Advanced domestic network using VLAN segmentation across four isolated subnets: Trusted (192.168.10.0/24) for computers and storage, IoT (192.168.20.0/24) for smart home devices, Security (192.168.30.0/24) for cameras and sensors, and Media (192.168.40.0/24) for entertainment systems. Traffic flows from Internet through Modem/ISP Gateway, Firewall/UTM, Core Router, and L3 Core Switch to four Distribution Switches serving each VLAN independently. The architecture includes centralized DNS/DHCP, VPN Gateway, Pi-hole monitoring, and dual-band Wi-Fi AP for wireless access, enabling granular network isolation and security policies. This design prevents lateral movement between device classes while maintaining unified management through the core infrastructure. Fork and customize this diagram on Diagrams.so to match your specific device inventory and security requirements.