Or rather: creating VLANS so that the traffic between various devices does not conflict or interfere with one another. In my case I wanted to separate several groups of devices into their own LANs for security and peace of mind.

The various smart devices around the house need to go. Call me paranoid but I don't want most of these devices on my main network where they can see and interact with the main computers on the network. This is mainly smart TV's and such as of right now. That still need to access the internet, but not other devices so they went on their own LAN.

Next was the guest devices. Friends are great, and I don't think any of mine know how to or have the desire to try and get into my network. But you never know who is around or what can happen, so prepare for the worst. Every device that connects to the wifi is now on their own.

Finally I want the servers that are actually letting the internet access them (the host that is hosting this website for example) completely walled off from the rest of my home network. Those are now safely behind the firewall and in their own LAN as well.

The last step after getting everything separated was to let some of them talk to one another. Might seem counter intuitive but my computers on the main network still need to be able to talk to the ones that are on the public facing VLAN. But, not the other way around. So I set up firewall rules that only allows specific contact between machines and networks. Everything else is dropped.

With that, my network is now reasonably secure. I'm sure as I learn more I will be upgrading this setup in the future, so I look forward to that!