Good day everyone.

I would like you advices on the type of setup I should be doing.

I want to isolate my networks. I will have a regular network, IoT devices and a testing laptop.

Devices: iMac, MacBook, iPhone, Apple TV, Testing laptop (Malware reverse engineering), Phillips Hue Hub, Watchman Wifi Camera, CCTV's (not yet), ISP Modem, Apple Time Capsule, DIR-655 router, TP-Link TL-SG108E x 2 and I would like to have a pfsense box so I can monitor exactly what comes in and out and block manually host and ip's that I don't want.

Let me know if you have any inputs on the type of setup and configuration I should be doing.

Thanks!

I avoid IoT (Tom Lawrence at SMLR calls it the "Internet of Targets") like the plague it is, though I'm sure the point will come when I cannot escape it. Connecting stuff to a network simply because it's there ignores that "because it's there" is seldom a good reason for doing anything. Just ask any 15-year-old boy.

This article looks like a good starting point: http://www.alpinecyber.com/2016/04/0...abbit-hole-go/

thanks frankbell!

I second frankbell's comments about IoT.

But about the home network in general, I'd say you're on the right track with pfSense. Though I'd highly recommend taking it a step furter and going with regular OpenBSD -current. It's about as easy to set up and maintain yet will give you far more flexibility in what you can do, even if you just think about PF only. However, whether you can go that route is up to what kind of hardware you have available.

Hey!

I read about the 3 dumb router setup, seems interesting.

How about, ISP modem -> Apple Time Capsule -> TP Link TL-SG108E -> and doing 3 VLANS? 1- regular network, 2- testing laptop and 3- IoT? (I might have trouble controlling those phillips bulb with the iPhone)

The thing I'm missing is a visibility on the network. I'd like something like a SIEM and something that I could block the phonehome calls and stuff like that.

Why not use IPTABLES for your firewall?

I have no firewall devices at the moment. Purchasing a Netgate SG-2220 or SG-2440 would be around 300-800$. I was trying not to spend and use what I had

Firewalls do not have to be big and powerful unless you plan on putting a lot of traffic through them. You don't need the latest and greatest system to be your firewall. Grab one of your systems with more than one nic and use that.

I understand, it's only me that wants the best buy for home but I definitely understand you and I should go cheaper for regular home use. The funny thing is that I don't have any devices with 2 NICs at the moment, so I do have to purchase something! Once done I should put that between the modem and router or inside the network?

I always see both setup but not sure which one I should apply.

This is very true. About a decade and a half ago I worked for a international company with with about 25,000 employees around the world (this was in the Win2000/XP/Pentium I and II days). It had an excellent IT department led by an extremely reasonable and approachable IT manager.

Their firewall was a 486. It didn't have to do anything but filter incoming and outgoing traffic, and it did that quite nicely.

Tom Lawrence at SMLR, whom I mentioned earlier, is a big fan of pfsense. He runs a successful computer business servicing local businesses in his area and has done a lot of work with it.

Would I require a 2 port or 4 ports firewall?

That would depend on what you plan on hanging off of it. You going to need at least 2. 1 for LAN and 1 for WAN. If you plan on having a DMZ then you'll need one for that too.