I was one of the early backers of Firewalla Purple and backed two of them---one for me & one for my mom's PC so that I won't feel too paranoid when logging in on my accounts using her PC when I visit her. In fact, I even switched her PC to Linux and she has no difficulty using it since she mostly just uses the browser anyway. I'm so pleased with Firewalla that I recently backed their latest Firewalla Gold Plus which I should be getting sometime this December 2022. 😁
I’ve had my Gold Plus for about a week now. Very happy with its performance so far. There’s nothing in its class, or price range, that offers a similar feature set, such as 2.5Gb interfaces. The nearest I saw were the Check Point 6200 & 6400 boxes, which are $18K, and $23K specifically. The only annoyance during setup was I used my iPad to do it, which only uses WiFi, and the setup required an initial Bluetooth connection to the firewall. Because my network wasn’t configured yet, my wireless wasn’t working, so it couldn’t authorise the app. After no luck tethering it to my iPhone for some reason, I think it eventually timed out, and allowed the initial configuration to complete. Something to aware of for new users.
So what 3rd party has independently tested and verified that this device is secure and not another Gateway to China? Don’t get me wrong I love the features on these devices, but I have never seen anyone put the “screws” to the device and actually test it for cyber vulnerabilities. Personally, I think this is needed throughout the industry...random off the shelf testing/certification.
Totally agree with you. There should be independent 3rd parties that test these type of security devices. That said though, Firewalla is based in the US (San Jose, California). Most people that uses Firewalla are also technically savvy. They would thoroughly test Firewalla and check how in functions before introducing it to their main network. But yea I get you. I also hope a competent independent 3rd party test these Firewalla devices.
"Another gateway to China". Well said, and 1000% agree. Tik Tok is prolly the biggest gateway to China, so all the hardware has some catching up to do...
This is true, but also I can't fault them or ding them for that as it falls within 90% of the rest of the products in the industry. Many of those other devices aren't residentially designed either. It allows you to block by region and does work, so want to stop those phone homes? Block China.
What happens to your Firewalla products if the company goes out of business? It's my understanding their hosted services are required to operate the products.
The silence is an answer too.😊 Of course no one wants to be unsolvable but in this times it happens. Most of the time because like any company you don’t extend on other continents, like Europe. Remaining in US, at mercy of US customers, will finally lead to failure.
@@kageofkonoha If Firewalla were to go out of business, the impact on your Firewalla products would depend on several factors: A. Local Functionality: Firewalla devices are designed to operate independently for many of their core functions. This means that basic features like firewall protection, network monitoring, and parental controls would continue to work locally on your network. B. Cloud Services: Some advanced features that rely on cloud services, such as remote access, updates, and certain types of threat intelligence, might be affected. Without the company’s cloud infrastructure, these services could become unavailable. C. Firmware Updates: Future firmware updates and security patches would likely cease. This could eventually lead to vulnerabilities if new threats emerge that the current firmware cannot address. Although the Linux community could address this. D. Community Support: Often, when a company goes out of business, a community of users and developers may continue to support the product through forums, unofficial updates, and shared resources. E. Open Source: Most of the Firewalla software is open source, the community might continue to develop and maintain it independently. The core of Firewalla’s system is based on Linux, which provides a robust and flexible foundation for network and security functions. Additionally, Firewalla uses various open-source tools and libraries to implement features like VPN, intrusion detection, and network monitoring.
this reads like an ad / sponsored video. the problem is you don't provide the caveats to the things that you say the device can do and leads people to believe this is a 100% solution. none of the dns blocking will work for those using dns over https
When using Firewalla with DNS over HTTPS (DoH), you can still implement DNS blocking. 1st, Turn ON DNS over HTTPS. 2nd, Go into DNS rules and block the domains you want to block Note: You can configure Firewalla to use third-party DNS services that support DoH and offer filtering capabilities, such as OpenDNS or CleanBrowsing. Firewalla provides network monitoring tools that can help you track DNS requests. Go to Settings > Network Flow to see detailed traffic logs. Look for DNS traffic patterns and identify any DoH traffic. 3. Create DNS Rules: Block Specific DoH Servers: You can create rules to block known DoH servers if you want to prevent certain DNS over HTTPS traffic. Go to Settings > Rules > Add Rule. Create a rule to block traffic to specific DoH server IP addresses or domains.
