They’re specifically talking about Zero Trust though and treating it like a corporate device as the joke. This means authenticate at every layer, RBAC, and endpoint security compliance before allowing access to a service. Putting the device into an isolated guest VLAN works too of course.
Yeah, he did that…and then kept going for some reason. A separate subnet in a separate firewall zone that doesn’t forward anywhere but the internet should be sufficiently safe
Wouldn’t it be enough to just create a seperate subnet?
Yeah that’s where it turned from story to joke for me
They’re specifically talking about Zero Trust though and treating it like a corporate device as the joke. This means authenticate at every layer, RBAC, and endpoint security compliance before allowing access to a service. Putting the device into an isolated guest VLAN works too of course.
Yeah, he did that…and then kept going for some reason. A separate subnet in a separate firewall zone that doesn’t forward anywhere but the internet should be sufficiently safe
Not for the kid.
Was he worried about the kid or his network lol?
por_que_no_los_dos.meme
Neither
Thats all I do.
Separate SSID, goes right into its own little hellscape with no access to anything but the internet.
And a small 8 port switch for a hardwired guest option. But thats not lit until its needed.