I currently have several VLANS (management for network devices, iot for smart devices, infra for security cameras and NAS, one for personal devices, anothe for guests, etc.

Currently I’m hosting a game server which is exposed to the outside world and am thinking of adding a couple more similar services.

Is it best practice to put such machines on their own isolated VLAN to minimize their attack surface?

  • Auli
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Reverse Proxy as much as you can so you only have one port, I haven’t found anything I haven’t been able to even Plex, but haven’t done a game server other then minecraft.

    Whitelist Geoip location, use crowdsec

    I haven’t bothered with network segregation I used too but then revaluated and just realized it wasn’t worth it for me.