After upgrading to 1.3 for my 2600 + 2200's, I have begun "Segmenting" by setting up a separate network and enacting Firewall rules per Sinology's "Block Access Between two Networks (How can I block access between two local networks while allowing communication among certain devices? - Synology Bilgi Merkezi) See Attached grab
I had been delaying this as I had thought if I place all my IoT devices on a separate network, I would need to switch networks on my Android Phone each time I wished to access the APP for the respective devices. If my phone is on my "Main" Network "1", then I should not have access to the devices if they (and the APP) are assigned to Network "2".... I thought it a small price to pay for Security and expected the need to switch Networks when needed on my mobile. But that does not seem to be the case. With 50+ Devices, I just changed an Alexa and two Power outlets so far over to the new network as a test. And I find they are accessible from Network 1 on my Mobile... This of course makes it easy to access the APPs, but I'm unsure why access is available while my mobile is on one network and the devices are on another.. And does anyone know of a simple test to insure that if access is gained through an IoT device here, they cannot penetrate to my main network.
I had been delaying this as I had thought if I place all my IoT devices on a separate network, I would need to switch networks on my Android Phone each time I wished to access the APP for the respective devices. If my phone is on my "Main" Network "1", then I should not have access to the devices if they (and the APP) are assigned to Network "2".... I thought it a small price to pay for Security and expected the need to switch Networks when needed on my mobile. But that does not seem to be the case. With 50+ Devices, I just changed an Alexa and two Power outlets so far over to the new network as a test. And I find they are accessible from Network 1 on my Mobile... This of course makes it easy to access the APPs, but I'm unsure why access is available while my mobile is on one network and the devices are on another.. And does anyone know of a simple test to insure that if access is gained through an IoT device here, they cannot penetrate to my main network.