Firewalla Gold - The Gold Standard for Firewalls?
HTML-код
- Опубликовано: 10 май 2021
- The Firewalla Gold is a prosumer or small business firewall with an impressive set of features including ad blocking, traffic shaping, load balancing between two Internet connections, failover between two Internet connections, safe search, a VPN client & a VPN server, Docker, and more! Here is my review.
More info on the Firewalla Gold: geni.us/bK4Y4ef
(Not an affiliate link).
Introduction to Android app development: www.dgitacademy.com
Let Me Explain T-shirt: teespring.com/gary-explains-l...
Twitter: / garyexplains
Instagram: / garyexplains
#garyexplains
It took a few months, but this video introduced me to the world of consumer routers with built-in intrusion detection and prevention systems.
Thanks for he video, it does seem like a very robust solution for someone who doesn’t want to spend hours trying to setup a firewall, and especially taking into account the throughput that you get, and it being fanless which means you can hide it in the comms box next to the ISP modem.
Brilliant and glad to see its avail in Australia also - just purchased one because of this video. Been looking for a device like this that is simple to sue and has the granularity to configure and monitor everything on my network. For a family its great for keeping Teenagers and kids at bay on the internet. Only place in OZ that sells it is LTS Security in Australia is where I got mine from.
Great explanation the setup has been perplexing me as well, I think I had the double NAT issue going on because I couldn't affect my individual devices this video will help.
Brilliant Gary, keep em coming.
I just bought the Firewalla Purple for my home, your video, although for the Gold, is going to help me set up the purple
Was going to buy dream machine pro coming from pfsense and Cisco router. Firewalla Gold is awesome love the anti lockout feature using Bluetooth, easy to setup networks and vlans, statistics are good, ips/ids seems to work nicely and no noise. The web GUI isn’t good I’ve had no issues managing the device via the app in fact it is easy. I love the inbuilt ddns. If your looking at a firewall really consider this device.
Nice timing, I've been looking for alternatives to my pfsense box.
Thanks Garry, I have been looking for something like this.
I bought and setup the firewall gold primarily because of this video. Super well explained, Gary!
Thank you for another excellent video.
Good video. Like all things Internet. Lots of "individualists" saying here they have something cheaper etcetera etcetera.
All in all they forgot :
1 That takes time
2 each individual had to tweak the device one way or another to different specs.
3 everyone had different knowledge and backgrounds
The device is supposed to be convenient without taking all your time.
Suggestions or comments are way better if they compare apples to apples.
Not apples to....pudding.
Garry can you make video on various 2FA methods, best account protection practices ?
Same from me: Yubiko key is a/the most solid solution. Includes a great password manager. If you want to avoid hardware keys at least use Google or Microsoft Authenticator at EVERY place that supports 2FA. Especially if breaking in could cost you money or other troubles. Examples are AWS/Google/Azure cloud VMs or protecting your internet domain or the mail account you use for password resetting (like for your domain. Who has access to your mail account can own your domain/twitter account/…)
Just got the gold plus that is 2.5gigabit. I am going to set it up first behind my router, but will also be trying it as my router.
I own three "Golds" and they work perfectly. Its an amazing firewall that gets updated with great new features. Their customer service and tech support is great.
There is a new Purple one... We need Gary to explain that to us too :)
Other than the simple setup, how is this different from pfsense? Can you set this up from a browser or just from the phone?
Have used the Firewalla Gold and Blue. Love them! Super easy to deploy and manage. Personally, the Gold or Purple are worth the money over the Blue.
I agree and only had it a couple hours now. Giving Unifi the boot.
Holy crap it has docker!!!! That's freaking amazing!
Just got my Gold Plus and installed it, so freaking awesome to be able to go full pipe on my 1.2G internet connection finally!
Literally what I'm here for too 😂 how were your LAN speeds? I'm looking at the 2.5gbe one.
@@konman181great, everything works perfectly
just picked on of these with other bits like POE heaps of stuff on local auction site for 75 bucks, now that i watched this video and checked the price for these, great investment, and honestly i am sick of pfsense too much to muck around with.
Nice review Gary. Curious if you can share what LTE router/bridge (make/model) you are using for your failover WAN connection?
I use a TP-Link Archer MR600 4G+ because it supports Carrier Aggregation.
