A
guest network is a separate VLAN for untrusted devices — visitors, personal devices, IoT — isolated from the corporate network. Provides internet access without internal access.
Guest networks prevent BYOD and visitor devices from reaching internal systems. IoT devices should be on a similar isolated VLAN. Network segmentation via VLANs is the implementation mechanism.