{"componentChunkName":"component---node-modules-gatsby-theme-chronoblog-src-templates-post-js","path":"/secure-iot-with-ubiquiti-vlan-firewall-rules/","result":{"data":{"mdx":{"id":"5130cb8b-f915-5bcd-8a78-cfadac019a3c","excerpt":"Firewalls protect you from unsolicited connections from outside your network into your private network. The problem arises when a trusted…","frontmatter":{"title":"Securing your IoT devices with Ubiquiti VLANs","date":"2020-01-14T00:00:00.000Z","description":"IoT or smart home devices such as lights, plugs, and security cameras haven't had to best track record for security so before you let them in behind your firewall let's look at how to secure them using VLANs.","tags":["networking","smart home","iot","security","ubiquiti","post"],"cover":{"childImageSharp":{"fluid":{"base64":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAANCAYAAACpUE5eAAAACXBIWXMAAAsTAAALEwEAmpwYAAADlklEQVQ4y02Sa0wbVBiGGzZECuVWYJTalnZQoVjKKIONggwYFB1UpFLkEmEMWWGbY2BY3QgLMYxkZJsjbuqMGhcSjWYYdTGZMYtRE7dkLiP+kSmo0awglHsvXObjkfnDk7w/vpOc5/ve7z2Suz/9htvjZXbBx+yij/klP4veAEu+VZZ9a6z41/AK+f6n9Qdge6aandlZpG/XkBAbi0KlJVImQ3Lnx3GmPEssrPhZ9q6Kx+v4AusEVh9qdW3jP4k6sMaDv2FiYpKWejv1tmLyc82Y80swWkqJjohAcuv2Xf6c8uAPbOD1BZibX9iU3x94CFld2wRvbAiSOEtLy/S7jtLyfAUH6iopLcpnZ0ERhh05RIeHI7nx5Sf8+vsfzMzOMevxMP3XDPfdbubm5lkTQL9fWF/xMn5vnMnJX5hy38f1UitPFVtotJdTYd1DhikTjUZYDpMieef8Ma6OXOCHO7eFZb+Ybg739DSLYhKfz4dHgN3TM6Khh58FdEo06+/p4FRnM8fb69mdY0K5LZ6I0EeJkIYiefNsJ9dGr3Dr5td8982nXP/iPa5fG+Hy8CBXr7zOpaFTXHzj0qbdf/c3OXGP3pfbOdZaQ+f+arJNacgjI4gR+4sKC0Nyur+Byxe6GB15jc9H3+bjD87x0ftnGXQ5+fBiP+f6jtDbe5KxsTG+v/ktN776jO62WqrLLLQ3VJGZridRqSQpWb8JlQycbGPwRBPnB7p4a/gVhoeO4up6AWerg4MvOqirfRpbaSENNRW07bdxus/Ju0M92K1P0lRTKYApKFUqVGKHm6H0uZo5caiOumetPGevpLnRwd6SPLItO0jbZUJvSmVvfg6Fu804bGW86urgjOsgJaKuLi9Cr1OhUCiIj08gSipCOd7poMtZSZW1AMuuXHLMRvIsWVj25FBaXkCmOZ3HdRoy0lLQqpWYMww4xXepLM6j1VEh7pPRPRZDmjpSAEUoh1r2UVWaQXaqGm1CLJpt0SI1OcY0LcZULQa9jjh5DFqVkoS4GJLVCnqcDQx0t9J9oJYssUN9kniXGI5MJC3pPtJIXoYOa76BfSUG7DYzWUY1cdEytIoYFPJI5FEy4mMiBVCONjGWQvFVjClJKESDWHEXrVQTJJURvGUrksNOO031hRxusdKxvxBnS4GoxQ4NWspy0zFsV2HSJ5H9hB5dkkZYTifTkExoyCMEBwezNSSELUJBQUFIQ6X8A6u/XxXXFbc6AAAAAElFTkSuQmCC","aspectRatio":1.5,"src":"/static/a456087d8f4a998c71e0255d9330ee8e/c4ecb/oneway.png","srcSet":"/static/a456087d8f4a998c71e0255d9330ee8e/57ab0/oneway.png 192w,\n/static/a456087d8f4a998c71e0255d9330ee8e/f4739/oneway.png 384w,\n/static/a456087d8f4a998c71e0255d9330ee8e/c4ecb/oneway.png 768w,\n/static/a456087d8f4a998c71e0255d9330ee8e/4eab0/oneway.png 1152w,\n/static/a456087d8f4a998c71e0255d9330ee8e/b6ef2/oneway.png 1350w","srcWebp":"/static/a456087d8f4a998c71e0255d9330ee8e/dd090/oneway.webp","srcSetWebp":"/static/a456087d8f4a998c71e0255d9330ee8e/ae504/oneway.webp 192w,\n/static/a456087d8f4a998c71e0255d9330ee8e/fef30/oneway.webp 384w,\n/static/a456087d8f4a998c71e0255d9330ee8e/dd090/oneway.webp 768w,\n/static/a456087d8f4a998c71e0255d9330ee8e/44170/oneway.webp 1152w,\n/static/a456087d8f4a998c71e0255d9330ee8e/15480/oneway.webp 1350w","sizes":"(max-width: 768px) 100vw, 768px","presentationWidth":768,"presentationHeight":512},"resize":{"src":"/static/a456087d8f4a998c71e0255d9330ee8e/c4ecb/oneway.png"}}}},"fields":{"slug":"/secure-iot-with-ubiquiti-vlan-firewall-rules/"},"body":"var _excluded = [\"components\"];\nfunction _extends() { _extends = Object.assign ? Object.assign.bind() : function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n/* @jsxRuntime classic */\n/* @jsx mdx */\n\nvar _frontmatter = {\n  \"title\": \"Securing your IoT devices with Ubiquiti VLANs\",\n  \"cover\": \"./oneway.png\",\n  \"date\": \"2020-01-14T00:00:00.000Z\",\n  \"description\": \"IoT or smart home devices such as lights, plugs, and security cameras haven't had to best track record for security so before you let them in behind your firewall let's look at how to secure them using VLANs.