I’m about to change my “old” AmplifiHD mesh router and I wanted to try this router. But the price for Europe is outrageous! Until the price will drop at decent level probably I will choose another Amplifi product. It’s a little expensive but at least I can buy it with a credit card.
I am not sure I like Firewalla, reading a lot of complaints in their blogs that they have many CVE's on their hardware but aren't patching it. Wonder where their devices are flashed/built as well (do they have everything manufactured/flashed in China like Cisco and Juniper do?)
There does not appear to be a publicly available comprehensive list of CVEs (Common Vulnerabilities and Exposures) specifically for Firewalla products. Firewalla runs wither Ubuntu 18.04 or 20. While there was one 3 year old comment thread on Firewalla site about CVEs (the dude just did an exact copy paste from a vulnerability scanner result, even if the vulnerabilities were false positives), just because there is a CVE that there are active exploits for it doesn't mean it should be immediately patched. CVEs are rated by a number. Many of the unpatched vulnerabilities for CVEs in 18.04 require shell access to exploit. If a bad actor has shell access on the Firewalla they already have root so what's the point? There were some RCE exploits that weren't applicable to Firewalla because the services were either not installed or not running. And I'd have to question if most people are really targets for local vulnerabilities being exploited anyway. In my experience the Firewalla team has been very proactive with regards to security.
Just got my Firewall purple to keep a techie stalker away from my life streams w ddosing, and away from our home by somehow bypassing express VPN and getting my actual IP. (Yea, I’m sure not streaming might help. Except this guy has been into me LONG before I was streaming. I first blocked him on my flop phone) Stalking 10 years. No more.
Good video, but you mentioned there are not robust parental controls that other devices offer. This is the boat I’m in. What are these caveats and limitations???
Whats your thoughts and advise on the Privacy or Data Residency policy of Firewalla? I am trying to find out the details about my data retention (Cloud, country, location details) Appreciate your Advice. thanks.
Still looking more into it and working with them. I don't use it for any "business use" at this time. It's all personal/home. When I get more info on it, I will create more content on it, whether it's another episode or a series of shorts.
From what I can gather; Firewalla devices process network data locally on the hardware itself. Features like Deep Insight, intrusion detection, and prevention systems operate directly on the Firewalla device. The web interface is hosted on Amazon AWS servers, but no data is stored in permanent storage on these servers. The primary role of the central server is to bridge data from Firewalla boxes to the web interface. When using the web interface, data is dynamically streamed from the Firewalla box. Data is decrypted and stored in memory temporarily. After scanning the QR code to log in, some data may stay in memory for up to 24 hours or until the login expires. Firewalla does not use traditional username/password accounts. Authentication is based on public key/private key encryption, with the private key stored on the user's phone. Firewalla states that they do not send data packets to their servers. The company emphasizes that there is no permanent storage of user data on their end. For more search for: Firewalla MSP: Questions related to privacy and data visibility
As a cybersecurity provider to businesses, I 100% agree with Ross here. I even use the Firewalla Gold at my home, in conjunction with my SIEM sensor. The configuration capability to allow the use of more complex items like layer 3 switches, or SIEM sensors, is amazing. The updates are frequent, succinct and quite well thought out. One can also absolutely not beat the price. The Firewalla Gold also did incredibly well resisting our penetration testing.
@@dodge1629 there is no such thing as a SIEM sensor. So Jason is likely not a 'cybersecurity provider to businesses'. It's just SIEM, which is a Security Information and Event Management system. And if a network device is not compatible with a SIEM, well its probably a 2 dollar device. And Jason is very likely a salesman. SIEM in this context, simply means your running an internal (or external) event logging management server (this doesnt run on a device like a firewalla). The Firewalla is NOT a SIEM server. But it is a network device that can send its event logs to a SIEM server. This is really only useful in businesses that have IT guys that are running an internal SIEM server, and can understand the data being logged.
Lol, nice try. Anyone actually technical will see right through your hogwash, Mr. "Cybersecurity provider". Keep practicing the lingo. Your other comments are really convincing too. If you "even use it at your home", are you suggesting this is an SMB / enterprise solution? Looks rack mountable.. Thanks for the laugh, dude.
