Firewalla is a compact and simple device which plugs into your router and protects your connected home from a host of network and internet threats.

There are likely numerous things around your house that use your network in some way that you likely don’t pay much attention to. Likely because these things are made by their manufacturers to be functional and not necessarily secure in most ways. Things such as a garage door opener, your smart doorbell and others. But now you can add security to these things and your network by simply adding Firewalla, a device that isn’t trying to replace your router.

Unlike such competitors as Norton Core and F-Secure Sense, Firewalla doesn’t attempt to replace your router. It simply sits on the network, monitoring and managing traffic and devices and applying some simple rules to network traffic. In testing, the central monitoring and control features proved very effective, but some other operations ranged from complex to extremely complex.

Inside the tiny box you find a quad-core 1GHz ARM CPU running Ubuntu, with 512MB of DDR RAM. It has an Ethernet port, a micro-USB port for power, a USB port, and a slot for a micro-SD card. The Firewalla website points out a ton of geeky uses for that SD card slot. Those with the necessary advanced skills can swap in a bigger card and do programming on the device, using its built-in Python, Javascript, and other languages. You can also use it to re-flash the firmware image.

Given the clearly minimalist design approach, having a USB port seems odd. Firewalla’s CEO explained that it’s for future expansion. “The box is fully hackable,” he said. “Many of our customers are pretty crazy about this.” He mentioned experimenters adding a USB Wi-Fi adapter, a programmable USB light, and mounting USB memory to create a Samba share drive.

In the box, you’ll find the tiny Firewalla box along with a power adapter, an Ethernet cable, and a micro USB cable. There’s no manual or startup guide, just a tiny instruction card with a URL pointing to installation instructions. Following the simple instructions, I downloaded the Firewalla app onto my Pixel device I use for testing and registered my email. I should point out that, as with other network security boxes, you must control Firewalla through an iOS or Android phone or tablet; PCs and Macs need not apply.

For the next step, I hooked up the box to power and connected it to the network with the Ethernet cable, just as I’d do with any other device. I didn’t have to connect it “upstream” from the router or make any other network changes. There was no interruption in my network connectivity.

After a few minutes it finished its initial boot sequence. A New Firewalla notification and icon appeared in the app. Per the instructions, I paired it with the app by scanning a QR code on the bottom of the box; clever! At that point it offered to learn the network, with an option for manual setup. Not having any idea what manual setup entails, I let it do its own exploration. In just a few minutes, it was ready to get to work.

At the outset, I got a flood of notifications, as Firewalla detected everything connected to the network for the first time. Each new notification comes with the device’s name and manufacturer, if they have supplied it, as well as the IP and MAC addresses. If you see something that clearly doesn’t belong, you can block its access with a single tap. And if your wife suddenly screams from the other room because she suddenly can’t watch her favorite ASMR YouTuber because you blocked the wrong thing, you can restore access just as easily.

Firewalla Image 1

Getting notifications that new devices have joined is just the start. By default, Firewalla alerts you when any thing it’s monitoring starts using gaming, video, or porn sites, or encounters a dangerous website. It also alerts on what it calls “abnormal uploads,” and when someone connects to the VPN server. You can fine-tune this system for each category, telling Firewalla to give you a pop-up notification, an in-app alarm, both (the default), or neither. And if you see that your kid is playing games instead of doing research for a term paper, you can tap the notification to cut off gaming on that device for an hour, or until you turn it back on.

For the devices that show up without a proper name or manufacturer name, you can rename them once you track them down and figure out exactly what device it is. Luckily for me, everything on my network showed up with a name so I didn’t have to worry about tracking anything down.

Software-based network scanners like Bitdefender Home Scanner and Avira Home Guard also let you give friendly names to hardware based on the reported IP address or MAC address. But Firewalla offers vastly more information about the activity of each, data that can aid in correctly matching an entry with its physical device.

Here’s an example. On my own network, one device came up with a name that I didn’t recognize at all. Tapping for details, I got a graph of its recent activity. More usefully, tapping the Network Flows link let me see just where it connected. Given that all the named URLs in the list were sub-domains of ring.com, I deduced that this entry represented my Ring Video Doorbell Pro.

Firewalla lists four sets of stats for each device. The history list, the one I used to identify the doorbell, lists all connections. Separate lists report uploads and downloads, along with a size for each. And the Apps tab lists apps that made a network connection.

One of Firewalla’s most interesting features is its built-in VPN server. Turn this on, and in theory at least, you can securely connect to your home network from anywhere in the world, access home devices, and use it as your private VPN server.

If you’re visiting Australia from the US, for instance, you could use the VPN to access your home computer. Strong encryption keeps you safe, even on public WiFi, and you could access websites which might otherwise be blocked. (US Netflix isn’t normally accessible if you’re in Australia, for example, but connect to your home network first and you’ll have a US IP. )

Setting this up takes some work. The app will try to set up the required port forwarding rule in your router, but if that doesn’t work, you’ll have to do it yourself. You’ll then need to set up a suitable VPN client, download and import an OpenVPN client.

Even that might not work. The app told us it had set up our router correctly, but we still had problems that required some manual tweakery. 

Still, if you do run into difficulties, there’s plenty of help available to get the service working. Overall, I think Firewalla’s VPN server makes an appealing extra for expert users.

In the end, Firewalla might be a very small product and look as if it doesn’t do much of anything, but that certainly isn’t the case at all. Firewalla packs a punch and does a lot of things and does them without much hassle. Outside of the VPN server, everything is very simple and easy to setup.

The Firewalla Red can be purchased directly from Amazon for right around $108.00 currently, and the Firewalla Blue can be purchased for $179.00 directly from the Firewalla website itself.

About the author

Cliff Wade

Founder and Chief Editor of TechDissected. I'm an avid Linux user, that's addicted to music, electronics, the internet, computers, Android, iOS and everything tech related! Rocking a Google Pixel 3 XL, iPhone XS Max and several other devices that go beep. Lover of #Cheeseburgers #Android #Penguins #Tech and the #HoustonTexans. Gadgets and Gizmos are my specialty. Customer Suppport Specialist and Social Media Manager for TeslaCoilSW, the makers of Nova Launcher, Nova Launcher Prime and TeslaUnread. If you have any questions just ask as I'm always happy to help.