what else can i do to secure my network? any advice or tips

[Dr Ian]

Excuse my ignorance, but why the use of stunnel if you can VPN into the system remotely? Couldn't you drop stunnel and use the more secure VPN connection as your sole means of accessing the network?

the idea of using stunnel is to ;
1) make it transparent for other users. Ie teenagers, wife etc
2) vpn makes it look like I’m on home network, so geofencing in BI. Gives errors

 

[Bitslizer]

For typical home setup, the VLAN while a good suggestion, seems over-complicated. an (slightly less secure) alternate is just to use most router's built in parental control to block the cameras from the internet that will also take care of the generic/common gateway issue. The "slightly less secure" reference is... if you have device with internet access that's also compromised, technically the malware can leverage those as gateway, but at that point malware on your camera is the least of your worry

 

[viktorlovisa]

You people are amazing. Thanks for the advice.