Best external "Consumer" firewall

PoohPooh Member, Beta Tester Posts: 674
500 Likes 500 Comments 25 Answers 100 Agrees
✭✭✭✭✭
What would the community suggest as a consumer firewall appliance for your average user. I know there's the like of Pi-hole etc., but I'm wondering what's the best solution-in-box. Got a couple of friends asking and they're about as knowledgable as my mother-in-law as to how these things work, so it needs to be pretty idiot proof. Subscriptions as part of the appliance are OK.

The two that immediately come to mind are BitDefender box and Disney Circle, although I'm also not too impressed with Circle (guess this is what you get when mouse runs the software team).

Not looking for Prosumer devices either.

Fellow fingies, what say you?
People say nothing is impossible, but I do nothing every day.
GidsterVioletChepil

Comments

  • AndreaAndrea Member, Beta Tester Posts: 43
    25 Likes 10 Comments Name Dropper Photogenic
    ✭✭
    well i'm in love wiht synology i think right now is a good option, and is really easy to setup
    GidsterVioletChepil
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    @Mariusvam @Hronos @tx_hermit @kltaylor anything to add on this one? 

    Community Manager at Fing

  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    Andrea said:
    well i'm in love wiht synology i think right now is a good option, and is really easy to setup
    Thanks, but I need a simple '...in a box' type solution.
    People say nothing is impossible, but I do nothing every day.
    VioletChepil
  • AndreaAndrea Member, Beta Tester Posts: 43
    25 Likes 10 Comments Name Dropper Photogenic
    ✭✭
    what do you mean in a BOX?
    , with synology you have a lot of funzionality in a box easy to configure and managed https://www.synology.com/it-it/products/RT2600ac

    VioletChepil
  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭

    @Andrea something 100% standalone. As I stated in the ask, I need something idiot proof. Synolgy's are great - I've as DS2415+ 12 bay one myself, but they're not for idiots. My friends are confirmed self-admitted idiots when it comes to computers.

    People say nothing is impossible, but I do nothing every day.
    VioletChepilNoone
  • mozarellamozarella Member, Beta Tester Posts: 111
    25 Likes 10 Comments First Anniversary 5 Awesomes
    ✭✭✭
    Actually i'm thinking, real firewall-topic isn't a topic for non-IT-people. Maybe it's enough to use a normal ISP-router, which is already easy to use and have simple firewall-technics built in. Just let traffic go out and answer come in, block everything what is coming in over public ip.
    More firewall-functionality needs more administration and more knowlegde about what to do.
    you mentioned pi-hole. Well, this is a simple to install and administrate ad-blocking-device. But if you don't understand how it's working, then it's hard to manage.
    I'm using firewall on a dedicated computer here in office, it's called ipfire. Mainstream-traffic is going this way out. Inside LAN, there's watchguard firewall cluster to manage different subnet, VPN and different internet-connections (just one of them is using ipfire e. g.).
    To keep it idiot-proof, use internet-router.
    But actually people who are using internet, should understand a bit of that technics, i'm thinking. Nobody is driving car without having insurance and driving license. Driving license is needed to get basic technical knowlegde how to drive a car. But computers or internet doesn't need that, why?
    VioletChepilmagpt
  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭

    A Router doesn't cut the mustard, @mozarella . I need something that can act as a controlling gateway for kids, something that can stop access to certain websites and can help block malware at the network level.


    All consumer based.

    People say nothing is impossible, but I do nothing every day.
  • mozarellamozarella Member, Beta Tester Posts: 111
    25 Likes 10 Comments First Anniversary 5 Awesomes
    ✭✭✭
    If you want to use content-filtering, then you need a system which needed to be administrated. I was using IPFire with classroom-extension for exact this topic (any years ago). With classroom-extension you can set different topics (drugs, sex...) as blocked, use squid-cache, virus-check and so on. But if sth is filtered by "false positive", you need to fill in whitelist what is not really idiot-proof. IPFire can be configured quite deep through web interface and there are a lot of addons. E. g. update-accelerator for slow internet-speed. Easy to manage, but idiot-proof?