*GARY!!!*
Good afternoon Professor!
Good afternoon fellow classmates!
Stay safe out there everybody!
MARK!
Nice!
Very underrated
Cute device. At work I work with check point gaia with splunk client.
0.7 seconds, the record holder for fastest intro
I don't think some regular small business owner or home user would know how (or want) to make their own firewall, so this would be handy, you buy it and install it. A custom one also needs maintenance, updates, this probably gets security updates.
Anyways, it also needs a fiber wan port.
I'd like something like this, but I have a box with everything inside it (modem + wifi router that has a separate 1Gbps wifi channel for TV's box, so I don't have any cables between the tv small box and the modem&router&co. thing). Beside the lacking wan fiber connection, this TV channel is probably also a game stopper for me :(
I love this Accent. Are you really British, sir? learning of your channel, i will get your accent the same. thanks a lot.
An overlooked point is if you put a wireless cable modem into "bridge mode", it will connect your Firewalla directly to the internet as expected, but you will lose the wifi portion of your wireless cable modem.
Alot of ISP modems come with wireless capability so in order to keep the wifi you will either buy a new wifi router or access points and attach them to the LAN side of the Firewalla, OR you will not bridge the cable modem at all.
If you don't bridge the cable modem, then, as the video explains, you will automatically have a double NAT network, which is perfectly fine, useable and FAST, unless you need special access from the internet using a VPN or some specific connection.
For home use or very small business uses, I find double NAT helps serve as a non-intentional security hurdle against hackers.
hello gary!!
I love my purple , so good
Thanks. Seems decent. Configuration by phone is sort of a deal breaker for, for me although it seems they have a "beta" web interface. I'm happy with my Netgate 2100 running pfSense, but it's nice to see what else is out there.
Agree, PFsense is superb. use a Qotom i5 8GB RAM with a 120 GB SSD. Long term powerful mini PC that does it all.
Hello Gary, can you make a video on how zero knowledge password managers work? I want to know how does the server authenticate the hashed key if it doesn't save anything. I am talking about Bitwarden here, I checked their security whitepaper but it is not clear and hard to understand.
Try to find an explanation on public key exchange.
I feel like at that price point, the Firewalla Gold should really be compared to the entry level models from Fortinet or Barracuda. Do you know how it holds up against those names?
Worlds easier to setup, use and get useful information from the Firewalla and the throughput is still there.
Over $400 it's a lot. Cheaper alternatives are : Raspberry Pi 4 with OpenWRT, or a SH SFF computer with OPNsense/pfsense.
Indeed... maybe... remind me how you are getting 4x Gigabit Ethernet ports on a Pi again?
@@GaryExplains One is onboard, and another two can be added with USB3.0 to RJ45 gigabit adapters(yes the total is 3 ports instead of 4 but also the price difference is huge). If the ports are the issue, an SFF powered by an i5/i7 can be mounted with a PCI LAN card with 4 gigabit ports and with the onboard one make it to 5 for all of your networking needs and more, at a quarter of the price. I built this setup a couple of years ago with a refurbished SFF i5-4570, 8GB RAM, 128 SSD with OPNsense for around $150.
True, all true. I could also build my own car if I wanted, but I don't. PS. The throughput on the Pi would be terrible. But that isn't the point.
@@GaryExplains It all comes down to budget and know-how.
@@SilviuDimulete As do most things, but convenience is also a big factor.
I love my Firewalla Gold from Day 1. The responsiveness of their support team is second to none. It makes my network administration tasks so much easier. It's not cheap but you get what you pay for.
I had problems to setup my VPN client, the supportteam responded everytime within a day, they sorted it out in a few days because the vpn's i got aren't that popular.
@@boeske1980 I use private VPN and was able to set it up within minutes. 😁
@@jcgoobee problem was that it is required to put in a username. And then my VPN doesn't work, they erased the user in my profiles with remote support. Now everything works great.
@@boeske1980 ah.. got it. Glad they figured it out. Good luck if you had a Ubiquiti box and asked for support like this, your support case might sucked into a blackhole for eternity. :P
@@jcgoobee has using a VPN on this slowed down your internet speed?
