Firewalla Gold - The Gold Standard for Firewalls?

  Рет қаралды 91,993

Gary Explains

Gary Explains

Күн бұрын

Пікірлер: 289
@Henfredemars
@Henfredemars 3 жыл бұрын
It took a few months, but this video introduced me to the world of consumer routers with built-in intrusion detection and prevention systems.
@Black_Kakari
@Black_Kakari 2 жыл бұрын
I just bought the Firewalla Purple for my home, your video, although for the Gold, is going to help me set up the purple
@leonardobehrens1204
@leonardobehrens1204 3 жыл бұрын
Good video. Like all things Internet. Lots of "individualists" saying here they have something cheaper etcetera etcetera. All in all they forgot : 1 That takes time 2 each individual had to tweak the device one way or another to different specs. 3 everyone had different knowledge and backgrounds The device is supposed to be convenient without taking all your time. Suggestions or comments are way better if they compare apples to apples. Not apples to....pudding.
@oscarmvl
@oscarmvl 3 жыл бұрын
Thanks for he video, it does seem like a very robust solution for someone who doesn’t want to spend hours trying to setup a firewall, and especially taking into account the throughput that you get, and it being fanless which means you can hide it in the comms box next to the ISP modem.
@shubhampatil5251
@shubhampatil5251 3 жыл бұрын
Garry can you make video on various 2FA methods, best account protection practices ?
@olafschermann1592
@olafschermann1592 3 жыл бұрын
Same from me: Yubiko key is a/the most solid solution. Includes a great password manager. If you want to avoid hardware keys at least use Google or Microsoft Authenticator at EVERY place that supports 2FA. Especially if breaking in could cost you money or other troubles. Examples are AWS/Google/Azure cloud VMs or protecting your internet domain or the mail account you use for password resetting (like for your domain. Who has access to your mail account can own your domain/twitter account/…)
@rodster1972
@rodster1972 3 жыл бұрын
Brilliant and glad to see its avail in Australia also - just purchased one because of this video. Been looking for a device like this that is simple to sue and has the granularity to configure and monitor everything on my network. For a family its great for keeping Teenagers and kids at bay on the internet. Only place in OZ that sells it is LTS Security in Australia is where I got mine from.
@stalksover8409
@stalksover8409 3 жыл бұрын
Was going to buy dream machine pro coming from pfsense and Cisco router. Firewalla Gold is awesome love the anti lockout feature using Bluetooth, easy to setup networks and vlans, statistics are good, ips/ids seems to work nicely and no noise. The web GUI isn’t good I’ve had no issues managing the device via the app in fact it is easy. I love the inbuilt ddns. If your looking at a firewall really consider this device.
@JoeyBaby47
@JoeyBaby47 3 жыл бұрын
Other than the simple setup, how is this different from pfsense? Can you set this up from a browser or just from the phone?
@AmericanPatriots87
@AmericanPatriots87 3 жыл бұрын
Have used the Firewalla Gold and Blue. Love them! Super easy to deploy and manage. Personally, the Gold or Purple are worth the money over the Blue.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
I agree and only had it a couple hours now. Giving Unifi the boot.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
An overlooked point is if you put a wireless cable modem into "bridge mode", it will connect your Firewalla directly to the internet as expected, but you will lose the wifi portion of your wireless cable modem. Alot of ISP modems come with wireless capability so in order to keep the wifi you will either buy a new wifi router or access points and attach them to the LAN side of the Firewalla, OR you will not bridge the cable modem at all. If you don't bridge the cable modem, then, as the video explains, you will automatically have a double NAT network, which is perfectly fine, useable and FAST, unless you need special access from the internet using a VPN or some specific connection. For home use or very small business uses, I find double NAT helps serve as a non-intentional security hurdle against hackers.
@bamabaso
@bamabaso 3 жыл бұрын
I bought and setup the firewall gold primarily because of this video. Super well explained, Gary!
@gamerzer0004
@gamerzer0004 3 жыл бұрын
I own three "Golds" and they work perfectly. Its an amazing firewall that gets updated with great new features. Their customer service and tech support is great. There is a new Purple one... We need Gary to explain that to us too :)
@knjpollard
@knjpollard 2 жыл бұрын
Just got the gold plus that is 2.5gigabit. I am going to set it up first behind my router, but will also be trying it as my router.
@TheIcarusSystem
@TheIcarusSystem 3 жыл бұрын
Nice timing, I've been looking for alternatives to my pfsense box.
@nahco3994
@nahco3994 2 жыл бұрын
I feel like at that price point, the Firewalla Gold should really be compared to the entry level models from Fortinet or Barracuda. Do you know how it holds up against those names?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Worlds easier to setup, use and get useful information from the Firewalla and the throughput is still there.
@SilviuDimulete
@SilviuDimulete 3 жыл бұрын
Over $400 it's a lot. Cheaper alternatives are : Raspberry Pi 4 with OpenWRT, or a SH SFF computer with OPNsense/pfsense.
@GaryExplains
@GaryExplains 3 жыл бұрын
Indeed... maybe... remind me how you are getting 4x Gigabit Ethernet ports on a Pi again?
