What you want is a managed router. These let you do things like deploy custom configurations and create sub + virtual networks. You don't want an airgap, but you want to separate less trusted/more exposed devices to not be able to see all the other devices on your network - primarily if it gets com...