Skip to main content

A Good Use for Guest WiFi

One of the key concepts behind network security is segmentation. In short, if two devices don't need to talk to each other, they shouldn't be allowed to talk to each other. That way, if one device causes problems, you can contain it and keep the problem from spreading to other devices.

These days, many home WiFi routers include a "Guest WiFi" network. To use this, you create a separate WiFi network with a separate password, and your guests use that.

There are a few reasons to do this:

  • You can create a really good, really long password for your "real" network, and a short password that you change every time you have company over.
  • Most routers keep the devices on the guest network separate not just from the main network, but from each other. This means that if one of your guests has a phone or laptop with a virus on it, everyone else is (relatively) safe.
I realized, though, that there's a different, and perhaps better way to use this guest network. It's related to how the different devices in the house use the network.
  • Many devices need to see each other and talk to each other. My laptop needs to see the printer. My phone needs to see the Chromecast attached to the TV.
  • Some devices only need to get to the internet. My eBook readers (nook, kindle, etc.) only need to reach the companies that sell books. My work laptop only needs to reach the work VPN.  My smart TV needs to be able to reach Netflix and Google Play, but nothing else.
This means that there's a pretty easy way to make things secure. If a device only needs to see the internet, put it on the guest network, even if it's not a guest.  All of those networked "smart" devices can be put into a little silo where they can't talk to anything else.

There are some downsides to this plan. The biggest is that it's often more difficult to change the password on these devices than it is to change the password on a phone or laptop, so you might be tempted to keep the same password for longer. But, that might not be much of a problem. It comes down to how many visitors you have on your guest network.  Big parties every weekend, with the password posted on the refrigerator? It might be best to change that guest password every Monday.  An occasional trusted guest? Who really cares if a few close friends have your guest WiFi password, especially if they can't interact with anything else?

I'm not the partying type. Only a few friends have our guest WiFi password. So, it's not really a big deal if we keep the same password for a long time. And if I use that password for the TV, that's a bit more segmentation on the network, which makes it a bit more secure.

The feature's there. It makes things better, and it's not much of a hassle, so I might as well use it.

Comments

Post a Comment

Popular posts from this blog

Stinky cheese, man

I'm living in a place that's known for it's cheese. There are hundreds of kinds of cheese at my local grocery store. I try something different every time I go shopping, and I've still barely scratched the surface of what's available. There's one kind of cheese that deserves special mention: Raclette . Raclette is strange for a few different reasons. Most notably, it's almost always served cooked, and there's a bit of a ritual around cooking it. You will never be offered raw raclette. Why? Raw raclette is pungent stuff. It's hard to describe the smell, but I've heard it described as a cross between sweat socks, vomit, and curdled milk. To say that it stinks is a polite understatement. So, why on earth would anyone eat it? Because when you cook it, you somehow cook the stink out of it, and what's left is sublime. It's a sort of oily cheese, and you get something like the best pizza or nacho cheese you've ever had. I've hea...
3 comments
Read more

Sometimes, things work as intended

A small computer success story: I have a Synology NAS at home. For those who aren't familiar with them, they're small computers that are set up to make storing and sharing files easy. They keep your data across multiple hard drives so that if a hard drive fails, no data is lost. Or, at least, that's the theory. After we moved last year, I set up the NAS and ran all of the status checks. It reported that one drive was still working but starting to have problems. I bought another drive, plugged it in, and set it as a "hot spare" (basically, the system knew about it, but it wasn't being used). I also turned on monthly disk checks. Months passed with no more problems. ...until last Tuesday. On Tuesday night, the system automatically sent us mail to tell us that The troubled disk had finally failed. Since we had a hot spare, it would be used as a replacement disk and our data would be copied to it. When everything was finished, the system would let us k...
2 comments
Read more

Actual Size

I get a lot of questions about Switzerland's size. So, I put together a spreadsheet showing Switzerland's size relative to each US State. You can view the full spreadsheet on Google Sheets , but here are some highlights: The two states that are closest in size to Switzerland are Maryland and West Virginia. Maryland is 61% (about 2/3x) of the size of Switzerland. West Virginia is 151% (about 1 and 1/2x) of the size of Switzerland. Pennsylvania is 281% (about 3x) of the size of Switzerland. One of the nice things about living in a small country is the short distance to the borders. I can be in Germany in an hour. France, Lichtenstein, or Austria in 2 hours, or Italy in 4 hours (less when full service through t he Gotthard Tunnel opens later this year). This weekend, we're going to visit... somewhere, and "do you want to go to Milan or Munich" is about as difficult as "Do you want to go to Columbus or Buffalo?"
2 comments
Read more