@@YerBrwnDogAteMyRabit First, check my picture here and the picture of the video on this channel BEFORE this one. Seem similar? I own a successful MSSP and know of what I speak. Second, is rackmounting an requirement for SMB? I DO use the Firewalla Gold at home along with their beta module for MSPs (which isn't in their documentation anywhere so email them and ask if it exists). When confirmed, how would I know this if I don't use it? Lol.
@@dodge1629 A SIEM SENSOR is a hardware collector that collects at the packet level data both incoming and outgoing. We use SIEM/SOAR sensors at our homes to ensure the SOC has visibility to business traffic. The product is Blueshift XDR.
Instant subscribe, love seeing new techno wizards coming into the UA-cam space. As a long time support person who's recently moved into network administration I love this device and the niche it fills. There's so many products out there and none bring this feature set coupled with the ease of use. Sure we can configure PFSense to do anything we want, but it's difficult to setup due to its configuration options. This device really brings the simplicity that I can actually recommend this to friends who know I'm a phonecall away to explain something, but don't have to spend hours trying to figure out configs.
The Beryl is OpenWRT. Entirely different user experience here. Two things I don't believe the Beryl can do that the Firewalla can (WiFi Relay & Secure Remote Smartphone App). If those things are not important to you, then yes, I agree it makes sense to save money. As a parent, having the convenience of controlling every aspect of your firewall from your iPhone or Android is HUGE.
@@legendsofit Yes, they are full Wi-Fi repeater/wisp, router and Access point, really any config you can possibly think of it can do it. And they support wifi 2.4+5Ghz and for the Slate AX also Wi-Fi 6Ghz. The one i'm using right now, is running as a wifi repeater tapped into hotel wifi. Simultaneously running also as an access point for my internal wifi devices (wifi phone, wifi printer, wifi laptop). If the hotel wifi is down, USB tether my phone and now it pulls internet from my phone - and doesn't use mobile hotspot data. The gl.inets have a smartphone app though i have never used it. I've only used its web interface, its LuCi web interface and cli. The big plus for me with an openwrt device such as the gl.inets besides price, functionality and firewalled throughput, is you can tether your phone and completely bypass your mobile plan's hotspot data. All traffic will count as straight mobile data thru the provider. Openwrt is what you want for these types of devices.
There does not appear to be a local web interface for Firewalla routers. Firewalla has stated that having the UI layer outside of the firewall makes the firewall itself more efficient and secure and allows for faster feature releases and updates compared to updating firmware on individual devices. For basic configuration when internet is down, the mobile app can connect to Firewalla devices via Bluetooth.
This may be a silly question as I'm new to this whole thing. If I connect this directly to my cable internet modem and then connect my ethernet switch to that and then connect my wifi router to my switch as well as all my ethernet wires and outlets to my switch as well. Will my wifi security cameras and all my home automation devices have difficulty connecting to my wifi router??
I believe you would need to put your wireless router into Access Point (AP) mode, that can be done from the admin settings page on the wireless router.
Unless you misplace (like on the floor) your wifi router it will work just fine. Of course, it would be best to place your wireless router in access point only mode and let Firewalla do all the heavy lifting.
I know ignorance is bliss and all. But seriously. It doesn't take long to learn a bit about basic setup and install for PF sense and you might just learn enough to. The thing about custom router software... you have complete control over the device, firmware, packages that do so much more than 1 limited device and... can handle any connection speed you could possibly want. Expansion is the goal and it's expansion without added security risk if configure right. understand...you aren't secure with any all in one device and should have the ability to add or modify things on a deeper level to suite the hole you travel down. You can go to far, understand NO device is secure against a direct attack if it's a hands on threat actor. But... you can create way more restrictions for a threat to trip up. Watch any top UA-cam that talks wifi hacks/pen testing/networking in general. You'll probably shit the bed and then find it fascinating enough to make a hobby out of it if your like me.
I like pfSense and I run them both. There are things Firewalla can do that pfSense cannot though. For home use, it's also very handy to have control of my firewall from my iPhone.
@@eric3434 I'll take a look at it. Always love to look at new products but regardless, I love Firewalla. They've really made a great product. In my line of work, 300 for a firewall that does what this one does is a steal.
@@eric3434 They use the same software as the big router and when I tested the gli, it sucked because it was freezing on me. I really didn't like the way the software was, it seemed to not be working correctly. By the way the firewalla hardware seems to be the same type you can order from AliExpress and make your own routers. This reminds me of a similar one that the pfsense guys used to have but no longer have it. A bit high on the price but seems to do what you need.