    More simple: I'm using Fritz!Box at home as internet-router. There's also a kind of kids-gateway inside. You can set different devices to the "kids"-group. Limit access to certain websites for that group, set time-limit. You can also give "guest-pass" to kids everytime they have done a good job (e. g. homework, walk the dog..), to extend the time-limitations for internet-usage. you can block different ports (e. g. filesharing, VPN-services, proxy-services..).
    Although Fritz!Box is easy to manage, more easy than IPFire, people need to know what they are doing and how to set up this system.
    Both systems could be set up as VPN-Server, use DynDNS and if sth went wrong with filtering, somebody could check that via remote-administration.
    VioletChepilmagpt
  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    Much of what you said here is supported by BitDefender Box, which has been the one device I've looked at. 

    ipfire sadly doesn't help as it requires a Linux box to be onsite and managed. The folks I'm talking about have difficulty in remembering a password. I'm looking for something that I can connect to and help them manage - think things with big red shiny buttons...
    People say nothing is impossible, but I do nothing every day.
    VioletChepil
  • AndreaAndrea Member, Beta Tester Posts: 43
    25 Likes 10 Comments Name Dropper Photogenic
    ✭✭
    Pooh said:

    @Andrea something 100% standalone. As I stated in the ask, I need something idiot proof. Synolgy's are great - I've as DS2415+ 12 bay one myself, but they're not for idiots. My friends are confirmed self-admitted idiots when it comes to computers.

    so far i think the best is choose a  solution  as s service, give a try to Comodo wiht is CDOME https://cdome.comodo.com/


    VioletChepil
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    Pooh said:
    What would the community suggest as a consumer firewall appliance for your average user. I know there's the like of Pi-hole etc., but I'm wondering what's the best solution-in-box. Got a couple of friends asking and they're about as knowledgable as my mother-in-law as to how these things work, so it needs to be pretty idiot proof. Subscriptions as part of the appliance are OK.

    The two that immediately come to mind are BitDefender box and Disney Circle, although I'm also not too impressed with Circle (guess this is what you get when mouse runs the software team).

    Not looking for Prosumer devices either.

    Fellow fingies, what say you?
    If you're looking for small business level options in a consumer-based router, take a look at the ASUS line.
    Not only is it packed with features that you only see with small business routers, but it also supports Ai Mesh networking as well. 
    Some of the key benefits that I've relied on in the past is bandwidth monitoring, network security monitored by Trend Micro, a robust QoS package, and much more.
    The ASUS line allows me to customize my network to my standards and specifications while allowing great flexibility in features and security.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepil
  • HronosHronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭✭
    I personally, have little to no experience with Firewall appliances for home network, I didn't have to block sites from kids for now xD.
    But, looking at the internet for some information, got around this article, one of the listed can, maybe, help. 
    https://wiki.ezvid.com/best-hardware-firewalls
    The one is mostly "home" targeted is: Cu
    (Isn't it cute???)
    Keep looking up!
    VioletChepil
  • Manny_CavalierManny_Cavalier Member, Beta Tester Posts: 18
    10 Comments First Anniversary 5 Likes Photogenic
    ✭✭
    Firewalla.

    VioletChepilFingFan2012
  • ArtJArtJ Member, Beta Tester Posts: 4
    5 Likes First Comment Photogenic

    Unfortunately, Norton stopped making their Norton Core solution. It was pretty good and dirt simple to setup and protect everything on your home network.

    I have heard that some ASUS routers come with built in Trend Micro solution, but haven’t seen one in real life.


    BitDefender has a solution it calls Box Pretty simple and transparent operation

    Eventually there will be other solutions but so far hardware solutions don’t seem to last long in the market

    continual automatic update and a balance between informing the user and being transparent to the user is key you can’t notify a non IT person of every scan and access attempt

    HronosVioletChepil
  • KayJayKayJay Member, Beta Tester Posts: 38
    25 Likes 10 Comments 5 Awesomes First Anniversary
    ✭✭✭

    Hello @Pooh,

    Have you considered Firewalla or Cujo devices?

    I have been doing some research on this topic for myself and both of those devices seems to get some positive reviews.

    HronosVioletChepil
  • tx_hermittx_hermit Member, Beta Tester Posts: 4
    5 Likes Founder First Comment Photogenic
    ✭✭
    The appliance from Untangle would probably be a step above what you are wanting, but is a great solution with solid support.