Best firewalls come in pairs from two different manufacturers so if one is explioted by a zero day, then the second wont as different supplier.
lol funny joke
The vast majority of Bad Guys won’t burn an 0day on normal humans, they’re reserved for special purposes. That’s akin to sending the SEALS to install a deck.
@@c1ph3rpunk Ah, so aliens?
@@futuresocieties. Kaseya
Firewall of the isp router and behind that the Firewalla as a second line of defense.
Need it work on a web interface really and not a phone application because if they stop making the app the hardware simply becomes junk. Great video Garry but the firewall lacks the most important feature of all a web interface.
There is a web interface but it is still in beta: help.firewalla.com/hc/en-us/articles/360049873154-Does-Firewalla-have-a-web-interface-
@@GaryExplains It does state on the link you provided "The web interface is to complement the mobile interface; You still need a mobile device to log in to this interface."
'You still need a mobile device to log in to this interface'
What if they stop making the hardware? Will the app be junk? 😄
Azure has teached me to hate those damn web interfaces. Slow and buggy.
This is only useful if the modem/router or ONT of your ISP allows to be put in bridge mode. Otherwise you end up with double NAT.
But double NAT at that point doesn't matter. How does that make it not useful?
Have used it like that for years. No problems. Makes a DMZ between those two routers.
Great vidieo, thank you. My ISP requires a VLAN tag on the WAN traffic, do you know if the Firewalla can do this?
If you look at 14:15 you can see that there is a field for VLAN ID when creating a WAN configuration.
I have mine ISP Modem >> ISP router >> firewalla (connected from Lan port from router). It stills monitoring the devices connected to my network. Am I doing this the right way? I gotta tell, then costumer service is not a newbie friendly one. I'd really appreciate if you could advice me! Thanks!
So is firewalla a security program built into hardware?
I love my pfsense firewall walls.
I never see ads.
My cameras cant reach the internet.
Opnsense has nicer interface and is more compatible with uefi only bios.
Good video! You should have mentioned there are other Firewalla's (blue, blue pro, purple and red I think) at the end when you were saying who should buy it.
Nice video... but...
Why the comments on your video "How to crack passwords - Gary Explains" were disabled???
Because it was getting spammed all the time. So I disabled the comments.
Having to access it via a mobile device in order to set it up is a big disadvantage in my opinion. Does it really matter? It depends.. but I would like sth that I'd be able to set up via a regular pc over both a cable connection or wifi.
Very little setup, a few questions is all and they guide you right through. I think the mobile device app is a big plus. I can screw around with the device anytime, even in bed at night and who isn't going to have a mobile device on them?
Does it offer antivirus like some other alternatives? Can the system boot up allows you to boot up to another OS in case this company goes bankrupt?
Been running a variety of firewalls for quite some time. Currently on pfsense, but have used Sophos XG and Untangle as well. Probably going to switch back to Untangle or Sophos XG at some point.
So your phone has to be on the same WiFi and connected by Bluetooth to access the UI? i.e. no cellular admin access at all?
Just connected via Bluetooth, unless you have the optional Wifi dongle/antenna.
If I put a switch between the firewalls gold and the mesh nodes, would the firewalls still be able to monitor?
yes, switches are normally dumb devices that just pass the traffic along.
FWIW, I built my firewall/router with pfsense on a Qotom mini PC with i5 CPU, 4 GB RAM, 64 GB SSD and 4 GB Ethernet ports. My cable modem is configured in bridge mode, so my firewall connects directly to my ISP. My ISP supports IPv6, so I can configure pfsense to provide 256 /64 subnets. Pfsense has similar features to Firewalla, such as traffic shaping and more. I really don't feel the need for using a cell phone to configure a firewall/router, as I have computers handy. It also supports a serial port connection, so you can set up a dial up modem for a back door. That i5 CPU also supports the AES-NI encryption instructions, which can be used for a VPN. I don't believe the Celeron CPU does. Pfsense is built on FreeBSD.
BTW, I have a Ubiquiti Unifi AC Lite access point too.
Good product but why should i prefer this instead of edgerouter er-x that is way more cheaper with same features
90 second WAN failover? I read others say it's a seconds...which one is it?
Does the WAN port support pppoe ? I'm assuming it's just an ethernet port, I need a decent firewall with VDSL WAN port.
