE APs with a PoE switch to separate networks. In practice, would dividing IoT devices, neighbor access, and general traffic into VLANs make sense? It’s not my strongest area, but I’m confident I can handle the settings. I’d appreciate any advice on whether the effort and cost would be worthwhile in real-world use. Thanks a lot!
It relies on how you define value. Are you aiming for knowledge growth, enhanced protection, improved connectivity? In my view, the main advantage is stronger security, by isolating neighbor and IoT data from your own network.
The primary concerns revolve around untrusted users infecting devices, which can then serve as entry points to spread malware across your network, or IoT gadgets being exploited by malicious actors directly. The goal is to separate non-technical individuals from the broader network and keep IoT devices isolated while maintaining their intended functionality. If your only potential risk comes from users already on a guest network provided by your ISP router, they’re likely sufficiently separated. For families with vulnerable members—such as children, seniors, or relatives—it might be necessary to create a dedicated VLAN for them to limit access. The credibility of an IoT device as a threat hinges on the types of devices in use; security flaws aren’t limited to foreign manufacturers. Investigate each company’s known vulnerabilities using CVE databases (search by company name and CVE) to assess risks. If your devices come from organizations with a track record of poor security, establishing an IoT VLAN could be justified. The main challenge is that managing these isolated networks can become more complex. Tools like mDNS repeater/reflector can aid in discovery, or you may need to integrate your phone directly into the IoT network—both iOS and Android have safeguards against public Wi-Fi threats.
I mostly use TP-Link smart gadgets, which seem to have solid security. I own a few more, but none that raise red flags. My network users aren’t a worry—just me, my partner, and my son. There are some services like Emby on the network, but nothing that anyone would pursue aggressively unless needed. My main concerns are network traffic and keeping things secure. I’ve heard smart devices often send data regularly, which can slow down the connection. With how many devices I have, will this be a problem? Thanks for the advice so far!