There are two common ways of accessing your home network remotely and securely: a SSH server or VPN server. Both options have various pros and cons as is usually the case when comparing two different things. These technologies provide an encrypted connection which is important for security of your network when you want to have remote access to your network. Encryption alone is not enough to guarantee security. You can easily be communicating with a malicious hacker via an encrypted connection.
Consumer Routers Most everyone should be familiar with the standard consumer-grade wireless router. Many Internet Service Providers lease modems that have a built-in wireless router, which most consumers are likely to use because it is convenient. Other users choose to purchase their own wireless routers to have a better quality wireless router and/or to have more control over their home network. Ideally the router should be placed in a central location in the home.
It is not uncommon for many home networks to utilize an all-in-one network device provided by the users’ Internet Service Provider (ISP). For ease of setup and use, ISPs typically include/lease this equipment by default when users order Internet service. These all-in-one devices are essentially a combination of a modem, router, switch, firewall, and wireless access point. They can also include VOIP (Voice Over IP), home security, and cable TV services.
The concept of defense in depth is nothing new. Militaries use this strategy to slow down the advancement of opposing forces. Rather than try to prevent all advancement of the enemy, sometimes it is enough to slow them down (with hopes that they will surrender or retreat). The same is true with cyber security. Increasing the layers of defense in your network can decrease the likelihood of a full network compromise.
As you may have correctly assumed by the acronym, a Virtual Local Area Network is a network that is not a physical Local Area Network. It is a logical network that is created on physical network infrastructure. Rather than create many physically separated networks with its own hardware, VLANs allow for many separate networks on the same physical hardware. See the following physically separated network without the use of VLANs. Each network can be set to a different subnet on the router: