What I understood from the system admin at the company I am working for parttime was:
1. Due to the OSI network layer topology adding anti-malware like technology to a router's firewall is architectural wise a lousy place to implement bit pattern based filtering of the packet's content passing through the router.
2. Partitioning devices into different logical networks based on device function and usage makes much more sense, because it limits the impact and exposure of clients to security breaches
3. AI/ML learning invasion and response monitoring will help to detect anomalies. In consumer world this type of monitoring is as good as the profiles assigned to the devices and granularity of the corresponding networks.
In short when you don't want to spend money on high end consumer router (like Gryphon) nor want to spend time on understanding the use and application of the different device profiles (of the Gryphon router), just buy a decent mid-range router and apply these tweaks.
Currently, a wi-fi router is in almost every house or apartment. This is a device that first of all needs to be properly configured, as it is the main target for hacker attacks. Hacking a router, an attacker gains control over the entire local network. In order for the router to become a truly...
malwaretips.com
That is why I use
- 2.4 Ghz wifi guest network for guests on ISP's modem/router
- 2.4 Ghz wifi network for IOT devices on ISP's modem/router
- 5 Ghz wifi network for our personal devices (laptop, smartphone) on second (mid-range specs) router
My NAS is connected to second 5Ghz Wifi network and has access control on device/user. Smartphones have only read access to backup data and are allowed to write (saved pictures) to NAS. With an offline USB disk (which we only update after holidays, so on average every six months) as backup of the backup.
Our ISP discourages setting their modem/router in bridge mode. In the past I used to contact help desk to ask them to okay setting router in bridge mode. Problem is that after every network upgrade, the ISP router is reset and I had to contact the helpdesk again. I discovered that disabling one of the frequencies did not require the router to be set in bridge mode (Lazy Lenny again
)