@@legendsofit a steal? yah that kind of price for a travel router is absolutely insane. Especially for the firewalled throughput that firewalla is capable of. These are all very simple devices. The gl.inets are openwrt, so anything you could possibly want, theres a module for it. Another benefit that the firewalla is not capable of, is you can fully bypass mobile data charges while tethered with the gl.inets. They are fantastic.
Ubiquiti router is slower by far. Turn on IDS/IPS and you will find out, even on the Dream Machine. Now the top model in the Firewalla line has 10Gb ports AND 10Gb wire analysis. When will Ubiquiti have that, in 2035? Too many problems on Unifi routers, firmware and such. I used to sell and install Ubiquiti products but they've dropped the ball years ago with no clear forward plan and no product. It took me 10 months after a purchase from them to get only 3 Unifi AC Pro access points. When my Unifi 3P router died, I switched to Firewalla, looked in the rearview mirror and said "Bye, Bye, lots of luck".
I connected my purple as the DHCP server and my router/modem in bridge mode. In the first 24 hours alone through geofence etc. it blocked 1000s of flows from mainland china and Russia. Using the build in VPN additionally on my phones and pc’s adds the additional anonymous benefits. Next thing I gotta do is separate all IOT devices into a group. additionally using the Beta user function to build user groups that one can with one click mange very easily. Once all that is done it will be a very rebut system I would recommend to anyone.
Groups is already an established feature since release 1.970 update. The documentation states that when creating a rule, you can choose to apply it to "a device group" among other options. Love my Firewalla Gold Plus, best router I've ever had, even better than Ubiquiti Unifi.
I don't know why people are foaming at the mouth over this thing. There are hundreds of products that do a much better job. What makes Firewalla so damn popular? I don't understand... Is it simply just good marketing? Do they pay you guys to push their toy this hard?
We use the product. I professionally install networks for small business since 1991 and the Firewalla (although not cheap), is the easiest and chock full of features I need for these businesses. I tested one out at home first, though. I use and sell the Gold version although the Purple could work. I had used Ubiquiti previously but they dropped the ball more than once and still have performance/firmware issues I don't want to deal with. If there were hundreds of products that do a much better job, please list 10 of them that ACTUALLY do a better job. In my search, I didn't find those products.
Opnsense and call it a day, this thing is going to start charging monthly fees, theres a lot of info to help protect our kids on reddit alm of this is free
I've been using Firewalla's products for over 2 years now. No monthly fees. I agree that people could implement something on their own that 'could' do some of what this does, but that requires knowledge and time. There are certainly pros and cons for the Firewalla, but I don't see cost as a con here and I am very anti-subscription. It would take a lot of effort to implement and manage capabilities like those Firewalla has developed. How much is your time worth? And there is a team behind it that are constantly pushing out updates at no additional cost. When you also consider the fact that similar hardware for the DIY approach can cost in the range of $150-$350, the realized savings diminishes significantly while the potential for incorrectly implementing it is higher.
As to the content filtering, one can also adjust the DNS server settings to, say, Cloudflare, to get better control of traffic behavior.
OpenDNS and Quad9 are another good choices for DNS.
Does quad9 work with unbound
I was one of the early backers of Firewalla Purple and backed two of them---one for me & one for my mom's PC so that I won't feel too paranoid when logging in on my accounts using her PC when I visit her. In fact, I even switched her PC to Linux and she has no difficulty using it since she mostly just uses the browser anyway.
I'm so pleased with Firewalla that I recently backed their latest Firewalla Gold Plus which I should be getting sometime this December 2022. 😁
Nice. I was too impatient to wait for the Gold Plus. HAHA
I’ve had my Gold Plus for about a week now. Very happy with its performance so far. There’s nothing in its class, or price range, that offers a similar feature set, such as 2.5Gb interfaces. The nearest I saw were the Check Point 6200 & 6400 boxes, which are $18K, and $23K specifically.
The only annoyance during setup was I used my iPad to do it, which only uses WiFi, and the setup required an initial Bluetooth connection to the firewall. Because my network wasn’t configured yet, my wireless wasn’t working, so it couldn’t authorise the app. After no luck tethering it to my iPhone for some reason, I think it eventually timed out, and allowed the initial configuration to complete.
Something to aware of for new users.
Yes, use a phone instead.
