Jail advice required

[Jayos]

I don't think this is a complex area but would really appreciate some advice in layman terms. I have tried searching but to no avail.
I am pretty good technically with setup and configuring, but my network knowledge is limited.

I have been using FreeNAS/TrueNAS for years as a file storage solution and also have unifi Network setup in a jail which is all working perfectly.
I am looking to host a few websites which are currently on a completely different server and different subnet to my internal network. My question is about security, if I host a site from a Jail on the same TrueNAS box as my internal storage. My concern is risk and if it possible to access my internal network and associated storage as all on the same subnet.
What are the options to adopt for best practice? and how should I avoid any risk?
or am I overthinking as a jail will provide the separation required?

If anyone has some good links to info I'd also be grateful

 

[Jayos]

*Bump
Could anyone point me in the right direction?

 

[jgreco]

Jails are limited in the amount of separation that they can guarantee from the host system. At the end of the day, you are using the same kernel as the host system. There is some mild risk involved that a rogue process within a jail could impact the host system.

The networking issue should be handled by creating a separate network, whether by use of physical or virtual LAN (vlan). This creates a fairly strong delineation between your networks, and by proper firewalling you can control what is allowed to happen.