The Best Home Security Device Money Can Buy
HTML-код
- Опубликовано: 29 сен 2024
- Season 1 - Episode 3
According to statistics from 2019, the average IoT device gets attacked just 5 minutes after connecting to the internet. More importantly, 98% of all IoT device traffic is unencrypted. This includes thermostats, smart speakers, smart TVs, industrial controller units, medical devices used in surgery...
In this week's episode, I go solo and review what I believe to be the most excellent home security device that your money can buy, the Firewalla Purple and Gold.
this reads like an ad / sponsored video.
the problem is you don't provide the caveats to the things that you say the device can do and leads people to believe this is a 100% solution.
none of the dns blocking will work for those using dns over https
What happens to your Firewalla products if the company goes out of business? It's my understanding their hosted services are required to operate the products.
I've actually asked them that question. I will update when I get a response.
The silence is an answer too.😊 Of course no one wants to be unsolvable but in this times it happens. Most of the time because like any company you don’t extend on other continents, like Europe. Remaining in US, at mercy of US customers, will finally lead to failure.
@@legendsofit Still waiting for an answer.
I was one of the early backers of Firewalla Purple and backed two of them---one for me & one for my mom's PC so that I won't feel too paranoid when logging in on my accounts using her PC when I visit her. In fact, I even switched her PC to Linux and she has no difficulty using it since she mostly just uses the browser anyway.
I'm so pleased with Firewalla that I recently backed their latest Firewalla Gold Plus which I should be getting sometime this December 2022. 😁
Nice. I was too impatient to wait for the Gold Plus. HAHA
As to the content filtering, one can also adjust the DNS server settings to, say, Cloudflare, to get better control of traffic behavior.
OpenDNS and Quad9 are another good choices for DNS.
Does quad9 work with unbound
I am not sure I like Firewalla, reading a lot of complaints in their blogs that they have many CVE's on their hardware but aren't patching it. Wonder where their devices are flashed/built as well (do they have everything manufactured/flashed in China like Cisco and Juniper do?)
Lol! what a rip! i'd go with a GL.INET Beryl or Slate AX. Smashes the plastic off a Firewalla, and at less than 130.
The Beryl is OpenWRT. Entirely different user experience here. Two things I don't believe the Beryl can do that the Firewalla can (WiFi Relay & Secure Remote Smartphone App). If those things are not important to you, then yes, I agree it makes sense to save money. As a parent, having the convenience of controlling every aspect of your firewall from your iPhone or Android is HUGE.
@@legendsofit Yes, they are full Wi-Fi repeater/wisp, router and Access point, really any config you can possibly think of it can do it. And they support wifi 2.4+5Ghz and for the Slate AX also Wi-Fi 6Ghz. The one i'm using right now, is running as a wifi repeater tapped into hotel wifi. Simultaneously running also as an access point for my internal wifi devices (wifi phone, wifi printer, wifi laptop). If the hotel wifi is down, USB tether my phone and now it pulls internet from my phone - and doesn't use mobile hotspot data.
The gl.inets have a smartphone app though i have never used it. I've only used its web interface, its LuCi web interface and cli.
The big plus for me with an openwrt device such as the gl.inets besides price, functionality and firewalled throughput, is you can tether your phone and completely bypass your mobile plan's hotspot data. All traffic will count as straight mobile data thru the provider.
Openwrt is what you want for these types of devices.
Used it for 3 months & no thanks.
TLDW: Just a drawn-out Infomercial.
Just got my Firewall purple to keep a techie stalker away from my life streams w ddosing, and away from our home by somehow bypassing express VPN and getting my actual IP. (Yea, I’m sure not streaming might help. Except this guy has been into me LONG before I was streaming. I first blocked him on my flop phone) Stalking 10 years. No more.
Did it work?
I know ignorance is bliss and all. But seriously. It doesn't take long to learn a bit about basic setup and install for PF sense and you might just learn enough to. The thing about custom router software... you have complete control over the device, firmware, packages that do so much more than 1 limited device and... can handle any connection speed you could possibly want. Expansion is the goal and it's expansion without added security risk if configure right.
understand...you aren't secure with any all in one device and should have the ability to add or modify things on a deeper level to suite the hole you travel down.
You can go to far, understand NO device is secure against a direct attack if it's a hands on threat actor. But... you can create way more restrictions for a threat to trip up.
Watch any top RUclips that talks wifi hacks/pen testing/networking in general. You'll probably shit the bed and then find it fascinating enough to make a hobby out of it if your like me.
