We have a small business that uses Comcast as our ISP. They supplied us with a Netgear CG3000DCR Modem. We currently have a static IP address to allow us to remotely view our security camera DVR via port forwarding. We process credit cards thru the same system & have ports open to do so & now we are failing our security scan by our credit card security people (SecureScan). What would be the easiest way to segment our security camera system off of the main LAN but still use the gateway for remote viewing access? Can I just add an additional router to an open LAN port on the modem, change the internal IP to another network & place the DVR on that network? How will that affect port forwarding to the new network?