@SilviuDimulete
@SilviuDimulete 3 жыл бұрын
@@GaryExplains One is onboard, and another two can be added with USB3.0 to RJ45 gigabit adapters(yes the total is 3 ports instead of 4 but also the price difference is huge). If the ports are the issue, an SFF powered by an i5/i7 can be mounted with a PCI LAN card with 4 gigabit ports and with the onboard one make it to 5 for all of your networking needs and more, at a quarter of the price. I built this setup a couple of years ago with a refurbished SFF i5-4570, 8GB RAM, 128 SSD with OPNsense for around $150.
@GaryExplains
@GaryExplains 3 жыл бұрын
True, all true. I could also build my own car if I wanted, but I don't. PS. The throughput on the Pi would be terrible. But that isn't the point.
@SilviuDimulete
@SilviuDimulete 3 жыл бұрын
@@GaryExplains It all comes down to budget and know-how.
@GaryExplains
@GaryExplains 3 жыл бұрын
@@SilviuDimulete As do most things, but convenience is also a big factor.
@Lilacplayzzzzz
@Lilacplayzzzzz 3 жыл бұрын
just picked on of these with other bits like POE heaps of stuff on local auction site for 75 bucks, now that i watched this video and checked the price for these, great investment, and honestly i am sick of pfsense too much to muck around with.
@mtxpert
@mtxpert Жыл бұрын
Just got my Gold Plus and installed it, so freaking awesome to be able to go full pipe on my 1.2G internet connection finally!
@konman181
@konman181 10 ай бұрын
Literally what I'm here for too 😂 how were your LAN speeds? I'm looking at the 2.5gbe one.
@mtxpert
@mtxpert 10 ай бұрын
@@konman181great, everything works perfectly
@briandsouza7854
@briandsouza7854 3 жыл бұрын
Hello Gary, can you make a video on how zero knowledge password managers work? I want to know how does the server authenticate the hashed key if it doesn't save anything. I am talking about Bitwarden here, I checked their security whitepaper but it is not clear and hard to understand.
@ernstoud
@ernstoud 3 жыл бұрын
Try to find an explanation on public key exchange.
@paulgray1318
@paulgray1318 3 жыл бұрын
Best firewalls come in pairs from two different manufacturers so if one is explioted by a zero day, then the second wont as different supplier.
@SApcGUY
@SApcGUY 3 жыл бұрын
lol funny joke
@c1ph3rpunk
@c1ph3rpunk 3 жыл бұрын
The vast majority of Bad Guys won’t burn an 0day on normal humans, they’re reserved for special purposes. That’s akin to sending the SEALS to install a deck.
@futuresocieties.
@futuresocieties. 3 жыл бұрын
@@c1ph3rpunk Ah, so aliens?
@c1ph3rpunk
@c1ph3rpunk 3 жыл бұрын
@@futuresocieties. Kaseya
@mrcvry
@mrcvry 2 жыл бұрын
Firewall of the isp router and behind that the Firewalla as a second line of defense.
@nickeckemoff7631
@nickeckemoff7631 8 ай бұрын
90 second WAN failover? I read others say it's a seconds...which one is it?
@1MarkKeller
@1MarkKeller 3 жыл бұрын
*GARY!!!* Good afternoon Professor! Good afternoon fellow classmates! Stay safe out there everybody!
@GaryExplains
@GaryExplains 3 жыл бұрын
MARK!
@ImaITman
@ImaITman Жыл бұрын
Holy crap it has docker!!!! That's freaking amazing!
@amateurwizard
@amateurwizard 3 жыл бұрын
0.7 seconds, the record holder for fastest intro
@spaceiswater6539
@spaceiswater6539 3 жыл бұрын
Need it work on a web interface really and not a phone application because if they stop making the app the hardware simply becomes junk. Great video Garry but the firewall lacks the most important feature of all a web interface.
@GaryExplains
@GaryExplains 3 жыл бұрын
There is a web interface but it is still in beta: help.firewalla.com/hc/en-us/articles/360049873154-Does-Firewalla-have-a-web-interface-
@spaceiswater6539
@spaceiswater6539 3 жыл бұрын
@@GaryExplains It does state on the link you provided "The web interface is to complement the mobile interface; You still need a mobile device to log in to this interface." 'You still need a mobile device to log in to this interface'
@mrcvry
@mrcvry 2 жыл бұрын
What if they stop making the hardware? Will the app be junk? 😄 Azure has teached me to hate those damn web interfaces. Slow and buggy.
@raphaelgman9265
@raphaelgman9265 2 жыл бұрын
Great explanation the setup has been perplexing me as well, I think I had the double NAT issue going on because I couldn't affect my individual devices this video will help.
@Stelios.Posantzis
@Stelios.Posantzis 3 жыл бұрын
Having to access it via a mobile device in order to set it up is a big disadvantage in my opinion. Does it really matter? It depends.. but I would like sth that I'd be able to set up via a regular pc over both a cable connection or wifi.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Very little setup, a few questions is all and they guide you right through. I think the mobile device app is a big plus. I can screw around with the device anytime, even in bed at night and who isn't going to have a mobile device on them?
