无论你在哪里打开互联网,都潜伏着危险。流氓黑客在那里,试图使用恶意软件感染(malware infections)、受损的防火墙(compromised firewalls)和暴力攻击(brute force attacks)来访问您的数据。如果没有适当的保护措施,您的网络和个人数据的安全将面临严重风险。
为了保护您的网络,您可以考虑安装像Firewalla Gold这样的全网防火墙设备。这款新的、适合家庭使用且易于使用的防火墙专为家庭用户和小型企业而设计,但为了帮助您确定它是否适合您,我们正在这个广泛的Firewalla中对其进行测试审查。
Firewalla Gold:设计和拆箱(Firewalla Gold: Design and Unboxing)
Firewalla Gold足够小,可以放在您的手掌中,但在网络安全方面却颇具冲击力。
拆箱Firewalla Gold(Firewalla Gold)时,不要期待过时的手册或大量不必要的包装。包装盒中包括Gold本身,以及电源、安装板、USB控制加密狗和用于安装它的螺钉。里面的小卡片为您提供网站链接,其中包含您需要遵循的说明来设置防火墙。
它主要是一种即插即用的解决方案,包括一个安装板,可让您将其安装在视线之外。这就是重点——它不是为了炫耀和吸引您的注意力,而是在后台阻止威胁、广告等,仅在检测到潜在问题时通知您。
默认情况下,Firewalla Gold随附美式电源线。如果您通过Firewalla网站订购,您可以多花 10 美元购买合适的国际线(suitable international cord),尽管您可以在其他地方找到这些。
与早期的Firewalla Blue和Red产品相比,这款Firewalla体积更大更扁平,顶部采用金属凹槽设计,有助于在使用过程中保持凉爽。该产品的设计巧妙,考虑到了被动冷却,但我们仍然建议您仅在通风良好的区域使用它。
与早期型号相比,该设计简单、引人注目,并且有了很大的改进。唯一的缺点(我们可以看到)是缺少包含的以太网电缆,无法快速将其连接到本地网络(或将其设置为路由器本身)。
虽然布线很便宜,但Firewalla Gold的零售价为 499 美元,因此您会期望它配备入门所需的一切。请记住(Remember),该产品的设计考虑了家庭用户,他们(与技术专业人士不同)可能没有可用的备用以太网电缆。
Firewalla Gold:功能和规格(Firewalla Gold: Features and Specifications)
这个众筹防火墙(crowd-funded firewall)具有保护网络所需的所有功能。作为第四代Firewalla产品,Firewalla Gold得益于多年的实际测试,使公司能够改进和改进产品。
根据Firewalla的说法,Firewalla Gold使用四个阶段的监控和保护来确保您的设备安全,包括对网络流量的深度数据包监控到行为分析以查明任何“异常”。它还使用预定义或用户设置的规则防止威胁(例如黑客攻击)。
作为帮助确保网络安全的一系列防御措施的一部分,Firewalla Gold包括用于阻止(parental controls to block websites)不应访问的网站的家长控制,以及内置的VPN服务器和客户端,允许您连接到外部VPN服务,或创建您自己的服务以远程连接到您的网络。
如果您想屏蔽或删除广告(block or remove ads),您可以使用 Firewalla Gold 的广告屏蔽功能在整个网络中执行此操作,该功能可以阻止许多知名网络在您的设备上显示广告(包括视频广告)。例如,如果您想阻止广告出现在电视上,这将是一个理想的解决方案。
如果您担心网络上的设备数量,或者如果您想将一定数量的设备与其他设备“隔离”,您可以使用网络隔离。这会隔离一些设备,防止内部和外部访问。例如,这是一个非常适合户外安全摄像头(outdoor security cameras)阻止窥探者的功能。
此功能还可用于监控和控制其他设备使用的数据使用情况。这可以通过 Web 界面或使用 Firewalla 的Android和 iOS 用户移动应用程序来完成。
在硬件方面,Firewalla Gold是一个开放平台,支持使用Docker容器和SSH访问进行扩展,以进行远程配置和附加软件安装。该设备运行 Debian Linux版本,配备 64 位 2.2Ghz Intel处理器,四核,4GB RAM和 32GB 内部存储。
Firewalla Gold可以连接到现有的本地网络,也可以设置为本地网络上的主路由器,这要归功于其上可用的四个“多千兆”以太网端口(额定高达 3Gbits)单位的背面。
Firewalla Gold:安装和设置(Firewalla Gold: Installation and Set Up)
Firewalla Gold包装中包含一张设置卡,可将您引导至Firewalla网站上的链接。此链接是您的个人设置指南,其中包含有关如何在网络上设置和使用防火墙的提示和建议。
Firewalla建议您在路由器模式下使用(router mode)Firewalla Gold。这意味着Firewalla Gold可以完全管理和监控您的网络流量。设置指南为帮助您配置现有路由器提供了一些支持,但您可能需要先查阅路由器的用户手册。
