23 Nov A powerful all-in-one solution to monitor and protect your …
Security and privacy are at the heart of our concerns with technology now. With every breach, hack, and vulnerability, we discover how frail this digital footprint we’ve created is. To protect ourselves, we make sure our devices are always updated with the latest security patches, we try to avoid suspicious sites and apps, we keep our eyes open for phishing attempts in our inbox, but that still isn’t enough. If you have smart home gadgets or if you don’t control every device in your household, you need network-level protection. Some Wi-Fi routers offer this, but the feature is usually tied in a monthly subscription.
Firewalla aims to provide that network-level protection for a one-time fee ($109 or $179). You buy the tiny device, plug it in, and it monitors all traffic, whether it’s coming from wireless or Ethernet devices, and warns you when something seems out of order. It also adds a bunch of smart features to your network: parental protections, per-device rules, ad blocking, VPN server, among others. I’ve been using it for a month and it has become a valuable tool in my house.
Hardware, what’s in the box
Before you get started with Firewalla, you need to look at the list of compatible routers and mesh networks and make sure yours is supported. If that’s the case, you have to choose among two possible units: Red ($109) for internet connections that are slower than 100Mbit, and Blue ($179) for faster ones. Since my connection tops out at 16-20Mbit on a good day, I’m reviewing the Red, but all features should be the same across both options. Firewalla Blue can just handle a bigger load.
The tiny device is as simple as it gets. On the front, there’s Micro-USB for power and a MicroSD slot with a pre-inserted card, that acts as the brain of the device. The back has Ethernet and USB-A ports. Vents on the sides help it cool off, and a QR barcode on the top is needed to authenticate your Firewalla license.
In the box, you get the unit, an Ethernet cable, a wall charger and USB-A to Micro-USB cable, and a manual. You don’t need more.
Installation and setup
After plugging in the box for power, you need to connect it to your network over Ethernet. There are several possible scenarios here:
- If you have a modem/router all-in-one device, you just plug Firewalla in one of the LAN ports.
- If you have a separate modem and router, you plug Firewalla in one of the router’s LAN ports — it’ll monitor all wireless devices and even ones plugged into the router’s other LANs.
- If you have a modem and a mesh network, you need to plug Firewalla in the primary mesh device’s LAN ports — it’ll monitor anything connected to the primary or satellite mesh units, whether wirelessly or via LAN.
A few minutes of wait are necessary for Firewalla to boot up and initialize, so be a little patient. In the app, you’ll see a + sign to start the pairing process, which requires scanning the barcode on top of the unit. Then you’re taken through the initial setup, where you can choose between simple and DHCP modes. My Netgear Orbi is compatible with the simple mode, so I went with that.
The Firewalla app is chockfull of features and will take a bit of time to get used to, but once you know where everything is, it’s a pretty straightforward experience. Almost everything you set on the entire network can also be applied on a per-device basis, so keep that in mind as you read on.
On the homescreen, you’ll find your paired Firewalla units. Choose one and you’re presented with a summary of everything you need: a graph of total bandwidth usage from the last 30 days, 24 hours, or 60 minutes, shortcuts to access connected devices, alarms, rules, and all features (Ad Block, Family Protect, VPN Server, etc…).
30-day, 24-hour, and 60-minute usage on homescreen. The app has a dark theme for Android 10.
Beside customizing this screen to show more feature shortcuts, you can tap on the 24-hour graph (not the other two) to view a detailed network flow. It’s divided by hour, upload, download, chronological history, or apps. The latter is Firewalla’s own way of telling you what you used a device for (email, messaging, social, video, and so on); it’s not very precise as not all IP addresses are categorized, but it’s indicative enough.
Left: Customizing features. Middle: What’s happening now. Right: Reason for the 9pm 1.8GB peak.
This global view tells you when your network was used the most and through which IP. Tapping on any line reveals more details. You may need to do some sleuthing to figure out what an unknown IP address means, but as long as no alarm was raised by Firewalla about it, you likely don’t need to bother unless it’s something completely out of the ordinary like an inactive device uploading 200MB of data for no reason.
Firewalla doesn’t do a good job of letting your monitor which devices may be clogging your network right now. You can get that kind of information, but you’ll really need to dig around in the network flow as well as take into consideration that the Now tab consolidates everything from the top of the hour and often remains a couple of minutes behind. That aspect should be simplified.
If you’re not interested in immediate monitoring, you can still glean a lot of info from the general network tables or the per device ones. Every device also gets its own 30-day, 24-hour, and 60-minute graph, with control buttons, options to rename it, and check its MAC address.
Left: Device list ordered by download. Middle: Sorting options. Right: Device page.
This lets you track down what each device on your network is doing instead of viewing the global picture, and you can decide to act on certain domains and IP addresses straight away.
Left: Hourly downloads per device. Middle: “Apps” used. Right: Details of an IP connection.
Thanks to this, I was able to check what my smart home devices were doing all day. I discovered that my Nuki lock really only connects when it’s needed and never strays from the nuki.io servers. My Hue Hub also doesn’t do much if not called upon, same as my Somfy TaHoma smart blinds hub, and Cielo air conditioner remotes. It’s a relief to see that the devices I chose for my home aren’t spending their time talking to some unknown servers goodness knows where and uploading tons of data to them.
Left: Nuki’s usage is exemplary. Middle: Nuki IP addresses….