This video felt like a very long infomercial
So what 3rd party has independently tested and verified that this device is secure and not another Gateway to China? Don’t get me wrong I love the features on these devices, but I have never seen anyone put the “screws” to the device and actually test it for cyber vulnerabilities. Personally, I think this is needed throughout the industry...random off the shelf testing/certification.
Totally agree with you. There should be independent 3rd parties that test these type of security devices. That said though, Firewalla is based in the US (San Jose, California). Most people that uses Firewalla are also technically savvy. They would thoroughly test Firewalla and check how in functions before introducing it to their main network.
But yea I get you. I also hope a competent independent 3rd party test these Firewalla devices.
"Another gateway to China". Well said, and 1000% agree. Tik Tok is prolly the biggest gateway to China, so all the hardware has some catching up to do...
What difference does it make if it's China collecting data on you or the USA?
Compare to what other devices in market that are 3rd party tested and approved?
This is true, but also I can't fault them or ding them for that as it falls within 90% of the rest of the products in the industry. Many of those other devices aren't residentially designed either. It allows you to block by region and does work, so want to stop those phone homes? Block China.
Whats your thoughts and advise on the Privacy or Data Residency policy of Firewalla? I am trying to find out the details about my data retention (Cloud, country, location details)
Appreciate your Advice. thanks.
Still looking more into it and working with them. I don't use it for any "business use" at this time. It's all personal/home. When I get more info on it, I will create more content on it, whether it's another episode or a series of shorts.
I’m about to change my “old” AmplifiHD mesh router and I wanted to try this router. But the price for Europe is outrageous! Until the price will drop at decent level probably I will choose another Amplifi product. It’s a little expensive but at least I can buy it with a credit card.
Pretty cool idea but the port speed would kill my 8 Gig fiber connection.
I don't know why people are foaming at the mouth over this thing. There are hundreds of products that do a much better job. What makes Firewalla so damn popular?
I don't understand...
Is it simply just good marketing? Do they pay you guys to push their toy this hard?
I’ve had my Gold Plus for about a week now. Very happy with its performance so far. There’s nothing in its class, or price range, that offers a similar feature set, such as 2.5Gb interfaces. The nearest I saw were the Check Point 6200 & 6400 boxes, which are $18K, and $23K specifically.
The only annoyance during setup was I used my iPad to do it, which only uses WiFi, and the setup required an initial Bluetooth connection to the firewall. Because my network wasn’t configured yet, my wireless wasn’t working, so it couldn’t authorise the app. After no luck tethering it to my iPhone for some reason, I think it eventually timed out, and allowed the initial configuration to complete.
Something to aware of for new users.
Good video, but you mentioned there are not robust parental controls that other devices offer. This is the boat I’m in. What are these caveats and limitations???
My router offers all that security and I only paid about $150. I don’t see the benefit of spending the extra money.
For that price, you could just get a ubiquity router. You lost me at wifi.
What are the alternatives to this as that price and being US only (if I’m correct) aren’t appealing to a U.K. based user?
virgin media in UK does not allow port forwarding. so that means I cannot use it as vpn server
Is there a web interface?
I will try one on your recommendation! Which access point to you recommend? Thank you!!!
You can select your vpn location in from many services...including opera vpn for free
Opnsense and call it a day, this thing is going to start charging monthly fees, theres a lot of info to help protect our kids on reddit alm of this is free
I've been using Firewalla's products for over 2 years now. No monthly fees. I agree that people could implement something on their own that 'could' do some of what this does, but that requires knowledge and time. There are certainly pros and cons for the Firewalla, but I don't see cost as a con here and I am very anti-subscription. It would take a lot of effort to implement and manage capabilities like those Firewalla has developed. How much is your time worth? And there is a team behind it that are constantly pushing out updates at no additional cost. When you also consider the fact that similar hardware for the DIY approach can cost in the range of $150-$350, the realized savings diminishes significantly while the potential for incorrectly implementing it is higher.
Is this better that pfsence?
Different. I use both of them.
good job
I think I should just get a raspberry pie
What irons you got in the background?
I am the 100th subscriber. LOL
As a cybersecurity provider to businesses, I 100% agree with Ross here. I even use the Firewalla Gold at my home, in conjunction with my SIEM sensor. The configuration capability to allow the use of more complex items like layer 3 switches, or SIEM sensors, is amazing. The updates are frequent, succinct and quite well thought out. One can also absolutely not beat the price.
The Firewalla Gold also did incredibly well resisting our penetration testing.
What is your SIEM sensor do you use?
