I am looking to setup a basic surveillance system for my home. I am gonna be running two Imou 'Bullet Lites' Wi-Fi IP cameras in this configuration: IP Cam -> TP-Link PoE Splitter -> TP-Link PoE switch -> ASUS DSL-AC68R. I also plan to use a spare PC I have lying around for it to be a dedicated 'NVR' PC running Blue Iris.
I already understand how to securely access the cameras remotely via OpenVPN which my router natively supports but what I want to find out is how can I secure the surveillance network at home. Do I simply block all the IP cameras from accessing the internet and only use the Blue Iris server? Is there a way I can make an isolated VLAN network for these cameras? (router does not support VLAN it seems).
If I somehow restrict the internet access to these cameras, is it possible for them to still use NTP so the timestamps can still be synced?
I appreciate any answers as you can tell I am quite confused.