I’m trying to secure my network by placing sensitive computers behind one switch, and everything else behind another one. Which brands are reccomended for security purposes?
Is it a good idea to have a Raspberry Pie as a honey pot with a minimal os install, and setup for easily checking for intruders? How would I do that?
If you don’t know how to install and use a honeypot, don’t. The risk of getting it wrong and compromise the network you want to protect is considerable.
As for protection of your network: that starts with your ISP. Choose one (if you can chose, that is) that blocks access from the web to your IP address by default. That means only traffic originating from your network to the web can trigger a response, not the other way round.
Next hurdle is your router. This too should block unrequested packets by completely ignoring them. Pretty much all home-use routers do this by default, generally commercial/enterprise grade ones do too.
You can use enterprise switches with additional firewall capabilities, but that functionality (determining access to the network) belongs in the router or a dedicated firewall between router and the web. In other words: those expensive enterprise switches contribute little or nothing to the security of your network. Unless those sensitive machines you’ve mentioned should really be in an Intranet, not part of a corporate network.
As for brands: as long as you stick to an A-brand, there’s little distinguishing these switches. In random order: Juniper, Asus, Dell, HP, Cisco/Netgear, Ubiquity, D-Link, Draytek and the list is quite long.
If the switches are on the same L2 network then this won’t actually accomplish anything. If your equipment supports VLAN tagging then it could work, but at that point you could accomplish the same thing with only one switch anyways.
Check out OpenCanary. I would tend to avoid doing stuff like this unless you really know what you are doing though!