Currently I have computers, phones and a home security system connected to our router. I need to upgrade the security of the computers. Would putting them on a separate router be a good idea? Thanks.
ThanksNow you've lost me. I'm talking about keeping the ISP's modem, and plugging a router into it. Exactly like everyone used to do before combined modem/routers were invented.
The router would apply NAT to everything connected to it.
I don't understand why you mention vlans.
One of my concerns with the existing router is that the security system people and perhaps some others have periodic access to it. That makes me uncomfortable. With a second router, only I would have access and only our computers would interact with it. Thanks.It would mostly just make things more complex. A router by itself offers little additional security. You could buy a firewall device and that might help but you have to clearly define what security risk you have between your machines. A firewall only does what you tell it to. By default most allow all traffic between all devices.
For most people you do not need a high level of security inside your house. The router and security software on the end devices prevent attacks from outside your house.
The router was supplied by the ISP. I need to learn more but, at the moment, I think I will buy my own router. My computers would go on the Private network and everything else would go on Guest network. Is that a step in the right direction?It sounds unusual in that the providers of the security system are providing the router. I'd be inclined to use another router that you own and they don't have access to, and connect their system to it. If the use of their own router really is a requirement for their system then you could plug their router into the LAN side of yours. This way everything else would only see one router.
I too would be uncomfortable with a third party controlling my network.
I think this would be a good move, as well as putting a second router downstream (connected to a lan port) from the isp router as the isp would then have to get past your router to see your computers. The caveat with this is that you would have a double nat.The router was supplied by the ISP. I need to learn more but, at the moment, I think I will buy my own router. My computers would go on the Private network and everything else would go on Guest network. Is that a step in the right direction?
The caveat with this is that you would have a double nat.
But then you don't have separation without using vlans. I prefer routing to vlans when it comes to security since vlan tags can be easily forged.Not if the ISP's modem is able to operate in modem-only mode. Some can, some can't.
ThanksNow you've lost me. I'm talking about keeping the ISP's modem, and plugging a router into it. Exactly like everyone used to do before combined modem/routers were invented.
The router would apply NAT to everything connected to it.
I don't understand why you mention vlans.
Home routers typically only have guest for WIFI. That can help if you have mostly WIFI devices.The router was supplied by the ISP. I need to learn more but, at the moment, I think I will buy my own router. My computers would go on the Private network and everything else would go on Guest network. Is that a step in the right direction?