@@dodge1629 there is no such thing as a SIEM sensor. So Jason is likely not a 'cybersecurity provider to businesses'. It's just SIEM, which is a Security Information and Event Management system. And if a network device is not compatible with a SIEM, well its probably a 2 dollar device. And Jason is very likely a salesman.
SIEM in this context, simply means your running an internal (or external) event logging management server (this doesnt run on a device like a firewalla). The Firewalla is NOT a SIEM server. But it is a network device that can send its event logs to a SIEM server. This is really only useful in businesses that have IT guys that are running an internal SIEM server, and can understand the data being logged.
Lol, nice try. Anyone actually technical will see right through your hogwash, Mr. "Cybersecurity provider". Keep practicing the lingo. Your other comments are really convincing too. If you "even use it at your home", are you suggesting this is an SMB / enterprise solution? Looks rack mountable.. Thanks for the laugh, dude.
@@YerBrwnDogAteMyRabit First, check my picture here and the picture of the video on this channel BEFORE this one. Seem similar? I own a successful MSSP and know of what I speak. Second, is rackmounting an requirement for SMB? I DO use the Firewalla Gold at home along with their beta module for MSPs (which isn't in their documentation anywhere so email them and ask if it exists). When confirmed, how would I know this if I don't use it? Lol.
@@dodge1629 A SIEM SENSOR is a hardware collector that collects at the packet level data both incoming and outgoing. We use SIEM/SOAR sensors at our homes to ensure the SOC has visibility to business traffic. The product is Blueshift XDR.
This may be a silly question as I'm new to this whole thing. If I connect this directly to my cable internet modem and then connect my ethernet switch to that and then connect my wifi router to my switch as well as all my ethernet wires and outlets to my switch as well. Will my wifi security cameras and all my home automation devices have difficulty connecting to my wifi router??
I believe you would need to put your wireless router into Access Point (AP) mode, that can be done from the admin settings page on the wireless router.
More than 300usd seems like hype to me. Great features no doubt, but very pricey... Think you'll be better off with opnsense.
I like pfSense and I run them both. There are things Firewalla can do that pfSense cannot though. For home use, it's also very handy to have control of my firewall from my iPhone.
@@legendsofit You should look at the gl.inet travel routers. Save yourself 80%, and get much more out of the device. Firewalla's a rip
@@eric3434 I'll take a look at it. Always love to look at new products but regardless, I love Firewalla. They've really made a great product. In my line of work, 300 for a firewall that does what this one does is a steal.
@@eric3434 They use the same software as the big router and when I tested the gli, it sucked because it was freezing on me. I really didn't like the way the software was, it seemed to not be working correctly. By the way the firewalla hardware seems to be the same type you can order from AliExpress and make your own routers. This reminds me of a similar one that the pfsense guys used to have but no longer have it. A bit high on the price but seems to do what you need.
@@legendsofit a steal? yah that kind of price for a travel router is absolutely insane. Especially for the firewalled throughput that firewalla is capable of. These are all very simple devices. The gl.inets are openwrt, so anything you could possibly want, theres a module for it. Another benefit that the firewalla is not capable of, is you can fully bypass mobile data charges while tethered with the gl.inets. They are fantastic.
Instant subscribe, love seeing new techno wizards coming into the RUclips space. As a long time support person who's recently moved into network administration I love this device and the niche it fills. There's so many products out there and none bring this feature set coupled with the ease of use. Sure we can configure PFSense to do anything we want, but it's difficult to setup due to its configuration options. This device really brings the simplicity that I can actually recommend this to friends who know I'm a phonecall away to explain something, but don't have to spend hours trying to figure out configs.
Just another thinly disguised informercial with a bunch of anonymous "experts" singing its praises in the comments section.
First and last video. Your format is very odd… I’ll have to find another demo for this device.
Great review... time to review the Gold 🤓
I connected my purple as the DHCP server and my router/modem in bridge mode. In the first 24 hours alone through geofence etc. it blocked 1000s of flows from mainland china and Russia. Using the build in VPN additionally on my phones and pc’s adds the additional anonymous benefits.
Next thing I gotta do is separate all IOT devices into a group. additionally using the Beta user function to build user groups that one can with one click mange very easily. Once all that is done it will be a very rebut system I would recommend to anyone.
It's clear that you live alone sir.
Oh how WRONG you are. 😂
a promitive device with a firewall for 320+ bucks. Is it really the "best"?
google "firewalla vulnerabilities" Yikes! Not interested in something like this as my edge router/firewall