Are you looking for a hardware firewall that is both good and cheap to buy?
Are you looking for a hardware firewall that is both good and cheap to buy?
I'm setting up Internet fiber at home so I can protect my network while traveling more often than during the pandemic. I already have solid protection on all my main devices, but with too many smart things connecting now, it's time to take control of which traffic gets in and out. I am scared about buying old corporate firewalls that sell for a few hundred dollars online because they are hard to maintain. Also, I don't want to sign up for expensive monthly service contracts. What do you think? TIA, Sid
So one of the more common ways to do this in a home network is to just a use a second router. The simple NAT function pretty much protects you because it is stupid. What you would do is put all the stuff you don't care about on the main network that has the internet router. Then take a second router and plug the WAN port into the main router. You would then place everything you want secure behind the second router. You could still for example take a pc that is behind the second router and print to a printer on the main network but a device on the main network can not talk to your stuff on your second network for the same reason someone on the internet can not get to your home servers. The main issue you are going to have with any firewall is the massive amount of cpu power it takes when you have a very fast internet connection. If you read the specs on commercial firewalls most tell you the maximum data rates based on what you are doing. There is say a huge difference running say vpn than just blocking lists of ip addresses. Consumer routers had this issue just passing traffic on large internet connection because of the small cpu. Almost all routers now use a hardware NAT function that bypasses the cpu. The downside is any function that needs to see the cpu chip to see the data, like a firewall filter, now causes this hardware to be disabled. You will cap speed out on most router about 300mbps just for turning on the firewall with no rules. Commercial firewalls also have various forms of hardware accelerators some for example do encryption. You can look at using a small pc with one of the many unix based firewall options. What I would do first is try to find a way break your devices into different network behind different routers. You are going to in effect have to do that anyway with a firewall.
You're right. For someone who knows how, using a computer with a software-based firewall is better than just relying on default settings. Also, you can set up rules so things happen at the times you need them to work.
Today I found a really good article that is also helpful. It talks about how to stop ransomware attacks even during big weeks and weekends like Labor Day. The protection works no matter where you are, so it's useful right now too. For example, if you're not at home, it helps too.