So what 3rd party has independently tested and verified that this device is secure and not another Gateway to China? Don’t get me wrong I love the features on these devices, but I have never seen anyone put the “screws” to the device and actually test it for cyber vulnerabilities. Personally, I think this is needed throughout the industry...random off the shelf testing/certification.
Totally agree with you. There should be independent 3rd parties that test these type of security devices. That said though, Firewalla is based in the US (San Jose, California). Most people that uses Firewalla are also technically savvy. They would thoroughly test Firewalla and check how in functions before introducing it to their main network.
But yea I get you. I also hope a competent independent 3rd party test these Firewalla devices.
"Another gateway to China". Well said, and 1000% agree. Tik Tok is prolly the biggest gateway to China, so all the hardware has some catching up to do...
What difference does it make if it's China collecting data on you or the USA?
Compare to what other devices in market that are 3rd party tested and approved?
This is true, but also I can't fault them or ding them for that as it falls within 90% of the rest of the products in the industry. Many of those other devices aren't residentially designed either. It allows you to block by region and does work, so want to stop those phone homes? Block China.
What happens to your Firewalla products if the company goes out of business? It's my understanding their hosted services are required to operate the products.
I've actually asked them that question. I will update when I get a response.
The silence is an answer too.😊 Of course no one wants to be unsolvable but in this times it happens. Most of the time because like any company you don’t extend on other continents, like Europe. Remaining in US, at mercy of US customers, will finally lead to failure.
@@legendsofit Still waiting for an answer.
@@kageofkonoha If Firewalla were to go out of business, the impact on your Firewalla products would depend on several factors:
A. Local Functionality: Firewalla devices are designed to operate independently for many of their core functions. This means that basic features like firewall protection, network monitoring, and parental controls would continue to work locally on your network.
B. Cloud Services: Some advanced features that rely on cloud services, such as remote access, updates, and certain types of threat intelligence, might be affected. Without the company’s cloud infrastructure, these services could become unavailable.
C. Firmware Updates: Future firmware updates and security patches would likely cease. This could eventually lead to vulnerabilities if new threats emerge that the current firmware cannot address. Although the Linux community could address this.
D. Community Support: Often, when a company goes out of business, a community of users and developers may continue to support the product through forums, unofficial updates, and shared resources.
E. Open Source: Most of the Firewalla software is open source, the community might continue to develop and maintain it independently.
The core of Firewalla’s system is based on Linux, which provides a robust and flexible foundation for network and security functions. Additionally, Firewalla uses various open-source tools and libraries to implement features like VPN, intrusion detection, and network monitoring.
I have Netgear Nighthawk AXE7800. Do I yet need this firewall?
I will try one on your recommendation! Which access point to you recommend? Thank you!!!
this reads like an ad / sponsored video.
the problem is you don't provide the caveats to the things that you say the device can do and leads people to believe this is a 100% solution.
none of the dns blocking will work for those using dns over https
When using Firewalla with DNS over HTTPS (DoH), you can still implement DNS blocking.
1st, Turn ON DNS over HTTPS.
2nd, Go into DNS rules and block the domains you want to block
Note: You can configure Firewalla to use third-party DNS services that support DoH and offer filtering capabilities, such as OpenDNS or CleanBrowsing.
Firewalla provides network monitoring tools that can help you track DNS requests.
Go to Settings > Network Flow to see detailed traffic logs.
Look for DNS traffic patterns and identify any DoH traffic.
3. Create DNS Rules:
Block Specific DoH Servers: You can create rules to block known DoH servers if you want to prevent certain DNS over HTTPS traffic.
Go to Settings > Rules > Add Rule.
Create a rule to block traffic to specific DoH server IP addresses or domains.
I’m about to change my “old” AmplifiHD mesh router and I wanted to try this router. But the price for Europe is outrageous! Until the price will drop at decent level probably I will choose another Amplifi product. It’s a little expensive but at least I can buy it with a credit card.
I am not sure I like Firewalla, reading a lot of complaints in their blogs that they have many CVE's on their hardware but aren't patching it. Wonder where their devices are flashed/built as well (do they have everything manufactured/flashed in China like Cisco and Juniper do?)
There does not appear to be a publicly available comprehensive list of CVEs (Common Vulnerabilities and Exposures) specifically for Firewalla products. Firewalla runs wither Ubuntu 18.04 or 20.
