I’m trying to secure my network by placing sensitive computers behind one switch, and everything else behind another one. Which brands are reccomended for security purposes?
Is it a good idea to have a Raspberry Pie as a honey pot with a minimal os install, and setup for easily checking for intruders? How would I do that?
If you don’t know how to install and use a honeypot, don’t. The risk of getting it wrong and compromise the network you want to protect is considerable.
As for protection of your network: that starts with your ISP. Choose one (if you can chose, that is) that blocks access from the web to your IP address by default. That means only traffic originating from your network to the web can trigger a response, not the other way round.
Next hurdle is your router. This too should block unrequested packets by completely ignoring them. Pretty much all home-use routers do this by default, generally commercial/enterprise grade ones do too.
You can use enterprise switches with additional firewall capabilities, but that functionality (determining access to the network) belongs in the router or a dedicated firewall between router and the web. In other words: those expensive enterprise switches contribute little or nothing to the security of your network. Unless those sensitive machines you’ve mentioned should really be in an Intranet, not part of a corporate network.
As for brands: as long as you stick to an A-brand, there’s little distinguishing these switches. In random order: Juniper, Asus, Dell, HP, Cisco/Netgear, Ubiquity, D-Link, Draytek and the list is quite long.
If the switches are on the same L2 network then this won’t actually accomplish anything. If your equipment supports VLAN tagging then it could work, but at that point you could accomplish the same thing with only one switch anyways.
Check out OpenCanary. I would tend to avoid doing stuff like this unless you really know what you are doing though!
Doing crypto stuff. I want my network to be like fort Knox.
Honeypots exist for security researchers. They don’t help your network security directly in any way.
What are you protecting? Linux servers? Windows? Chromebooks? Do you need to filter outgoing traffic? Do you have a backup plan?
Security through obscurity is your best tool. Intentionally setting up a honeypot would just draw unwanted attention to your network.
Yeah… it might fool the script kiddies, and chances are no one is looking anyway, but best to keep it that way if at all possible.
Honeypots are cool and all, but it’s not really something you do in order to maintain proper security.