@ernstoud
@ernstoud 3 жыл бұрын
This is only useful if the modem/router or ONT of your ISP allows to be put in bridge mode. Otherwise you end up with double NAT.
@GaryExplains
@GaryExplains 3 жыл бұрын
But double NAT at that point doesn't matter. How does that make it not useful?
@mrcvry
@mrcvry 2 жыл бұрын
Have used it like that for years. No problems. Makes a DMZ between those two routers.
@SixLowa
@SixLowa 2 жыл бұрын
So is firewalla a security program built into hardware?
@ContraVsGigi
@ContraVsGigi 3 жыл бұрын
I don't think some regular small business owner or home user would know how (or want) to make their own firewall, so this would be handy, you buy it and install it. A custom one also needs maintenance, updates, this probably gets security updates. Anyways, it also needs a fiber wan port. I'd like something like this, but I have a box with everything inside it (modem + wifi router that has a separate 1Gbps wifi channel for TV's box, so I don't have any cables between the tv small box and the modem&router&co. thing). Beside the lacking wan fiber connection, this TV channel is probably also a game stopper for me :(
@danielcookeb90
@danielcookeb90 2 жыл бұрын
Brilliant Gary, keep em coming.
@thomaslemaire1846
@thomaslemaire1846 3 жыл бұрын
Good product but why should i prefer this instead of edgerouter er-x that is way more cheaper with same features
@pierrepaniagua
@pierrepaniagua 2 жыл бұрын
How do you compare this to a ubiquiti UDM pro?
@propacollector3499
@propacollector3499 3 жыл бұрын
wpuld modem then firewire to a switch work
@jcgoobee
@jcgoobee 3 жыл бұрын
I love my Firewalla Gold from Day 1. The responsiveness of their support team is second to none. It makes my network administration tasks so much easier. It's not cheap but you get what you pay for.
@boeske1980
@boeske1980 3 жыл бұрын
I had problems to setup my VPN client, the supportteam responded everytime within a day, they sorted it out in a few days because the vpn's i got aren't that popular.
@jcgoobee
@jcgoobee 3 жыл бұрын
@@boeske1980 I use private VPN and was able to set it up within minutes. 😁
@boeske1980
@boeske1980 3 жыл бұрын
@@jcgoobee problem was that it is required to put in a username. And then my VPN doesn't work, they erased the user in my profiles with remote support. Now everything works great.
@jcgoobee
@jcgoobee 3 жыл бұрын
@@boeske1980 ah.. got it. Glad they figured it out. Good luck if you had a Ubiquiti box and asked for support like this, your support case might sucked into a blackhole for eternity. :P
@gnewt75
@gnewt75 2 жыл бұрын
@@jcgoobee has using a VPN on this slowed down your internet speed?
@lailiag5040
@lailiag5040 2 жыл бұрын
If I put a switch between the firewalls gold and the mesh nodes, would the firewalls still be able to monitor?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
yes, switches are normally dumb devices that just pass the traffic along.
@angelorestrepo
@angelorestrepo 3 жыл бұрын
Does it offer antivirus like some other alternatives? Can the system boot up allows you to boot up to another OS in case this company goes bankrupt?
@IBITZEE
@IBITZEE 3 жыл бұрын
Nice video... but... Why the comments on your video "How to crack passwords - Gary Explains" were disabled???
@GaryExplains
@GaryExplains 3 жыл бұрын
Because it was getting spammed all the time. So I disabled the comments.
@pschulte
@pschulte 3 жыл бұрын
Nice review Gary. Curious if you can share what LTE router/bridge (make/model) you are using for your failover WAN connection?
@GaryExplains
@GaryExplains 3 жыл бұрын
I use a TP-Link Archer MR600 4G+ because it supports Carrier Aggregation.
@temoteocao5906
@temoteocao5906 2 жыл бұрын
You mean you can't manage it through console or http? only through phone via Bluetooth?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
You can SSH into it, or use a browser or whatever phone or tablet you have using an app. Bluetooth is only for first time startup for initial options so the device can mesh into your network. Otherwise, Bluetooth is only used as a No-Lockout feature in case you somehow lock yourself out. I dont see how that can happen via the routers UI.
@Kaelleonm4913
@Kaelleonm4913 9 ай бұрын
do physicall firewalls slow down internet speeds?
@Placesandspaces35
@Placesandspaces35 9 ай бұрын
I have 2 Firewalla Gold Plus boxes and i get the full speeds on my internet plans through them. Best purchase i made probably in the last 5-10 years easily.
@Mombasa2201
@Mombasa2201 2 жыл бұрын
I need to access geo-restricted sites in the US while outside the US. Would this work?
@GaryExplains
@GaryExplains 2 жыл бұрын
You need a VPN, not a firewall.
