As I promised in my last post about network security, I am now back with a follow-up blog post about more steps you could take in securing your home network. You can check my last post on this subject @ https://mariusserbanica.co.uk/2023/02/03/simple-measures-for-better-network-security-ssh/
In today’s connected world, having a secure home network is essential to keep your personal data safe. As more and more devices become connected to our home networks, the risk of being hacked or having our personal information stolen increases. That’s why I decided to take some extra steps to secure my home network, and I want to share with you how I did it.
The first thing I did was purchase an HP A5500 managed switch. This switch allowed me to configure VLANs, which is a method of dividing a physical network into multiple logical networks. By doing this, I could separate my devices into different VLANs based on their function, such as separating my IoT devices from my personal devices. This way, if one of my IoT devices were compromised, it would be isolated from the rest of my network.
Configuring VLANs can seem daunting at first, but it’s not as complicated as it may seem. First, I created a VLAN for each type of device. For example, I created a VLAN for my personal devices such as my laptop, phone, and tablet. I also created a VLAN for my IoT devices such as my smart thermostat and smart TV. This way, each VLAN could have its own subnet and IP address range. I then assigned each port on the switch to a specific VLAN, so that each device was connected to the appropriate VLAN.
Next, I deployed and used a self-hosted server on my own home lab, called Wireguard VPN. This allowed me to connect to my home network through a secured tunnel and get assigned a local IP address, rather than exposing all my services to the internet. This way, I could access my home network securely from anywhere in the world, without worrying about someone intercepting my traffic.
Finally, I deployed and used a self-hosted service called Vaultwarden, an open-source version of Bitwarden. With Vaultwarden, I could secure all my passwords locally and have total control over them. This way, I didn’t have to rely on a third-party service to store my passwords, which could be vulnerable to hacks and data breaches.
Securing your home network is essential to keep your personal data safe. By configuring VLANs, deploying a VPN, and using a password manager, you can significantly increase your network security. While it may seem like a lot of work, it’s worth it to have peace of mind knowing that your personal information and your home network are as secure as they can be.
PS. Stay tunned, I will be doing more of this and will document it by posting it on my blog 🙂