Go | New | Find | Notify | Tools | Reply |
Member |
You can also use ACLs (access control lists) on the routers to permit/deny access to any IP address from other specific or general IP addresses. Hedley Lamarr: Wait, wait, wait. I'm unarmed. Bart: Alright, we'll settle this like men, with our fists. Hedley Lamarr: Sorry, I just remembered . . . I am armed. | |||
|
Nullus Anxietas |
No. Sticking a switch in front of the router ports that need more than one device on them allows them to have more than one device on them Because I prefer EnGenius networking kit but they don't make 4- and 5-port switches. He has a need for only two devices on one router port. Why use an 8-port switch? Whereas one router port has eight devices.
True and true, and I'd probably be inclined to go that way, myself (except for Mark's hardware choices), but, theoretically speaking one could achieve the desired isolation with a single router port and a single managed switch, using VLANs, depending upon the router's capabilities. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Member |
Take a look at Firewalla, probably their purple or gold model. It will do everything you are trying to do in one simple device. Built for the end consumer to keep it simple. IMHO, vendors are gong to have to greatly step up their game to meet cyber security needs and thinking that end consumers are going to become network/cyber security guru's AIN'T gonna happen! From the network folks I know, most residential type products routers are greatly lacking compared to the commercial market. ---------- “Nobody can ever take your integrity away from you. Only you can give up your integrity.” H. Norman Schwarzkopf | |||
|
quarter MOA visionary |
^^^ I would say that would even be the optimal method. What happens is too often we just dongle a switch at the end of a network run for more device. Sometimes it is the only way but not my preferred method. Better to run cables back to switch but that isn't always feasible. Better to plan out infrastructure than react to it, FWIW. So this I disagree with:
Better to just get a larger smart switch, IMO pfSense is fine - never used it but I just downloaded to evaluate. Plenty of other great Routing solutions: Ubiquiti EdgeRouters or Untangle is what I use. EdgeRouters are a great value - IT likes them because of the functionality to value is high. I wish the EdgeSwitches were more available - prices are selling over retail because of their scarcity. Untangle (now Arista) is pretty much the same as pfSense. You can install on your own hardware or get in an appliance. Features from a free fire wall to much more including content filtering, VPN, AV and more. Some service do require subscription- available ala carte. The VPN component is done much better than EdgeRouter. By VPN I mean a secure remote connection not the software service to scour the Internet. VPN's take more resources and using better hardware makes it work better. EdgeRouter VPN is not as robust or intuitive, IMO. Don't forget some of the others like Mikrotik , Ubiquiti's UniFi lineup (more intuitive and expensive than EdgeRouter). And more.... | |||
|
W07VH5 |
Have we forgiven Ubiquiti for the data breach and the terrible way they handled it? I think you'll like pfsense. It's pretty intuitive. | |||
|
quarter MOA visionary |
Anytime you utilize those cloud-based management services you are at an increased risk. I don't normally use them too much for that reason. Kinda like all the NAS breaches by all the manufacturers - all from cloud connectivity. UNIFI lineup is more so than the Edge lineup but I understand in a large scenario the benefit for this service. It really didn't affect me but it would be understandable for those depending on it. Going to compare the pfSense to Untangle - we'll see how it does. | |||
|
Powered by Social Strata | Page 1 2 |
Please Wait. Your request is being processed... |