@James_Knott
@James_Knott 3 жыл бұрын
FWIW, I built my firewall/router with pfsense on a Qotom mini PC with i5 CPU, 4 GB RAM, 64 GB SSD and 4 GB Ethernet ports. My cable modem is configured in bridge mode, so my firewall connects directly to my ISP. My ISP supports IPv6, so I can configure pfsense to provide 256 /64 subnets. Pfsense has similar features to Firewalla, such as traffic shaping and more. I really don't feel the need for using a cell phone to configure a firewall/router, as I have computers handy. It also supports a serial port connection, so you can set up a dial up modem for a back door. That i5 CPU also supports the AES-NI encryption instructions, which can be used for a VPN. I don't believe the Celeron CPU does. Pfsense is built on FreeBSD. BTW, I have a Ubiquiti Unifi AC Lite access point too.
@TLOH7
@TLOH7 3 жыл бұрын
I have mine ISP Modem >> ISP router >> firewalla (connected from Lan port from router). It stills monitoring the devices connected to my network. Am I doing this the right way? I gotta tell, then costumer service is not a newbie friendly one. I'd really appreciate if you could advice me! Thanks!
@dinuguan510
@dinuguan510 2 жыл бұрын
So your phone has to be on the same WiFi and connected by Bluetooth to access the UI? i.e. no cellular admin access at all?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Just connected via Bluetooth, unless you have the optional Wifi dongle/antenna.
@LifeKeysEnglishLanguage
@LifeKeysEnglishLanguage 3 жыл бұрын
I love this Accent. Are you really British, sir? learning of your channel, i will get your accent the same. thanks a lot.
@Flameboar
@Flameboar 3 жыл бұрын
Thank you for another excellent video.
@ISH3000
@ISH3000 3 жыл бұрын
Thanks Garry, I have been looking for something like this.
@lucasdealmeidacarotta3174
@lucasdealmeidacarotta3174 3 жыл бұрын
A pfsense box even for a larger house wouldn't offer a better investment ratio?
@GaryExplains
@GaryExplains 3 жыл бұрын
If you have the time, expertise and sufficient experience with pfSense, then sure. I don't have the time to spare to build, manage and maintain and custom/hybrid solution. Convenience is an important factor.
@lucasdealmeidacarotta3174
@lucasdealmeidacarotta3174 3 жыл бұрын
@@GaryExplains I have asked this because a few months ago I tried to download and compile the Firewalla code -- I think it was for a Blue or Red box, don't remember right now -- but it didn't work... At the same time I know that I can do this for pfSense -- it would be a pain, but there's always the OPNSense option for this --... And I went trough this rabbit hole because I was looking to buy one of the cheapest box for my mom but I would like to see it first -- specially because I live in Brazil and even the cheapest one would mean a pretty significant investment
@GaryExplains
@GaryExplains 3 жыл бұрын
If you don't have the budget, then of course making your own solution will be cheaper, but it will take more time. Same for most things in life. Do I fix my own car or take it to a garage?
@Dorff_Meister
@Dorff_Meister 3 жыл бұрын
Thanks. Seems decent. Configuration by phone is sort of a deal breaker for, for me although it seems they have a "beta" web interface. I'm happy with my Netgate 2100 running pfSense, but it's nice to see what else is out there.
@matldn2697
@matldn2697 2 жыл бұрын
Agree, PFsense is superb. use a Qotom i5 8GB RAM with a 120 GB SSD. Long term powerful mini PC that does it all.
@timothythanop
@timothythanop 3 жыл бұрын
If I have an unmanaged switch, where should I connect it Please help?. Thank you in advance. Is it between Gold and AP (Mesh network)?.
@GaryExplains
@GaryExplains 3 жыл бұрын
This page has very clear instructions for the different scenarios help.firewalla.com/hc/en-us/articles/360046669734-Firewalla-Gold-Tutorial-Installation
@lexitivium
@lexitivium 3 жыл бұрын
$400 for the same features as my 5 y/o $150 NETGEAR router with custom firmware. Although it doesn't have the same mobile app - but all the exact same features, some named differently.
@GaryExplains
@GaryExplains 3 жыл бұрын
Including load balancing over two Internet connections?
@lexitivium
@lexitivium 3 жыл бұрын
@@GaryExplains Indeed! NETGEAR R8000 with a Tomato firmware, which I modified for a little extra kick. This kick is larger hash tables (got more memory than a usual R8000) and then the redundancy using one LAN port for fail-over / load balancing. Works like a charm - although uses way more power than a modern age router.
@GaryExplains
@GaryExplains 3 жыл бұрын
@@lexitivium interesting indeed.
@lexitivium
@lexitivium 3 жыл бұрын
​@@GaryExplains Don't get me wrong. The Firewalla is one nice little device, that could look good beside my fiber box. But I think the features - although nice - doesn't quite justify the pricetag. My son just said: "Dad, that's just a Raspberry Pi with multiple RJ45". "Well, my son. You still got a bit to learn" ;-)
@Jormunguandr
@Jormunguandr 3 жыл бұрын
Cute device. At work I work with check point gaia with splunk client.
@anthonyshort8957
@anthonyshort8957 3 жыл бұрын
Great vidieo, thank you. My ISP requires a VLAN tag on the WAN traffic, do you know if the Firewalla can do this?
@GaryExplains
@GaryExplains 3 жыл бұрын
If you look at 14:15 you can see that there is a field for VLAN ID when creating a WAN configuration.