While there was one 3 year old comment thread on Firewalla site about CVEs (the dude just did an exact copy paste from a vulnerability scanner result, even if the vulnerabilities were false positives), just because there is a CVE that there are active exploits for it doesn't mean it should be immediately patched.
CVEs are rated by a number. Many of the unpatched vulnerabilities for CVEs in 18.04 require shell access to exploit. If a bad actor has shell access on the Firewalla they already have root so what's the point? There were some RCE exploits that weren't applicable to Firewalla because the services were either not installed or not running.
And I'd have to question if most people are really targets for local vulnerabilities being exploited anyway.
In my experience the Firewalla team has been very proactive with regards to security.
Just got my Firewall purple to keep a techie stalker away from my life streams w ddosing, and away from our home by somehow bypassing express VPN and getting my actual IP. (Yea, I’m sure not streaming might help. Except this guy has been into me LONG before I was streaming. I first blocked him on my flop phone) Stalking 10 years. No more.
Did it work?
Good video, but you mentioned there are not robust parental controls that other devices offer. This is the boat I’m in. What are these caveats and limitations???
Whats your thoughts and advise on the Privacy or Data Residency policy of Firewalla? I am trying to find out the details about my data retention (Cloud, country, location details)
Appreciate your Advice. thanks.
Still looking more into it and working with them. I don't use it for any "business use" at this time. It's all personal/home. When I get more info on it, I will create more content on it, whether it's another episode or a series of shorts.
From what I can gather;
Firewalla devices process network data locally on the hardware itself. Features like Deep Insight, intrusion detection, and prevention systems operate directly on the Firewalla device.
The web interface is hosted on Amazon AWS servers, but no data is stored in permanent storage on these servers. The primary role of the central server is to bridge data from Firewalla boxes to the web interface.
When using the web interface, data is dynamically streamed from the Firewalla box. Data is decrypted and stored in memory temporarily. After scanning the QR code to log in, some data may stay in memory for up to 24 hours or until the login expires.
Firewalla does not use traditional username/password accounts. Authentication is based on public key/private key encryption, with the private key stored on the user's phone.
Firewalla states that they do not send data packets to their servers. The company emphasizes that there is no permanent storage of user data on their end.
For more search for: Firewalla MSP: Questions related to privacy and data visibility
Pretty cool idea but the port speed would kill my 8 Gig fiber connection.
Firewalla Gold Pro comes with 2each 10Gb and 2 each 2.5Gb ports. Routes and INSPECTS traffic at 10Gb speeds.
This video felt like a very long infomercial
As a cybersecurity provider to businesses, I 100% agree with Ross here. I even use the Firewalla Gold at my home, in conjunction with my SIEM sensor. The configuration capability to allow the use of more complex items like layer 3 switches, or SIEM sensors, is amazing. The updates are frequent, succinct and quite well thought out. One can also absolutely not beat the price.
The Firewalla Gold also did incredibly well resisting our penetration testing.
What is your SIEM sensor do you use?
@@dodge1629 there is no such thing as a SIEM sensor. So Jason is likely not a 'cybersecurity provider to businesses'. It's just SIEM, which is a Security Information and Event Management system. And if a network device is not compatible with a SIEM, well its probably a 2 dollar device. And Jason is very likely a salesman.
SIEM in this context, simply means your running an internal (or external) event logging management server (this doesnt run on a device like a firewalla). The Firewalla is NOT a SIEM server. But it is a network device that can send its event logs to a SIEM server. This is really only useful in businesses that have IT guys that are running an internal SIEM server, and can understand the data being logged.
Lol, nice try. Anyone actually technical will see right through your hogwash, Mr. "Cybersecurity provider". Keep practicing the lingo. Your other comments are really convincing too. If you "even use it at your home", are you suggesting this is an SMB / enterprise solution? Looks rack mountable.. Thanks for the laugh, dude.
@@YerBrwnDogAteMyRabit First, check my picture here and the picture of the video on this channel BEFORE this one. Seem similar? I own a successful MSSP and know of what I speak. Second, is rackmounting an requirement for SMB? I DO use the Firewalla Gold at home along with their beta module for MSPs (which isn't in their documentation anywhere so email them and ask if it exists). When confirmed, how would I know this if I don't use it? Lol.
