As my own local network expands, security becomes a subject that must be addressed. As network administrator I become more aware that I put devices in my home that I do not control. Especially devices like IP camera’s, thermostats, Home control devices.
So it is time to check it out and make some countermeasures. I installed a firewall between the IoT devices from other vendors and my local “Personal Computing” network. In this way I can control to which network and servers the Uncontrolled IoT devices may connect. For this I could buy a commercial firewall, but this was quitte expensive (€ 200-300). I choose to use an Open Source firewall.
I used the OPNsense (OPNsense.org). It is a subversion of PFsense, but with a better interface and reporting possibilities. In this way you get a better overview what is happening in your network. The hardware I’m using is a HP T620 thin client.
Installing was very simple and I even could use the serial port (with null-model cable) to configure the T620. It has only one Gigabit ethernet interface, but with VLAN’s I can expend the number of interfaces. The maximum throughput of my internet line is 100Mbit/s. It was easy to install with a bootable USB stick. Remember that the T620 has only Display Ports for his video output, so you must have a converter cable to configure the BIOS settings.
Overall this firewall is performing very well, and configuration can be done with some network knowledge. The power consumption of the T620 is about 7W (without display).
If you want to understand more about IoT security, a very good course is available at Cisco Network Academy (Netacad).
I did the instructor class of this course.