@acerides1724
@acerides1724 2 жыл бұрын
Are these multi gig ports? I currently have 2.5gb and 1GB isps. If I link aggregate both, do I get 3GB? Yes, I got 10gb, and 2.5gb computers.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
No. Computers don't work that way.
@JamesStrickland1975
@JamesStrickland1975 3 жыл бұрын
Does this support VLANs?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Good Question. No VLAN support that I know of. Only had it a couple hours now.
@patdbean
@patdbean 3 жыл бұрын
Nice bit of hardware, but I think at that price I would rather use one of the free UTM distributions like 'untangle' and run it on an old pc . I haVe an old pentium 4 2.8ghz 4gb with 2 on board GB NiCs and 2 100mhz PCI cArds. Runs untangle from an 80gb SSD on trouble.
@GaryExplains
@GaryExplains 3 жыл бұрын
Like those who fix their own car rather than taking it to a garage, there are always other options.
@ninjarider443
@ninjarider443 Жыл бұрын
Firewalla has a lot of vulnerabitlies on their devices - read many blogs about it - so not sure if i would want something like this.
@Placesandspaces35
@Placesandspaces35 9 ай бұрын
Zero issues and i have five of them if i include travel routers i use them on. Constantly getting updated. But hey different strokes for different folks.
@gnewt75
@gnewt75 2 жыл бұрын
Just got this FW Gold Firewalla tech support is terrible. I want to bridge mode this between my modem and Asus x89x router. So far I have the app and box set up in Bridge mode and it sees devices on my network, but I've got NO internet connection. Anyone have any suggestions?
@GaryExplains
@GaryExplains 2 жыл бұрын
I guess you will get a quicker reply if you ask your question directly to Firewalls support or in the Firewalls community.
@gnewt75
@gnewt75 2 жыл бұрын
@@GaryExplains I did and FW support has no helpful answer for the bridge/AP mode/no internet connection configuration that I mentioned.
@GaryExplains
@GaryExplains 2 жыл бұрын
Oh, very sorry to hear that 😟
@gnewt75
@gnewt75 2 жыл бұрын
@@GaryExplains no worries. Got it worked out myself. Everything's connected. 😊
@DUNCEATRON5000
@DUNCEATRON5000 10 ай бұрын
I love my purple , so good
@Metalheaddox
@Metalheaddox 3 жыл бұрын
Why do you the demodulator a modem (modem analog to digital) and not a transceiver (digital to digital) ?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Because people can't keep facts straight, no matter what you tell them. Same with calling somebody who breaks into your network a "Hacker" instead of a "Cracker", as in safe cracker, or cracking the code. A hacker is someone who just throws stuff together to make something work, a hack job. People misuse language as a past time.
@Obloms
@Obloms 3 жыл бұрын
Wait, you HAVE to use it an app through a bluetooth on your phone and stuff? I mean, that's a deal breaker, IMO.
@jasonk5979
@jasonk5979 3 жыл бұрын
There website says there is a web interface. (Beta)
@glovedcop69
@glovedcop69 3 жыл бұрын
That's just to start once it's hooked up its no longer needed as you can access it from anywhere via the app.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Again, the Bluetooth startup option is standard anymore and is only used for a couple minutes on the very first installation. A great option if you ask me. Thereafter, you configure/manage using a tablet, a phone, web browser or SSH.
@PlanetCypher_
@PlanetCypher_ 3 жыл бұрын
Does the WAN port support pppoe ? I'm assuming it's just an ethernet port, I need a decent firewall with VDSL WAN port.
@GaryExplains
@GaryExplains 3 жыл бұрын
Yes the WAN port supports PPPoE, but I haven't tested it.
@UPsideDOWNworld321
@UPsideDOWNworld321 3 жыл бұрын
but why do you need firewall for a video camera ? do the camera move ?
@lotusflowerrr
@lotusflowerrr 3 жыл бұрын
Very underrated
@peterfrisch8373
@peterfrisch8373 3 жыл бұрын
Gary, from what I have seen there is a disturbing trend of phone apps to configure/control various consumer network gear without recourse to the way you and I are familiar with. Also, oft times with less options for control. Further, I you don't have cell service with data and sufficient bandwidth, then you can't configure your own device. I have extremely poor cell service at my home, but good internet access. This and other devices would not work for me, and likely others as well. I can rail about other devices, some of which I own, but i will spare you.
@highrzr
@highrzr 3 жыл бұрын
The thing I think it is missing is a higher speed WAN port considering it's not cheap. Also, having to configure it via a not so smart phone is a deal breaker for me. It needs to have a web based admin console. No thanks, I'll pass.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
2.5Gb is not fast enough on the WAN?? You don't have to use a smart phone, use a larger tablet. You can SSH into it via a web browser or whatever.
@smile768
@smile768 3 жыл бұрын
The hacked pipeline guys should have got one of these.
@GaryExplains
@GaryExplains 3 жыл бұрын
😂
@jp_manns
@jp_manns 3 жыл бұрын
hello gary!!
@joaopedroalbernaz
@joaopedroalbernaz 3 жыл бұрын
"Rutah" - Explains, Garry
@GaryExplains
@GaryExplains 3 жыл бұрын
Yes, that is the correct way to say it, as in roulette, routine, and Rousseau.