Yes the WAN port supports PPPoE, but I haven't tested it.
but why do you need firewall for a video camera ? do the camera move ?
How do you compare this to a ubiquiti UDM pro?
I buy one today
$400 for the same features as my 5 y/o $150 NETGEAR router with custom firmware. Although it doesn't have the same mobile app - but all the exact same features, some named differently.
Including load balancing over two Internet connections?
@@GaryExplains Indeed! NETGEAR R8000 with a Tomato firmware, which I modified for a little extra kick. This kick is larger hash tables (got more memory than a usual R8000) and then the redundancy using one LAN port for fail-over / load balancing. Works like a charm - although uses way more power than a modern age router.
@@Lexitivium interesting indeed.
@@GaryExplains Don't get me wrong. The Firewalla is one nice little device, that could look good beside my fiber box. But I think the features - although nice - doesn't quite justify the pricetag. My son just said: "Dad, that's just a Raspberry Pi with multiple RJ45". "Well, my son. You still got a bit to learn" ;-)
Hello Gary, I use pfSense for that, had an old Intel built machine with dual core and I installed pfSense and I have the same function. Just cost conscious.
If I have an unmanaged switch, where should I connect it Please help?. Thank you in advance. Is it between Gold and AP (Mesh network)?.
This page has very clear instructions for the different scenarios help.firewalla.com/hc/en-us/articles/360046669734-Firewalla-Gold-Tutorial-Installation
Nice bit of hardware, but I think at that price I would rather use one of the free UTM distributions like 'untangle' and run it on an old pc . I haVe an old pentium 4 2.8ghz 4gb with 2 on board GB NiCs and 2 100mhz PCI cArds. Runs untangle from an 80gb SSD on trouble.
Like those who fix their own car rather than taking it to a garage, there are always other options.
I need to access geo-restricted sites in the US while outside the US. Would this work?
You need a VPN, not a firewall.
You mean you can't manage it through console or http? only through phone via Bluetooth?
You can SSH into it, or use a browser or whatever phone or tablet you have using an app.
Bluetooth is only for first time startup for initial options so the device can mesh into your network. Otherwise, Bluetooth is only used as a No-Lockout feature in case you somehow lock yourself out.
I dont see how that can happen via the routers UI.
I'm never going to configure a firewall through a phone app....
The thing I think it is missing is a higher speed WAN port considering it's not cheap. Also, having to configure it via a not so smart phone is a deal breaker for me. It needs to have a web based admin console. No thanks, I'll pass.
2.5Gb is not fast enough on the WAN?? You don't have to use a smart phone, use a larger tablet. You can SSH into it via a web browser or whatever.
wpuld modem then firewire to a switch work
Are these multi gig ports? I currently have 2.5gb and 1GB isps. If I link aggregate both, do I get 3GB? Yes, I got 10gb, and 2.5gb computers.
No. Computers don't work that way.
Firewalla has a lot of vulnerabitlies on their devices - read many blogs about it - so not sure if i would want something like this.
Zero issues and i have five of them if i include travel routers i use them on. Constantly getting updated. But hey different strokes for different folks.
The hacked pipeline guys should have got one of these.
😂
Hi Gary I'm really interested in firewalla gold since 6 months ago, I'm considering to buy it, but what I'm looking for but I've not still found are the performance with ids and/or ips active, did you know anything about it?
Have you checked FireWalla's website? If they don't show it, then go on to something else.
@@peterfrisch8373 I've tried on their website and the community, the only page that explains the speed limitations sayis something about the blue, red, etc.. and the gold but it doesen't says nothing about the speed in IDS and IPS, here the title of the article
"Firewalla Speed Limitations Explained"
do physicall firewalls slow down internet speeds?
I have 2 Firewalla Gold Plus boxes and i get the full speeds on my internet plans through them. Best purchase i made probably in the last 5-10 years easily.
Gary, from what I have seen there is a disturbing trend of phone apps to configure/control various consumer network gear without recourse to the way you and I are familiar with. Also, oft times with less options for control. Further, I you don't have cell service with data and sufficient bandwidth, then you can't configure your own device. I have extremely poor cell service at my home, but good internet access. This and other devices would not work for me, and likely others as well. I can rail about other devices, some of which I own, but i will spare you.
