Network Redesign Help

Dreamscape

n3wb
Joined
Feb 11, 2021
Messages
22
Reaction score
8
Location
USA
Im currently looking to implement an CCTV network which will consist of around 6 cams and BI machine. I am using this as an opportunity to redesign my home network as well. I have intermediate networking knowledge, but have never setup a network of this size/complexity so I wanted to ensure I was doing it correctly.

My home network currently consists of :
A pfSense router
TP-Link 8 Port Gigabit Switch
Unifi WiFi AP

I purchased this Netgear PoE switch in hopes of using it to manage my different vlans (home, guest, ccvt, iot)

Netgear jgs524pe

Originally I had thought about plugging all of my cams, LAN devices, Wi-Fi AP, etc. Into this switch and then isolating them using VLANs. Is this acceptable practice?

Alternatively, I have two NICs in my BI machine. I've read other posts that suggest adding a POE switch behind one of the BI NICs and then all the cameras plugged into that. The Second BI NiC is the. Plugged into the main switch on it's own VLAN. When would one method be preferred over another?

Thanks for your assistance with this!
 

Dreamscape

n3wb
Joined
Feb 11, 2021
Messages
22
Reaction score
8
Location
USA
Dual NIC is easiest way to achieve full isolation of cameras from WAN.
Thanks, I suppose I could look for an 8-12 port unmanaged POE switch to place behind my BI Cam NIC.

I will follow along to some of the other posts regarding this structure, but it sounds like defining a network at the CAM-NIC level and placing all of the cams on that network. Then the second BI NIC I can plug into my larger, centralized, switch and make it available to whatever LAN networks via VLANs? It seems like with that setup it would prevent the cams from communicating outside of their isolated network, and still allows me to define access to the BI server itself.

On a different aspect of this setup - my Unifi AP - I was planning on plugging that into my central switch and then falling back on it's Unifi controller and pfSense to configure it's VLAN(s)? I think this is a straight forward approach but just wanted to confirm.

Thanks for the advice
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,438
Reaction score
47,563
Location
USA
Second the dual NIC. It is by far the simplest and fastest way to isolate the cams.
 
Top