A VLAN is a way of slicing a single physical network switch into multiple, isolated "virtual" networks. Even though the CCTV cameras and the staff laptops share the same cabling, they cannot "see" or talk to each other unless we explicitly allow it.

1. Security: The "Air-Gap" Effect

In a standard unmanaged network, if a guest connects a laptop to a wall jack, they can potentially see every device on the network—including your Access Control controllers and CCTV recorders.

• The Risk: Most IoT devices (cameras/intercoms) have lightweight security. If one is compromised, a hacker could move "laterally" to your server or accounting PCs.
• Our Solution: By putting security hardware on its own VLAN, we create a digital wall. Even if a guest gets onto your Wi-Fi, your security backbone remains invisible to them.

2. Performance: Preventing "Traffic Jams"

High-resolution 4K cameras generate a constant, massive stream of data.

• The Problem: On a flat network, "broadcast traffic" from cameras can flood the entire system, causing lag on staff computers and buffering during Zoom calls.
• Our Solution: VLANs keep that heavy camera traffic contained. Your staff gets full bandwidth for work, and your cameras get a clear, dedicated lane to the NVR (Network Video Recorder).

3. Compliance: Meeting NDAA and Insurance Standards

Many modern insurance policies and the NDAA (National Defense Authorization Act) require that security infrastructure be logically separated from public-facing networks. VLAN isolation is the industry-standard way to meet these requirements without the massive cost of running two separate sets of physical cabling.

The Kent-ITS Standard: We typically deploy MikroTik or UniFi hardware to manage these VLANs. This allows us to prioritize security traffic (Quality of Service) so that even during peak internet usage, your door entry and alarm signals never drop.

1

Network Audit

Mapping the traffic

We identify all "Guest," "Staff," and "Security" devices to determine how many isolated lanes are required.

2

VLAN Tagging

Logical separation

We assign a unique ID (e.g., VLAN 10 for CCTV, VLAN 20 for Access Control) to the specific ports on your managed switches.

3

Firewall Rule Injection

The 'Gatekeeper'

We program the router to block all traffic between these IDs, only allowing the NVR to talk to the cameras and authorized admin PCs to talk to the software.

4

Bandwidth Reservation

QoS setup

We ensure the Security VLAN is guaranteed enough "pipe" so that video streams never stutter, regardless of how much Netflix is being streamed on the Guest Wi-Fi.

We implement the professional 3-2-1 Backup Strategy for all our residential clients. Relying on a single external hard drive or just "the cloud" is a single point of failure.

To truly protect your data, you need:

• 3 Copies of your data: The original files on your computer, plus two backups.
• 2 Different media types: For example, one backup on a Local NAS (Network Attached Storage) or encrypted external drive, and one in the cloud.
• 1 Copy off-site: If the worst happens to your home (fire/flood/theft), your data stays safe in a secure, encrypted UK-based data center.

The Kent-ITS Standard: We don't just sell you a drive; we set up Automated Syncing. Whether you use a Mac (Time Machine) or Windows, your photos and documents back up in the background without you having to remember to "plug something in."

Standard ISP routers are "all-in-one" devices designed for basic connectivity, not high-performance or security. When you have multiple users, smart home devices, and security cameras all fighting for bandwidth, these consumer-grade boxes often crash or "hang."

We replace or bypass these with a Managed Infrastructure (using professional gear from Zyxel, UniFi, or TP-Link). This gives you:

• Dedicated L2 Managed PoE Switches: We use these to power your cameras and WiFi points directly over the data cable. This centralizes power and allows us to "reboot" a stuck camera remotely without visiting your site.
• Hardware Offloading: Professional Access Points handle dozens of devices simultaneously without slowing down your main PC.
• VLAN Support: Unlike ISP routers, our gear supports proper "Network Isolation" to keep your private data away from guest users or IoT devices.

The Kent-ITS Standard: We select the hardware stack based on your specific environment. Whether it’s the robust simplicity of Zyxel or the seamless ecosystem of UniFi, we ensure your backbone is business-grade.