Do you have experience with the Cisco SG250X-24P-K9-EU switch?

Before I say something wrong, I will rebuild it again tomorrow and try to take a few screenshots. Then you will have an idea of how it roughly works. You do the VLAN tagging on the switch and define the rules in the controller software.

more then tomorrow or later

Hello,

here are a few screenshots of the interface of the switches, the router (USG), and the controller software, which runs on a separate server for me.
Routing and network creation are done completely zone-based via the controller software.
You can find a few options for configuration in the screenshots.
I assigned the USG to my zone.
On the USG itself, you only establish the WAN connection; here you must work with VLAN ID 7 if you have an FTTH connection from Telekom.
On the switch, you then do the VLAN tagging for the networks you created in the controller software.
Since I only use Ubiquiti products, everything is naturally perfectly compatible with the controller software; unfortunately, I don’t know how it looks with third-party devices.
There is also a very good German-speaking Ubiquiti community; just search for "Ubiquiti Forum" on Google. The official Ubiquiti support is also very good, but completely in English.
Once I had to get several hours of help there after I messed up large parts of the config through a firmware update. Ubiquiti seems to have some catching up to do there; in my experience, updates are not without problems.

The small USG at Ubiquiti is quite old with outdated hardware, sometimes gets very hot, and generally you don't have the freedom that you have with a Sophos/OPNsense/etc. With fast WAN connections, the USG can be the bottleneck depending on the active features. Therefore, I would currently not recommend a small USG. Of course, you have the advantage of managing everything in one management interface. The Edge Switches/Routers are not managed via the Unifi Controller. They have separate management. So there is Unifi and Edge. Both have different interfaces. That does not mean it is bad, just purely for your information that these are two solutions.

Brief addendum, I am using the USG-Pro-4 and have not yet noticed any issues with heat generation or performance limitations.

Therefore, I suspect that Teemoe meant the smaller USG, "Ubiquiti USG".

Brief addendum, I am using the USG-Pro-4 and so far I have not noticed any problems with heat generation or performance limitations.

Therefore, I suspect that Teemoe meant the small USG, "Ubiquiti USG."

Yep exactly, by "small" I meant that. The "larger one" got a refresh, as far as I know.
I believe I remember that "Unifi switch" cannot do imgpv3, the edgeswitches possibly can, including Layer 3 routing.
But it’s best to look up information on that yourself.
There are also the Edge Routers.. Here you definitely have to manually adjust the firewall, with rules for IPs of the IPTV provider -> IPTV box. The router apparently does not recognize anything automatically. With other FWs you have similar problems with, for example, Magenta TV.

that I would solve this personally differently I have already expressed. But the OP might not really be interested in that
And: many roads lead to Rome.

Since IT knowledge (even if in a different area) is present, and the corresponding technical terms have at least been heard of and apparently understood, the "only" thing missing is their implementation.

All the usual buzzwords like KIS or Best Practice / ITIL don’t quite fit a nerdy background in the private sector. It is also allowed to follow the playful instinct without losing sight of the actual goals.

I like it when "KlickiBunti / Windows Server administrators" (and this is certainly not meant derogatory as I would classify myself largely that way!) have deeper network knowledge. That often makes communication between the different IT departments much easier and can only benefit you in professional life

Therefore, and also since the financial investment and thus the risk of a total loss are low: just do it with the switch you yourself have chosen.