Seems cool but i prefer Fortinets for that price range
It seems to do all the things DUMA OS + Bitdefender Armor provide.👽
A Lot more than Duma OS, which is only updated on the Net2.
Does this support VLANs?
Good Question. No VLAN support that I know of. Only had it a couple hours now.
Just got this FW Gold Firewalla tech support is terrible. I want to bridge mode this between my modem and Asus x89x router.
So far I have the app and box set up in Bridge mode and it sees devices on my network, but I've got NO internet connection.
Anyone have any suggestions?
I guess you will get a quicker reply if you ask your question directly to Firewalls support or in the Firewalls community.
@@GaryExplains I did and FW support has no helpful answer for the bridge/AP mode/no internet connection configuration that I mentioned.
Oh, very sorry to hear that 😟
@@GaryExplains no worries. Got it worked out myself. Everything's connected. 😊
Why do you the demodulator a modem (modem analog to digital) and not a transceiver (digital to digital) ?
Because people can't keep facts straight, no matter what you tell them.
Same with calling somebody who breaks into your network a "Hacker" instead of a "Cracker", as in safe cracker, or cracking the code.
A hacker is someone who just throws stuff together to make something work, a hack job.
People misuse language as a past time.
Still has intel management engine no good so has hardware backdoor. If it was based on ARM or RISC-V I would buy it.
I thought the ME exploit required physical access to the device.
There is no intel management engine firmware, unlike your PC.
@@x3roxide ME exploit has been patched and required a very specific scenario.
Wait, you HAVE to use it an app through a bluetooth on your phone and stuff? I mean, that's a deal breaker, IMO.
There website says there is a web interface. (Beta)
That's just to start once it's hooked up its no longer needed as you can access it from anywhere via the app.
Again, the Bluetooth startup option is standard anymore and is only used for a couple minutes on the very first installation. A great option if you ask me.
Thereafter, you configure/manage using a tablet, a phone, web browser or SSH.
A pfsense box even for a larger house wouldn't offer a better investment ratio?
If you have the time, expertise and sufficient experience with pfSense, then sure. I don't have the time to spare to build, manage and maintain and custom/hybrid solution. Convenience is an important factor.
@@GaryExplains I have asked this because a few months ago I tried to download and compile the Firewalla code -- I think it was for a Blue or Red box, don't remember right now -- but it didn't work... At the same time I know that I can do this for pfSense -- it would be a pain, but there's always the OPNSense option for this --... And I went trough this rabbit hole because I was looking to buy one of the cheapest box for my mom but I would like to see it first -- specially because I live in Brazil and even the cheapest one would mean a pretty significant investment
If you don't have the budget, then of course making your own solution will be cheaper, but it will take more time. Same for most things in life. Do I fix my own car or take it to a garage?
For people that have wireless routers without AP or bridge mode:
You don't need to use AP or bridge mode. You only need these if you want to use your wireless router's WAN port. You can disable DHCP on the wireless router and connect it using one of the LAN ports. D-Link tech support taught me this before AP and bridge mode existed on their consumer routers.
I think you then get a routing problem.
@@GaryExplains The DHCP on the wireless router tells its clients to request internet traffic from the wireless router. If you disable it and plug the firewall router into a LAN port (as opposed to the WAN port) on the wireless router, the DHCP on the firewall router should take over and tell all the wireless clients on the LAN to request internet traffic from the firewall router.
It's important to disable DHCP on the wireless router before plugging it into the rest of the LAN so it doesn't interfere. It's also important to make sure the wireless router has a different LAN IP and is on the same subnet as the firewall router. I usually take the firewall router LAN IP (eg 192.168.1.1) and add four to the last number (eg 192.168.1.5). This is usually outside the range of IPs that are assigned to clients.
I've successfully done this with a Ubiquiti EdgeRouter and many wireless routers over the years. Now I use AP mode on my Archer AX50, which I still connect through a LAN port.
I think it depends on the router. If it has a dedicated WAN port, some of them only accept DHCP answers over that port. For example, I have a Mikrotik hAP Lite and depending on the configuration you might need to explicitly set DHCP address acquisition to all ports rather than the WAN. Anyway, I tested the setup you suggested using the Mikrotik hAP Lite and as I feared, no internet on client devices connected to its Wi-Fi. The problems seems to be that the router doesn't get a DHCP address from the Firewalla. Moving the cable from the LAN to WAN port fixes it, and then setting it to Bridge mode fixes the double NAT.
