Category: Smart Home

Creating a secure Home/Guest/IOT Wifi environment with Ubiquiti

As many of my friends and colleagues will know, I am a big fan of Smart Home/IOT technology – plugs, lights, sensors, cameras… I like automating things around the house – partly for security reasons, partly for reasons of making my life easier, but mostly because I enjoy working with technology! 🙂

However, I am well aware of the security implications of Smart Technology – and in particular the risks associated with placing devices onto a home network, where devices with personal information are regularly used.

In this post I’ll give an overview of how I am securing my network – with minimal effort… (All of this can be configured in under 10 minutes)

I’m using the awesome Ubiquiti Unifi nanoHD APs:

Ubiquiti equipment and software is AWESOME, especially if you want effective and easy to use control over your network, without having to use complex configuration scripts or a confusing GUI. There are a few things you can do to secure Smart Technology items, and also to create a secure environment for Guest Users, Children, and anyone/anything else you may wish to restrict in some way. The key features that help here are:

  • Separate Wireless Networks – I have a Wireless Network setup for my own devices, another for Smart Tech items, and another for Guest Users – these are best off separated and kept apart! (These are all broadcast from the same AP too – with no need for extra hardware)
  • Time based Wireless Network access – this is more for those with children, whereby you can have a Wireless Network that is available only between certain times.
  • Throughput Control – this allows a Network to be restricted to a specified total bandwidth throughput. Useful for ensuring one device/user/network does not overload your internet connection
  • IP range restrictions – this allows devices on specific Networks to be restricted when trying to access certain IP ranges or addresses. This is great for Guest networks – and can be used to ensure those Guest users can only access the internet for example. Many Smart Tech devices also require only internet access, with no need for them to communicate with other items on your network.

Configuration of all of the above is extremely simply using the Ubiquiti Controller – I’m running this on my own server, but the Cloud Keys are worth a look if you don’t have this option or want a dedicated device. Thankfully all of the above is just a few clicks in the Controller interface too – no need for any configuration, cabling, or code!

Separate SSIDs

This is very easy to setup – from the settings interface, browse to Wifi Networks, and then create the networks you require:

Ensure that for any IOT or Guest Networks you mark these as Guest Networks – as the security restrictions (IP based) then apply:

Time based SSID access

Again, this is a breeze to setup – on the SSID you want to restrict select, Edit (shown below):

You can then control the time on a schedule:

This setting is probably more for those with children who’s access they are trying to limit – unless you have devices you don’t want online at certain times.

Throughput Control

Throughput control is based on creating User Groups – with a throughput limit assigned to the Group. I have the following Groups setup:

Personally I think I am quite generous with my Guest users…

Next – we need to associate the Groups with a Wireless Network, so that the bandwidth restrictions are applied to that Network. To do this, go back and edit the Wireless Network:

Within the User Group section – select the required Group:

Now your Wireless Network has a configured throughput limit!

IP Restrictions

These are also very easy to setup, browse to the Guest Control section of the Settings Menu – and then add any IP ranges or addresses you want to prevent Guest Users (any Wireless Network marked as Guest) accessing:

I’ve left this default – any private address is restricted – so my Guest Users and IOT Devices can only access the internet, and are prevented from accessing anything else on my networks.

Hope this helps – until next time!

Smart Home tinkering – Using Stringify, Nest Cameras, and TP-Link Plugs to simulate house activity based on camera detections

First of all – Happy New Year, I hope 2019 is already going great for you!

This write up focuses on the use and integration of three things; Nest Cameras, TP-Link Smart Plugs and Lights, and Stringify (a tool that allows the creation of IOT Flows). The combination of all three provides a powerful way to create security routines and outcomes based on various triggers. I should point out, I’m fairly wary of the security implications of IOT devices in general, so for me I like to see them as a way to augment, rather than replace, traditional security products.

In this article I am going to demonstrate an integration routine I have setup recently:

  • When my Nest Camera(s) detect a person between the hours of 2300 and 0600, a Stringify Flow runs, which turns on lights in correct order to simulate a person coming downstairs. The routine then waits for a time period, and turns the lights off in the reverse order, to simulate a person going back upstairs. Finally, a push notification is sent out that provides an alert that the Flow has been run to a mobile phone.