@@dodge1629 A SIEM SENSOR is a hardware collector that collects at the packet level data both incoming and outgoing. We use SIEM/SOAR sensors at our homes to ensure the SOC has visibility to business traffic. The product is Blueshift XDR.
Instant subscribe, love seeing new techno wizards coming into the UA-cam space. As a long time support person who's recently moved into network administration I love this device and the niche it fills. There's so many products out there and none bring this feature set coupled with the ease of use. Sure we can configure PFSense to do anything we want, but it's difficult to setup due to its configuration options. This device really brings the simplicity that I can actually recommend this to friends who know I'm a phonecall away to explain something, but don't have to spend hours trying to figure out configs.
What irons you got in the background?
What are the alternatives to this as that price and being US only (if I’m correct) aren’t appealing to a U.K. based user?
Lol! what a rip! i'd go with a GL.INET Beryl or Slate AX. Smashes the plastic off a Firewalla, and at less than 130.
The Beryl is OpenWRT. Entirely different user experience here. Two things I don't believe the Beryl can do that the Firewalla can (WiFi Relay & Secure Remote Smartphone App). If those things are not important to you, then yes, I agree it makes sense to save money. As a parent, having the convenience of controlling every aspect of your firewall from your iPhone or Android is HUGE.
@@legendsofit Yes, they are full Wi-Fi repeater/wisp, router and Access point, really any config you can possibly think of it can do it. And they support wifi 2.4+5Ghz and for the Slate AX also Wi-Fi 6Ghz. The one i'm using right now, is running as a wifi repeater tapped into hotel wifi. Simultaneously running also as an access point for my internal wifi devices (wifi phone, wifi printer, wifi laptop). If the hotel wifi is down, USB tether my phone and now it pulls internet from my phone - and doesn't use mobile hotspot data.
The gl.inets have a smartphone app though i have never used it. I've only used its web interface, its LuCi web interface and cli.
The big plus for me with an openwrt device such as the gl.inets besides price, functionality and firewalled throughput, is you can tether your phone and completely bypass your mobile plan's hotspot data. All traffic will count as straight mobile data thru the provider.
Openwrt is what you want for these types of devices.
Used it for 3 months & no thanks.
Is there a web interface?
There does not appear to be a local web interface for Firewalla routers. Firewalla has stated that having the UI layer outside of the firewall makes the firewall itself more efficient and secure and allows for faster feature releases and updates compared to updating firmware on individual devices. For basic configuration when internet is down, the mobile app can connect to Firewalla devices via Bluetooth.
Is this better that pfsence?
Different. I use both of them.
good job
virgin media in UK does not allow port forwarding. so that means I cannot use it as vpn server
How about port triggering?
Appreciated. Played too much like an advertisement.
TLDW: Just a drawn-out Infomercial.
If so, it's a very good product. I have already bought 3 of their highest model and it's the best piece of kit for home or small business.
This may be a silly question as I'm new to this whole thing. If I connect this directly to my cable internet modem and then connect my ethernet switch to that and then connect my wifi router to my switch as well as all my ethernet wires and outlets to my switch as well. Will my wifi security cameras and all my home automation devices have difficulty connecting to my wifi router??
I believe you would need to put your wireless router into Access Point (AP) mode, that can be done from the admin settings page on the wireless router.
Unless you misplace (like on the floor) your wifi router it will work just fine. Of course, it would be best to place your wireless router in access point only mode and let Firewalla do all the heavy lifting.
I know ignorance is bliss and all. But seriously. It doesn't take long to learn a bit about basic setup and install for PF sense and you might just learn enough to. The thing about custom router software... you have complete control over the device, firmware, packages that do so much more than 1 limited device and... can handle any connection speed you could possibly want. Expansion is the goal and it's expansion without added security risk if configure right.
understand...you aren't secure with any all in one device and should have the ability to add or modify things on a deeper level to suite the hole you travel down.
You can go to far, understand NO device is secure against a direct attack if it's a hands on threat actor. But... you can create way more restrictions for a threat to trip up.
Watch any top UA-cam that talks wifi hacks/pen testing/networking in general. You'll probably shit the bed and then find it fascinating enough to make a hobby out of it if your like me.
I think I should just get a raspberry pie
I am the 100th subscriber. LOL
More than 300usd seems like hype to me. Great features no doubt, but very pricey... Think you'll be better off with opnsense.
I like pfSense and I run them both. There are things Firewalla can do that pfSense cannot though. For home use, it's also very handy to have control of my firewall from my iPhone.