@@GaryExplains The wireless router doesn't need a DHCP address for the clients to get internet so long as its wireless is bridged to its LAN ports. I set a static IP for my wireless router so I know where to find it. Microtik has a DHCP snooping option which can block DHCP servers that aren't trusted. I imagine it blocked the Firewalla from giving IP addresses to the clients.
I recommend AP or bridge mode to anyone that has it.
"Rutah" - Explains, Garry
Yes, that is the correct way to say it, as in roulette, routine, and Rousseau.
@@GaryExplains Huh never even thought about that. Good supporting vocab!
As an American, that was something that stood out and called my attention the whole video every time you said.
As I Brit, it is something that stands out to me every time I watch a video from an American 🤦♂️ Aren't we beyond such things yet?
@@GaryExplains umm this is the internet, comments like this are normal. They aren’t meant to make fun or ridicule the person, it’s more of pointing something out that stood out.
Intel cpu. With all it's security flaws. I thought it was something custom made with encryption. Hmm...
now that im using firewalla gold so far i really like it ,but
something i dont know is with its built in blockers such as adblock ,pornblock , face book an more combined with its dns-over-https do i need to keep using some or all of my firefox extensions
iv got ublock origins , privacy badger,LeechBlock NG (for face an others) an AdBlocker Ultimate
with HTTPS Everywhere an while i think they've served me well do i still need the installed with the gold now as my primary router an can i add more to the gold ,are ther any equivalents to anything like privacy badger an https2 an Malwarebytes Browser Guard that can be add to the gold
If I was you, I'd only use Ublock Origin and forgo the rest, except Malwarebytes, but not the browser guard version. Malwarebytes already works in your browser.
Too expensive for what it does. It’s not a UTM firewall so it’s limited to what it can protect.
I haven't found a reasonably priced UTM firewall/security gateway yet. I used to install Ubiquiti but they don't support spam monitoring and availability is horrible. Regardless, I have other solutions for the issues that Firewalla is not meant to address.
Gone are the days when privacy was a thing. Over and done.
Eh?
$438.00
Oh, have to use smart phone, have to have wifi connectivity. So, I can't use this on a wired only LAN. Sorry, that's a deal breaker.
Goodness. Don't need wifi connectivity as it doesn't contain a wifi module unless you buy the optional USB wifi product. It only needs to access a bluetooth phone on first startup for initial basic config, Thereafter, use phone and/or tablet app, any web browser, or SSH into it.
You missed out on a fantastic piece of kit.
*laughs in pihole*
You need a hand getting out of that pihole you're in?
One who can setup this can also spent $50 to buy a raspberry pi 4 (or any other SBC), install FOR FREE anything he/she wants (lots of solutions) and get the same benefits without spending a cent more. The most important yet, free new knowledge and training.
I disagree. The knowledge to setup this isn't the equivalent of creating a custom solution with a Pi or PC. Also, the Pi won't give you the same throughput. Finally, the hassle of setup and maintenance of a custom solution doesn't make it cheaper. If I am busy then I want a complete solution. I could fix my own car but I choose to take it to a garage because I don't have the time. Cheaper isn't just about cash values.
@@GaryExplains I'm sure this is not for every day users who just want to press a button and the magic happens. It's for advanced users and such as any other solution can be acceptable. To fix you car you need equipment costing thousands, to make your own firewall only time, knowledge and a few dollars do the trick. I only agree that not everyone has the time. As for the throughput it's debatable. For me having a VDSL connection acting as bottleneck, throughput is more than enough. If someday I find the money and the ISPs decide that I can also have the "luxury" of a Gbe then maybe I'll need something more advanced. But then again, if and when this happens, some other SBC maybe more suitable. And don't say that only a few have just a poor VDSL. I am watching your channel from Greece. Here 200Mbps Fiber costs nearly 60EUR and are only available in some suburbs. For the rest 90% DSL is the only available solution. I'm sure many other countries in the "developed world" share more or less the same situation.
@@nikolaskallianiotis8622 I was referring to the throughput of the interfaces on the router as it is Gbe for the LAN side and the firewall monitors all the LAN traffic. The LAN side functions are quite advanced.
