What's new

Quarantine IoT on their own AP and VLAN?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dfarning

Occasional Visitor
As part of my new wifi set up, I have been testing the effect of Iot devices on the network. I am a bit of a nerd so, as of last count I had about 20 DIY IoT devices on the network. Many of them are dirt cheap devices with sketchy chipsets.

Has anyone seen any value in quarantining these devices on their own AP and VLAN?
 
As part of my new wifi set up, I have been testing the effect of Iot devices on the network. I am a bit of a nerd so, as of last count I had about 20 DIY IoT devices on the network. Many of them are dirt cheap devices with sketchy chipsets.

Has anyone seen any value in quarantining these devices on their own AP and VLAN?

I have at least that number of IoT devices if you include my Amazon Dash buttons. I have most of mine on their own subnet using guest network settings to isolate as best as possible these devices from each other and more importantly block access to my primary and hopefully more secure network.
 
A little off topic, but don't you think it's sad that we are at this state with IoT; that we are all "scared" about their horrible insecurity and venerability that we have to try and "quarantine" them in this way by segregating them on their own network.

I really do think at times, we are going backwards with technology, not forwards. Not helped by the fact that everyone seems to what everything dirt-cheap nowadays (not me though!)...

Sad.

Dan
 
There seem to be a couple of challenges here.

The biggest challenge is that the Wi-Fi standard is evolving remarkably quickly. New features for working well together on a network are added each release. High end devices are usually certified compatible by the Wi-Fi alliance. Low end devices often don't meet certification requirements because they have not yet implemented all of the 'work well together' standards.

The second challenge is that the Wi-Fi standard seems to be coming out with a update every 2-3 years. Each update has the goal of increasing airtime efficiency by ~4X. Those old clients take up a disproportion share of airtime.

I think the biggest problem for me was that most of my IoT devices are DIY. I didn't take any precautions to have them communicate effectively. As a result they are a lot more 'chatty' than a well designed IoT devices.

Isolating IoT is not necessarily a best practice... but it seems to help in a network where I have quite a few really cheap devices which I built myself over the last 4-5 years.
 
Low end devices often don't meet certification requirements because they have not yet implemented all of the 'work well together' standards.

The emerging trend I've seen over the last year or so is using pre-built modules (system in package or system on module) - espressif for example with the esp32's, TI has similar, and there's Murata and others - the modules themselves have some level of certification, and that does make things a bit better to work with...
 
Nice. That makes things a lot easier if I can control my cheapskate nature and not buy the cheapest thing available from banggood.
 
Similar threads
Thread starter Title Forum Replies Date
J Outdoor WiFi access for iot devices General Wi-Fi Discussion 4

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top