\",\n  \"tags\": [\"networking\", \"smart home\", \"iot\", \"security\", \"ubiquiti\", \"post\"]\n};\nvar makeShortcode = function makeShortcode(name) {\n  return function MDXDefaultShortcode(props) {\n    console.warn(\"Component \" + name + \" was not imported, exported, or provided by MDXProvider as global scope\");\n    return mdx(\"div\", props);\n  };\n};\nvar Embed = makeShortcode(\"Embed\");\nvar layoutProps = {\n  _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n  var components = _ref.components,\n    props = _objectWithoutProperties(_ref, _excluded);\n  return mdx(MDXLayout, _extends({}, layoutProps, props, {\n    components: components,\n    mdxType: \"MDXLayout\"\n  }), mdx(\"p\", null, \"Firewalls protect you from unsolicited connections from outside your network into your private network. The problem arises when a trusted device behind your network is compromised opening outside access to attackers into your LAN.\"), mdx(\"p\", null, \"Historically smart devices like IoT gadgets, security cameras, lights, and switches have had their share of security issues so you wouldn't want them sitting on the same network as your trusted computers.\"), mdx(\"blockquote\", null, mdx(\"p\", {\n    parentName: \"blockquote\"\n  }, \"Microsegmentation through VLANs can provide your smart IoT devices access to the internet without opening holes into your private network.\")), mdx(\"p\", null, \"Prosumer networking devices, such as those from Ubiquiti, allow you to configure VLANs\"), mdx(\"p\", null, \"Roughly the steps you will need to do are\"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Create a new Corporate network and assign it a VLAN ID and IP Address Range.\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Create a new Wi-Fi network and associate it to that LAN. In addition, you can tag wired ports with the VLAN ID for wired devices.\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Create firewall rules that block access from your VLAN into your private network, but allow your private network to call into your VLAN.\"))), mdx(\"p\", null, \"This will allow your IoT devices access to the internet, but not your internal private network in case they become compromised.\"), mdx(\"p\", null, \"This is a very high level view and the full walk through is covered in this VLAN tutorial video below.\"), mdx(Embed, {\n    src: \"https://www.youtube.com/embed/qxBIMYBJM1I\",\n    mdxType: \"Embed\"\n  }), mdx(\"p\", null, \"If you are interested in looking more into Ubiquiti hardware, \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://amzn.to/3aDL8B4\"\n  }, \"you can order it here\"), \"\\nOther manufacturers such as Asus have instructions for setting this up on their equipment as well. \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://www.asus.com/support/FAQ/1034018/\"\n  }, \"Asus VLAN for BRT series\")), mdx(\"p\", null, \"For further reading checkout this awesome explanation from \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://robpickering.com/ubiquiti-configure-micro-segmentation-for-iot-devices/\"\n  }, \"Rob Pickering\")));\n}\n;\nMDXContent.isMDXComponent = true;"}},"pageContext":{"id":"5130cb8b-f915-5bcd-8a78-cfadac019a3c"}},"staticQueryHashes":["1961101537","2542493696"]}