@@nikolaskallianiotis8622 Nikolas, when I come to Greece, I WISH I could get anything near 200 Mbps. And on Kalymnos, it's extremely painful in many places (like 2 or less Mbps sometimes!!!).
Has the Cosmote coverage improved in Athens?
@@nikolaskallianiotis8622 You might consider taking all that saved money you have lying around from self-building stuff and MOVE to a location with better internet speeds.
Im sorry but my Mikrotik has a lot more features and does not need bluetooth smartphone to access and best of all... and costs quarter of this thing.
Your Mikrotik has any 2.5ghz ethernet ports to communicate with 2.5ghz switches or modems?
Your Mikrotik can process VPN data at 1Gbps and more?
Your Mikrotik has dual Wan ports with fail over?
Your Mikrotik has an ARM quad core CPU?
Your Mikrotik has a fully fleshed out UI with everything done for you?
Your Mikrotik has a No-Lockout Bluetooth option?
Your Mikrotik has an easy Bluetooth first time startup feature?
Your Mikrotik has a phone app, a tablet app, a web browser command interface with charting, and SSH, all able to configure and manage the interface?
Your Mikrotik has IDS?
Your Mikrotik has IPS?
Your Mikrotk has option to auto quarantine new devices until reviewed?
Your Mikrotik has auto updating malware and blocking lists?
Your Mikrotik has easy learning curve?
I could go on and on.
If indeed it has any or most of these features, let me know and I'll switch (to a product I left behind decades ago).
😂
You need some networking experience to full utilize all features for growing network at home or small businesses. Lot of money will be wasted if it’s just plug and play.
Few people utilize all features. And there are less expensive Firewalla for the budget conscious.
Gold users, how's the Wi-Fi range on the Gold? Is it also short range like the Purple?
Lolz 😂
Opnsense firewall is good.
Sadly I don't think IOS or Android are safe from tracking so it looks like I cannot use this device.
I don't want a device on my network that can only be controlled by my cellphone.
Needs my phone and an app to configure? That's not just no, but heeelllll no
Ubiquiti started out like that, Fing too. You can use a tablet too, or SSH into it via a browser.
Great firewall for prosumer and not professional.
sponsor clip, product is very expensive
Eh? Did you miss the point where I explicitly said it wasn't sponsored? 🤦♂️
@@GaryExplains you deleted the comment where i gave you a different device at 1/4 price which beats this thing. if this was not an ad, there was no point to delete a link to specs of a device (not a buy link or and affiliate or anything else)
@@iulius_august I did not delete your comment. More likely RUclips itself marked it as spam. You shouldn't jump to conclusions and then write falsehoods based on those wrong conclusions.
@@GaryExplains fair enough, did not know yt does this. my suggestion was mikrotik hap ac2, which i find covering everything i could ask from it
@@iulius_august Does the ac2 do load balancing?
What I don't like about Firewalla is all their devices are manufactured in China. I believe the firmware is also flashed in China (asked their support to find out). Supply chain attacks are a big problem. I do not think they reflash them or offer coreboot in the USA to save money. For me, I always buy hardware with coreboot bios and toss on ipfire or pfsense. I also run pi-hole on a raspberry pi and configured to block 3 million bad urls that updates these know bad lists weekly. I just don't want to install a FIREWALL to protect my network from being hacked from the same folks who bought it. China hacks the heck out of the USA. Hi Mr. Burglar, I know you keep trying to break into my network, but hey, you are cheaper costs so can you build my home security system so i can use it to protect against burglars including you guys? Just doesn't make sense at all to me. But Cisco/Juniper/etc.. all has their stuff manuafactured in china then everyone scratches their head and tries to figure out how china got into their networks. If they were fully manufactured in the USA though, I would buy it! Seems like a great solution, but way to many backdoors hitting the news lately and just to risky. Yes, everything is made in china (iphone chips, etc..), but, for a edge router, I want that one single device NOT flashed by the chinese.
What county was your phone and PC manufactured in?
Hackers come in ALL nationalities so under your logic, we shouldn't buy anything from anyone? Americans are hacking the Iranians, the Chinese, the Russians and ourselves.
Get a grip.