A Paranoid Home Network

Digging through some old notes I stumbled upon the diagram I made when planning my home network during my last move. I had decided to take a little paranoid approach to my networking.

Home Network Diagram

First I divided my devices into groups based on how much I trusted them.
I had:

I also accounted for any guest’s mobile phones.

The groups of trust I settled on were based on the potential risks I perceived from my devices based on them running code I was not privy too. Of course basically all devices do this to some extent or other but those I labeled “Untrusted” in my diagram were the ones that were almost entirely black boxes to me.

From there I decided to separate the WiFi networks and access these groups had.
My ISP related stuff sat in it’s own zone, the guests and other “Untrusted” devices were grouped in their own zone, and finally my trusted devices sat in theirs.

There were and are some potential issues with my setup:

Overall however it has worked pretty well for the last several years. I even keep the WiFi network for the trusted devices hidden somewhat by not having it broadcast an SSID. I can have a slightly easier password for the “Untrusted” network for people to key into devices (still long but with less annoying symbols).


Comment posting is disabled, please email or discuss on another platform.