How to isolate one machine from the rest of the network?

Good afternoon.

I just formatted my old laptop which my parents will start using to access the internet. The laptop is currently connected via wireless and through the same router I use but for obvious reason I would like to isolate the old laptop from the rest of the network, meaning that if my parents get infected with malware, viruses or whatever, the damage can only be done to their machine and not mine or the whole network.

Can I achieve this with my WRT54GL with Tomato firmware?

Thank you.

 

look for any VLAN options

 

Your scenario is no different from any other network with more than one computer. The only difference here is typically it is a parent worried his or her irresponsible kids are going to infect the parent's machine - or it is a kid not wanting his parents knowing what he is up to!

VLAN will work but that seems pretty extreme for a home network. It is not likely your parents are going to participate in risky practices like visiting illegal gambling or porn sites, or illegal filesharing via P2P and torrents (places and activities known to be major sources of malware). Even if they (or you) do, you still isolate each computer from the others in the same manner.

Like ANY home network, you isolate via a software based firewall (I like Windows Firewall) on each computer, and you control access to each computer via sharing - or in your case, disabling File and Printer sharing. Each computer must have a decent real-time anti-malware solution (I like MSE) and each computer must be kept fully updated and patched.

If you must share data or a printer, I recommend using networked storage and a print server. Both allow all users to access the data and print totally independent of (isolated from) any other computer.