To create this type of setup you need three things:

  • Cameras – I am using the Nest Outdoor Cameras
  • Smart Lighting/Plugs – I am using TP-Link Products, both plugs and bulbs
  • An IOT Tool to link the triggers to actions – I am using Stringify

It’s worth noting that you could use a number of different tools to achieve the same result – for example IFTTT works in a similar way to Stringify, and there are lots of IOT Camera and Lighting products out there.

So – how do we set this up?

To start – we need some cameras, here’s one of my Nest Cameras:

I have a few of these setup around the house – so pretty much anyone near the house is picked up by the cameras. Next, we need some smart lighting to allow for the lighting to come on. For this I have two products in use; TP- Link Smart Plugs and TP-Link Smart Bulbs.

Next, we need to create a Stringify Account – to do this you need to download the app for your device and sign up. Once completed you can create Flows and add Things, which are, in brief:

  • Flows – sequences of events/actions that are run by triggers we define
  • Things – these are the IOT devices we have added to our account

Before we can create a sequence, we need to add Things to our account – which is done by tapping on the + sign:

Next we can add accounts for our various smart devices – this will vary depending on what devices you are using, but for me it was just a case of adding my Nest and TP-Link accounts:

Once this is done, the devices/accounts show up in the home screen within Stringify:

We’re now good to go and can setup our first Flow. To do this, we need to open the Stringify App, and click on “Flows”, and then on the + symbol to create a new flow:

From here, we can start to build out a Flow. Here’s an overview of a completed Flow to give you an idea – we can then drill down into the building blocks that form this Flow:

As you can see – the Flow mainly comprises timers, and light actions (turning a light on or off). We can break this Flow down into 5 main sections:

Essentially the above Flow can be broken down into a few key elements:

  1. A trigger – or in this case, a trigger and a time variable. Both must be met for the sequence to run. In my case, it is that the Nest Camera must detect a person (not just activity – the ability to determine a person or just motion is a feature of the Nest cameras), and the time must be between 2300 and 0600. Unless both conditions are met the sequence won’t progress any further.
  2. The “Person coming down the stairs” sequence – this is just lights and timers that wait for time periods before kicking off the next light. So the first light comes on, then the sequence waits, and then the next light comes on, and waits, and so on…
  3. A wait – purely to act as a waiting time before the next element runs – effectively to simulate a person being downstairs doing something.
  4. The “Person going upstairs” sequence – again this is just lights and timers, so it simulates the lights going off as if someone was going upstairs. Exactly the same as element 2 but in reverse.
  5. This is the final element, AKA letting me know – a push notification, so my phone is alerted that the sequence has been run. This is a useful step as it allows me to be alerted to the fact that the sequence has run (so I have awareness) , and also to see what caused the sequence to run (I can make sure it was a legitimate activation and there is no cause for concern).

Using an automation sequence like this is great way to turn smart home products into a smart security feature. There are loads more possibilities you can create with Stringify too – for example, a few other things you could do with this sequence alone:

  • Integrate this sequence with other smart home products – for example using SmartThings you can connect to Siren/Strobe devices to trigger an alarm. For example if a person is spotted in your garden between a certain time range. All house lights come on and a siren going off is a good deterrent too, and certainly attracts attention!
  • Integrate this sequence with an Amazon Echo – for example “Alexa, I am leaving for work” turns off lights, but should a person be detected outside a radio starts playing inside, and a light comes on – to simulate someone being at home. Or turns lights on and off randomly during darker hours.

Or you could use a sequence like this to trigger smart home items during a danger scenario – for example, if Smoke is detected (via something like Nest Protect) then all house lights come on, regardless of the time of the day, and anything like a TV or Radio connected to a smart plug turns off. (So the only noise heard is the smoke alarm).

Hopefully this has been useful and gives an idea of how powerful the integration of these types of devices can be when linked with the right system to automate them. Until next time – thanks for reading! 🙂