    Kind of surprised no one mentioned the Gryphon. It is extremely simple, and seems to be a well liked home setup. I have recommended it to non-tech friends that have had no issues getting it up and going.
    GidsterVioletChepil
  • ArtJArtJ Member, Beta Tester Posts: 4
    5 Likes First Comment Photogenic

    Cujo device is no longer sold. I had one for a while but the company seemed to use Cujo as a learning platform then decided to focus on business users.

    VioletChepil
  • HronosHronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭✭

    @ArtJ that's so sad! it was so cute. (Don't know if really helpful :) )

    I hope the current user base is still been supported... It will be a shame to keep it just for the cuteness xD

    Keep looking up!
    VioletChepil
  • CryptoMinkyCryptoMinky Member Posts: 11
    5 Likes First Answer Founder Photogenic
    ✭✭
    I have been using a Firewalla Blue for several months and find it to be a good solution for several reasons. It has a good number of desirable on/off security options. It can be controlled from anywhere with their app on my iphone. There is no subscription and it takes up very little space. It has caught my Nanny Cams uploading to China and allows me to block them away from my network. It has not had any appreciable 
    effect on my network speed. Finally it is versatile in that you can lock your network down as tight or open as you wish.
    VioletChepilPooh
  • ChrisByrnesChrisByrnes Member Posts: 9
    5 Likes First Comment Photogenic
    Another vote for Firewalla Blue. Been running it for months; it does everything I need. Additional functions are under development. Highly recommend. 
    VioletChepilPooh
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    interesting to see so many fans of Firewalla! 

    Community Manager at Fing

    PoohHronoskltaylorManny_Cavalier
  • Manny_CavalierManny_Cavalier Member, Beta Tester Posts: 18
    10 Comments First Anniversary 5 Likes Photogenic
    ✭✭

    Hope to see future Fingbox have similar (or much better) features like Firewalla... maybe on Fingbox V3. :-)

  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    Thanks everyone for your input: given me something better to look into!
    People say nothing is impossible, but I do nothing every day.
    VioletChepil
  • ChrisByrnesChrisByrnes Member Posts: 9
    5 Likes First Comment Photogenic

    Hope to see future Fingbox have similar (or much better) features like Firewalla... maybe on Fingbox V3. :-)

    I see Fing and Firewalla as having different purposes; internal versus external control. I like having them separate rather than depending on one source. Bugs or blind spots in a single do-all device would go undetected. Besides, with proper settings they work very well together. 
    HronosVioletChepil
  • Manny_CavalierManny_Cavalier Member, Beta Tester Posts: 18
    10 Comments First Anniversary 5 Likes Photogenic
    ✭✭

    It's obvious that these are two different devices. What I'm saying was if Fingbox can add more features like one or two that Firewalla (or any other similar devices) does would be a great addition for its future updates. Like what Firewalla is doing right now, they don't stop adding more features/improvement as long as the hardware permits.

    VioletChepil
  • joltdudejoltdude Member, Beta Tester Posts: 30
    10 Comments 5 Awesomes First Anniversary First Answer
    ✭✭
    My issue is a lot of these devices use ARP poisoning to do the content filtering... Actually I miss the Sofaware / Zonealarm SPI Firewall appliances which was intended for prosumer/home use ... though it was sadly discontinued in this market., partly I think due to the sub fee and limit on connections in a home environment (more IOT devices and even the paid for limit upgrade was only 15 devices) ... Circle/Bitdefender/Firewalla/Cujo and a few others are out there... Actually I had one called the Ad-trap which supported BOTH ARP Poisoning and proxy server modes, but it was primarily for ad blocking vs content control... Still think theres room for the fing box to do more monitoring than is visible to the average consumer... possibly DNS based content filtering... even if it was an extra cost option
    VioletChepil
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    @Pooh we could also start a poll up to get some votes casted as well!? Then we'd have an official best firewall as voted by Fing Community. I guess, I wouldn't use one, could also be an option based on some of the responses. 

    Community Manager at Fing

    Hronos
  • alexpappalexpapp Member, Beta Tester Posts: 2
    Photogenic First Comment
    Netgate SG-1100 MircroFirewall pFSense Security Gateway http://https//store.netgate.com/pfSense/SG-1100.aspx
    Ubiquiti UniFi Security Gateway https://www.ui.com/unifi-routing/usg/
  • AndreaAndrea Member, Beta Tester Posts: 43
    25 Likes 10 Comments Name Dropper Photogenic
    ✭✭
Sign In or Register to comment.