@AP-ir5uz
@AP-ir5uz 3 жыл бұрын
@@GaryExplains Huh never even thought about that. Good supporting vocab!
@joaopedroalbernaz
@joaopedroalbernaz 3 жыл бұрын
As an American, that was something that stood out and called my attention the whole video every time you said.
@GaryExplains
@GaryExplains 3 жыл бұрын
As I Brit, it is something that stands out to me every time I watch a video from an American 🤦‍♂️ Aren't we beyond such things yet?
@VictorVargas_
@VictorVargas_ 3 жыл бұрын
@@GaryExplains umm this is the internet, comments like this are normal. They aren’t meant to make fun or ridicule the person, it’s more of pointing something out that stood out.
@samiam9059
@samiam9059 3 жыл бұрын
I'm never going to configure a firewall through a phone app....
@DREDKNOT2063
@DREDKNOT2063 3 жыл бұрын
now that im using firewalla gold so far i really like it ,but something i dont know is with its built in blockers such as adblock ,pornblock , face book an more combined with its dns-over-https do i need to keep using some or all of my firefox extensions iv got ublock origins , privacy badger,LeechBlock NG (for face an others) an AdBlocker Ultimate with HTTPS Everywhere an while i think they've served me well do i still need the installed with the gold now as my primary router an can i add more to the gold ,are ther any equivalents to anything like privacy badger an https2 an Malwarebytes Browser Guard that can be add to the gold
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
If I was you, I'd only use Ublock Origin and forgo the rest, except Malwarebytes, but not the browser guard version. Malwarebytes already works in your browser.
@spyone7851
@spyone7851 3 жыл бұрын
Hi Gary I'm really interested in firewalla gold since 6 months ago, I'm considering to buy it, but what I'm looking for but I've not still found are the performance with ids and/or ips active, did you know anything about it?
@peterfrisch8373
@peterfrisch8373 3 жыл бұрын
Have you checked FireWalla's website? If they don't show it, then go on to something else.
@spyone7851
@spyone7851 3 жыл бұрын
@@peterfrisch8373 I've tried on their website and the community, the only page that explains the speed limitations sayis something about the blue, red, etc.. and the gold but it doesen't says nothing about the speed in IDS and IPS, here the title of the article "Firewalla Speed Limitations Explained"
@oaksif0
@oaksif0 3 жыл бұрын
Still has intel management engine no good so has hardware backdoor. If it was based on ARM or RISC-V I would buy it.
@x3roxide
@x3roxide 3 жыл бұрын
I thought the ME exploit required physical access to the device.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
There is no intel management engine firmware, unlike your PC.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
@@x3roxide ME exploit has been patched and required a very specific scenario.
@doomedsomehow7114
@doomedsomehow7114 3 жыл бұрын
Seems cool but i prefer Fortinets for that price range
@tonycheung7624
@tonycheung7624 2 жыл бұрын
I buy one today
@dominiquebalabat197
@dominiquebalabat197 Жыл бұрын
Gone are the days when privacy was a thing. Over and done.
@GaryExplains
@GaryExplains Жыл бұрын
Eh?
@rwashi
@rwashi 3 жыл бұрын
Hello Gary, I use pfSense for that, had an old Intel built machine with dual core and I installed pfSense and I have the same function. Just cost conscious.
@HellcatM
@HellcatM 3 жыл бұрын
Good video! You should have mentioned there are other Firewalla's (blue, blue pro, purple and red I think) at the end when you were saying who should buy it.
@DonutsReview
@DonutsReview Жыл бұрын
It seems to do all the things DUMA OS + Bitdefender Armor provide.👽
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
A Lot more than Duma OS, which is only updated on the Net2.
@mikescott4008
@mikescott4008 2 жыл бұрын
Been running a variety of firewalls for quite some time. Currently on pfsense, but have used Sophos XG and Untangle as well. Probably going to switch back to Untangle or Sophos XG at some point.
@dan4315
@dan4315 3 жыл бұрын
Too expensive for what it does. It’s not a UTM firewall so it’s limited to what it can protect.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
I haven't found a reasonably priced UTM firewall/security gateway yet. I used to install Ubiquiti but they don't support spam monitoring and availability is horrible. Regardless, I have other solutions for the issues that Firewalla is not meant to address.
@TheJackal917
@TheJackal917 3 жыл бұрын
Intel cpu. With all it's security flaws. I thought it was something custom made with encryption. Hmm...
@guilherme5094
@guilherme5094 3 жыл бұрын
Nice!
@michaelthomson5125
@michaelthomson5125 Ай бұрын
Terrible as an actual firewall. You can't use any 3rd party blocklists since it limits the number of IP addresses to 200. And you need to buy their subscription to increase to 2000 even though other product its basically unlimited. And their customer service is absolutely terrible.
@logwind
@logwind 3 жыл бұрын
Can't this device act as an AP?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
It's not wireless AP.
