As we heard and talked about security of home internet many times
I want to start adding little old fashion details and questions and answers to the topic
First i want to start with this one
Is locking all new devices in router and keep only by permission going to help?
Does adding a second router as bridge only to separate wifi help IOT?
What else do you think
Using the second router would be your easiest option. Steve Gibson talked about this on Security Now on Episode 544. Here is a TWiT Bit on the topic: https://youtu.be/vntacaj7gy8
Me personally, I use a Ubiquiti EdgeRouter and Unifi AP with two separate SSIDs, one for my personal devices, and one for my IoT devices. Although this takes a bit more advanced setup than adding a second router under your primary, it also gives you more control over the devices that are on your network. For example, there are some IoT devices that need to be accessible from your personal device, like a Google Chromecast. Using the two-router setup, you will not be able to access it from your personal network through the second router. With a more advanced setup, you can isolate it so that it cannot access anything on your personal network, but still make it accessible from your personal network.
It really depends on what kind of IoT devices you are using, and what your technical capabilities are, which setup will work best for you. Hope this helps.
Thanks I’ve watched security now
I have smart switch smart light ways cam
And just not sure if it would help that much to only separate wifi with another router under my main
You would probably be fine with a second router unless you are planning on adding a lot in the future. It will help from a security standpoint, in that if one of those devices gets compromised, they won’t be able to get to any of your personal devices.
Good idea thanks
One more thing,
Should I categorize roku and firestick and smart tv as IoT or main
That depends on if you “cast” from your phone to one of them. In order to cast to a device, it has to be on the same network (or have MDNS enabled on more advanced routers). If you never cast to it, IoT is where is should be.
I won’t cast for 99% of the time but i have my app accounts on the device
That I’m thinking it doesn’t have to do anything with my wifi network security
Yeah, if you’re signing into your accounts on the device and not casting, you’ll be fine putting that on the IoT network.