@@legendsofit You should look at the gl.inet travel routers. Save yourself 80%, and get much more out of the device. Firewalla's a rip
@@eric3434 I'll take a look at it. Always love to look at new products but regardless, I love Firewalla. They've really made a great product. In my line of work, 300 for a firewall that does what this one does is a steal.
@@eric3434 They use the same software as the big router and when I tested the gli, it sucked because it was freezing on me. I really didn't like the way the software was, it seemed to not be working correctly. By the way the firewalla hardware seems to be the same type you can order from AliExpress and make your own routers. This reminds me of a similar one that the pfsense guys used to have but no longer have it. A bit high on the price but seems to do what you need.
@@legendsofit a steal? yah that kind of price for a travel router is absolutely insane. Especially for the firewalled throughput that firewalla is capable of. These are all very simple devices. The gl.inets are openwrt, so anything you could possibly want, theres a module for it. Another benefit that the firewalla is not capable of, is you can fully bypass mobile data charges while tethered with the gl.inets. They are fantastic.
For that price, you could just get a ubiquity router. You lost me at wifi.
Ubiquiti router is slower by far.
Turn on IDS/IPS and you will find out, even on the Dream Machine. Now the top model in the Firewalla line has 10Gb ports AND 10Gb wire analysis. When will Ubiquiti have that, in 2035?
Too many problems on Unifi routers, firmware and such.
I used to sell and install Ubiquiti products but they've dropped the ball years ago with no clear forward plan and no product. It took me 10 months after a purchase from them to get only 3 Unifi AC Pro access points. When my Unifi 3P router died, I switched to Firewalla, looked in the rearview mirror and said "Bye, Bye, lots of luck".
I connected my purple as the DHCP server and my router/modem in bridge mode. In the first 24 hours alone through geofence etc. it blocked 1000s of flows from mainland china and Russia. Using the build in VPN additionally on my phones and pc’s adds the additional anonymous benefits.
Next thing I gotta do is separate all IOT devices into a group. additionally using the Beta user function to build user groups that one can with one click mange very easily. Once all that is done it will be a very rebut system I would recommend to anyone.
Groups is already an established feature since release 1.970 update.
The documentation states that when creating a rule, you can choose to apply it to "a device group" among other options.
Love my Firewalla Gold Plus, best router I've ever had, even better than Ubiquiti Unifi.
Great review... time to review the Gold 🤓
I don't know why people are foaming at the mouth over this thing. There are hundreds of products that do a much better job. What makes Firewalla so damn popular?
I don't understand...
Is it simply just good marketing? Do they pay you guys to push their toy this hard?
We use the product. I professionally install networks for small business since 1991 and the Firewalla (although not cheap), is the easiest and chock full of features I need for these businesses. I tested one out at home first, though. I use and sell the Gold version although the Purple could work.
I had used Ubiquiti previously but they dropped the ball more than once and still have performance/firmware issues I don't want to deal with.
If there were hundreds of products that do a much better job, please list 10 of them that ACTUALLY do a better job.
In my search, I didn't find those products.
Opnsense and call it a day, this thing is going to start charging monthly fees, theres a lot of info to help protect our kids on reddit alm of this is free
I've been using Firewalla's products for over 2 years now. No monthly fees. I agree that people could implement something on their own that 'could' do some of what this does, but that requires knowledge and time. There are certainly pros and cons for the Firewalla, but I don't see cost as a con here and I am very anti-subscription. It would take a lot of effort to implement and manage capabilities like those Firewalla has developed. How much is your time worth? And there is a team behind it that are constantly pushing out updates at no additional cost. When you also consider the fact that similar hardware for the DIY approach can cost in the range of $150-$350, the realized savings diminishes significantly while the potential for incorrectly implementing it is higher.
My router offers all that security and I only paid about $150. I don’t see the benefit of spending the extra money.
First and last video. Your format is very odd… I’ll have to find another demo for this device.
Just another thinly disguised informercial with a bunch of anonymous "experts" singing its praises in the comments section.
It's clear that you live alone sir.
Oh how WRONG you are. 😂
You can select your vpn location in from many services...including opera vpn for free
a promitive device with a firewall for 320+ bucks. Is it really the "best"?
google "firewalla vulnerabilities" Yikes! Not interested in something like this as my edge router/firewall