@nikolaskallianiotis8622
@nikolaskallianiotis8622 3 жыл бұрын
One who can setup this can also spent $50 to buy a raspberry pi 4 (or any other SBC), install FOR FREE anything he/she wants (lots of solutions) and get the same benefits without spending a cent more. The most important yet, free new knowledge and training.
@GaryExplains
@GaryExplains 3 жыл бұрын
I disagree. The knowledge to setup this isn't the equivalent of creating a custom solution with a Pi or PC. Also, the Pi won't give you the same throughput. Finally, the hassle of setup and maintenance of a custom solution doesn't make it cheaper. If I am busy then I want a complete solution. I could fix my own car but I choose to take it to a garage because I don't have the time. Cheaper isn't just about cash values.
@nikolaskallianiotis8622
@nikolaskallianiotis8622 3 жыл бұрын
@@GaryExplains I'm sure this is not for every day users who just want to press a button and the magic happens. It's for advanced users and such as any other solution can be acceptable. To fix you car you need equipment costing thousands, to make your own firewall only time, knowledge and a few dollars do the trick. I only agree that not everyone has the time. As for the throughput it's debatable. For me having a VDSL connection acting as bottleneck, throughput is more than enough. If someday I find the money and the ISPs decide that I can also have the "luxury" of a Gbe then maybe I'll need something more advanced. But then again, if and when this happens, some other SBC maybe more suitable. And don't say that only a few have just a poor VDSL. I am watching your channel from Greece. Here 200Mbps Fiber costs nearly 60EUR and are only available in some suburbs. For the rest 90% DSL is the only available solution. I'm sure many other countries in the "developed world" share more or less the same situation.
@GaryExplains
@GaryExplains 3 жыл бұрын
@@nikolaskallianiotis8622 I was referring to the throughput of the interfaces on the router as it is Gbe for the LAN side and the firewall monitors all the LAN traffic. The LAN side functions are quite advanced.
@georgeklimes7604
@georgeklimes7604 Жыл бұрын
@@nikolaskallianiotis8622 Nikolas, when I come to Greece, I WISH I could get anything near 200 Mbps. And on Kalymnos, it's extremely painful in many places (like 2 or less Mbps sometimes!!!). Has the Cosmote coverage improved in Athens?
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
@@nikolaskallianiotis8622 You might consider taking all that saved money you have lying around from self-building stuff and MOVE to a location with better internet speeds.
@kdog8787
@kdog8787 3 жыл бұрын
For people that have wireless routers without AP or bridge mode: You don't need to use AP or bridge mode. You only need these if you want to use your wireless router's WAN port. You can disable DHCP on the wireless router and connect it using one of the LAN ports. D-Link tech support taught me this before AP and bridge mode existed on their consumer routers.
@GaryExplains
@GaryExplains 3 жыл бұрын
I think you then get a routing problem.
@kdog8787
@kdog8787 3 жыл бұрын
@@GaryExplains The DHCP on the wireless router tells its clients to request internet traffic from the wireless router. If you disable it and plug the firewall router into a LAN port (as opposed to the WAN port) on the wireless router, the DHCP on the firewall router should take over and tell all the wireless clients on the LAN to request internet traffic from the firewall router. It's important to disable DHCP on the wireless router before plugging it into the rest of the LAN so it doesn't interfere. It's also important to make sure the wireless router has a different LAN IP and is on the same subnet as the firewall router. I usually take the firewall router LAN IP (eg 192.168.1.1) and add four to the last number (eg 192.168.1.5). This is usually outside the range of IPs that are assigned to clients. I've successfully done this with a Ubiquiti EdgeRouter and many wireless routers over the years. Now I use AP mode on my Archer AX50, which I still connect through a LAN port.
@GaryExplains
@GaryExplains 3 жыл бұрын
I think it depends on the router. If it has a dedicated WAN port, some of them only accept DHCP answers over that port. For example, I have a Mikrotik hAP Lite and depending on the configuration you might need to explicitly set DHCP address acquisition to all ports rather than the WAN. Anyway, I tested the setup you suggested using the Mikrotik hAP Lite and as I feared, no internet on client devices connected to its Wi-Fi. The problems seems to be that the router doesn't get a DHCP address from the Firewalla. Moving the cable from the LAN to WAN port fixes it, and then setting it to Bridge mode fixes the double NAT.
@kdog8787
@kdog8787 3 жыл бұрын
​@@GaryExplains The wireless router doesn't need a DHCP address for the clients to get internet so long as its wireless is bridged to its LAN ports. I set a static IP for my wireless router so I know where to find it. Microtik has a DHCP snooping option which can block DHCP servers that aren't trusted. I imagine it blocked the Firewalla from giving IP addresses to the clients.
@kdog8787
@kdog8787 3 жыл бұрын
I recommend AP or bridge mode to anyone that has it.
@riahaidan
@riahaidan 2 жыл бұрын
Gold users, how's the Wi-Fi range on the Gold? Is it also short range like the Purple?
@TesserId
@TesserId 2 жыл бұрын
Oh, have to use smart phone, have to have wifi connectivity. So, I can't use this on a wired only LAN. Sorry, that's a deal breaker.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Goodness. Don't need wifi connectivity as it doesn't contain a wifi module unless you buy the optional USB wifi product. It only needs to access a bluetooth phone on first startup for initial basic config, Thereafter, use phone and/or tablet app, any web browser, or SSH into it. You missed out on a fantastic piece of kit.
@scooter5480
@scooter5480 3 жыл бұрын
$438.00
@Demopans5990
@Demopans5990 Жыл бұрын
*laughs in pihole*
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
You need a hand getting out of that pihole you're in?
@marioenc04
@marioenc04 3 жыл бұрын
Missed the #ad or the #publi
@GaryExplains
@GaryExplains 3 жыл бұрын
eh? Did you miss the bit where I explicitly pointed out that this is not a sponsored video nor is there an affiliate relationship?
@jk-mm5to
@jk-mm5to 3 жыл бұрын
Great firewall for prosumer and not professional.
@fuzzyball2132
@fuzzyball2132 2 жыл бұрын
You need some networking experience to full utilize all features for growing network at home or small businesses. Lot of money will be wasted if it’s just plug and play.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Few people utilize all features. And there are less expensive Firewalla for the budget conscious.
@Flankymanga
@Flankymanga 3 жыл бұрын
Im sorry but my Mikrotik has a lot more features and does not need bluetooth smartphone to access and best of all... and costs quarter of this thing.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Your Mikrotik has any 2.5ghz ethernet ports to communicate with 2.5ghz switches or modems? Your Mikrotik can process VPN data at 1Gbps and more? Your Mikrotik has dual Wan ports with fail over? Your Mikrotik has an ARM quad core CPU? Your Mikrotik has a fully fleshed out UI with everything done for you? Your Mikrotik has a No-Lockout Bluetooth option? Your Mikrotik has an easy Bluetooth first time startup feature? Your Mikrotik has a phone app, a tablet app, a web browser command interface with charting, and SSH, all able to configure and manage the interface? Your Mikrotik has IDS? Your Mikrotik has IPS? Your Mikrotk has option to auto quarantine new devices until reviewed? Your Mikrotik has auto updating malware and blocking lists? Your Mikrotik has easy learning curve? I could go on and on. If indeed it has any or most of these features, let me know and I'll switch (to a product I left behind decades ago). 😂
@gsgrzegorz98
@gsgrzegorz98 3 жыл бұрын
No web interface. Boooooo!
@GaryExplains
@GaryExplains 3 жыл бұрын
There is one in development, it is currently in Beta: help.firewalla.com/hc/en-us/articles/360049873154-Does-Firewalla-have-a-web-interface-
@hansprice504
@hansprice504 3 жыл бұрын
I stopped watching at around 7:10 when I learned that you need an iOS or Android device to configure...
@Stelios.Posantzis
@Stelios.Posantzis 3 жыл бұрын
Same here... at 8:05!
@boeske1980
@boeske1980 3 жыл бұрын
There is Also a webinterface and SSH support and a console port. Also An HDMI output.
@ppal64
@ppal64 3 жыл бұрын
So a almost a netgate clone that has no web gui install.? Dumb not to have WEB interface. Much more u,ser friendly for the home user compared to pfsense.
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Dumb for pfsense to not have a cell phone/tablet interface.
@mrtuk4282
@mrtuk4282 3 жыл бұрын
Sadly I don't think IOS or Android are safe from tracking so it looks like I cannot use this device.
@codemonkey6173
@codemonkey6173 3 жыл бұрын
Needs my phone and an app to configure? That's not just no, but heeelllll no
@SpaceCadet4Jesus
@SpaceCadet4Jesus Жыл бұрын
Ubiquiti started out like that, Fing too. You can use a tablet too, or SSH into it via a browser.
The $299 Everything 10G Firewall NAS and Virtualization 1U
20:42
ServeTheHome
Рет қаралды 230 М.
We Attempted The Impossible 😱
00:54
Topper Guild
Рет қаралды 51 МЛН
Арыстанның айқасы, Тәуіржанның шайқасы!
25:51
QosLike / ҚосЛайк / Косылайық
Рет қаралды 684 М.
Firewalla Gold SE - Full Review
10:27
Brian Unboxed
Рет қаралды 8 М.
AI Firewalls are here! (Can your firewall do this?)
42:18
David Bombal
Рет қаралды 98 М.
The Best Home Security Device Money Can Buy
18:33
Legends of IT
Рет қаралды 56 М.
DO NOT design your network like this!! // FREE CCNA // EP 6
19:36
NetworkChuck
Рет қаралды 3,4 МЛН
My Thoughts on the Firewalla Firewall...
8:05
Lawrence Systems
Рет қаралды 67 М.
03 - Routers & Firewalls - Home Networking 101
51:45
Crosstalk Solutions
Рет қаралды 170 М.
Understanding Mesh Networking (feat. MikroTik Audience)
17:12
Gary Explains
Рет қаралды 57 М.
Firewalla - How it's going after a few weeks running
24:53
THIS 25GbE Server and Firewall Has it All
22:21
ServeTheHome
Рет қаралды 136 М.
Stacey's Pick: Firewalla Purple
7:18
TWiT Tech Podcast Network
Рет қаралды 20 М.