您还可以将Firewalla Gold设置为(Firewalla Gold)DHCP 模式下的(DHCP mode)DHCP服务器(发布 IP 地址)来补充您现有的路由器。或者,如果您想保持路由器设置不变(或无法修改它们),您可以将其设置为simple mode。顾名思义,简单模式很容易设置,因为它不需要任何其他配置。
简单模式使用ARP欺骗使其他设备相信Firewalla Gold是您的网络路由器,从而强制网络上的任何连接设备通过它路由流量。这确实与某些类型的路由器存在一些兼容性问题,并且可能无法有效地工作,但将是最简单的设置和使用。
要开始使用,您需要使用以太网电缆将现有路由器或接入点连接到Firewalla Gold背面的端口 4(WAN端口)。(WAN)端口 1 到 3 可用于连接其他设备。虽然设备上有一个HDMI端口,但我们收到的测试模型目前没有使用这个端口。
插入并打开设备后,您需要从适用于 Apple 设备的 App Store(App Store for Apple devices)或适用于 Android 设备的 Google Play Store安装(Google Play Store for Android devices)Firewalla Gold应用程序。这将允许您设置和配置设备。
Firewalla应用程序设计精良,易于使用,只要您的Firewalla Gold防火墙正确连接到您的网络,它应该会在 10 分钟内带您从初始设置阶段到完全运行。
初学者(Beginner)应该能够理解屏幕上的说明,并通过视觉指南和清晰的解释帮助您完成设置过程。高级(Power)用户和专业人士当然不会有任何问题,但作为面向消费者的产品,很高兴看到简单的方法优先。
Firewalla Gold:用法(Firewalla Gold: Usage)
Firewalla Gold是一项已开发数年的服务的演变。Firewalla Gold专注于家庭和小型企业,在设计时考虑到了简单性。从我们几天的测试中可以明显看出这一点。
当然,防火墙的设计并不是为了引人注目——您应该能够设置它并忘记它。值得庆幸的是,这是一个运行良好的功能。启用广告和基于 IP 的位置阻止等功能后,该设备在我们的测试过程中运行简单,没有任何问题。
它阻止了广告,阻止了威胁,最重要的是,它不会干扰任何现有的网络服务。我网络上的所有设备继续使用互联网、共享文件并相互连接而没有问题。除了在网络分段功能测试期间,所有设备都可以继续通信。
使用Firewalla应用程序,还可以在需要时轻松更改设置。例如,屏蔽广告可能会对一些英国的流媒体服务产生影响,因此从广告屏蔽中删除某些设备可确保服务在不到一分钟的时间内备份并运行。
VPN连接和分段锁定等服务(例如,如果设备感染了恶意软件(infected with malware),可以快速隔离设备)对于新手用户来说可能有点难以理解,但Firewalla网站有一个广泛的常见问题解答(FAQ)部分,应该有助于解释难以理解的功能和设置。
对Firewalla Gold进行了几天的测试,有多个用户和许多设备连接到它,证明该设备可以做到它所说的:保护您的网络,阻止广告和外部威胁,并为您的网络提供额外的安全功能否则可能会缺少。
Firewalla Gold 与替代防火墙设备(Firewalla Gold vs. Alternative Firewall Devices)
Firewalla Gold是一款一体化设备,可轻松保护本地网络。您可以尝试其他替代方案,但这完全取决于您的预算和设置时间。
例如,您可以在定制机器、旧 PC(old PC)或Raspberry Pi上使用开源pfSense作为网络防火墙。pfSense 是行业认可和强烈推荐的,但它具有陡峭的学习曲线,从设置到配置。
它也完全免费使用,或者您可以以与Firewalla Gold(Firewalla Gold)相同的价格将其预安装在Netgate SG-3100上,但硬件较旧且功能较少。
相比之下,Firewalla Gold得益于多年的开发、测试和改进。这是Firewalla(Firewalla)设备系列的第四版,通过易于使用的应用程序和SSH访问来更新和安装您自己的软件,它提供了所有的自定义功能,而不会让人头疼。
Firewalla Gold的替代品确实存在,但您可能需要支付额外费用才能匹配功能。例如,您可以使用Bitdefender Box,它还为您的整个网络提供威胁检测和反恶意软件,但在较慢的设备上,与Firewalla Gold相比,它不容易配置或扩展。
您还可以查看企业级设备,例如Ubiquiti EdgeRouter 4。这提供了与Firewalla Gold类似的功能,但没有用户友好的界面和较慢的硬件。
无论您是构建自己的防火墙还是寻求一体化的预构建解决方案,很少有防火墙能够提供Firewalla Gold为其用户提供的精致用户界面、功能数量、现代硬件和定制级别。
保护您的网络(Protecting Your Network)
Firewalla Gold是近年来进入市场的最有趣的消费级安全产品之一。它的价格为 499 美元,不收取任何额外费用,它的定价就像它处于市场的底端,但具有您在企业级Cisco或Juniper设备中看到的那种功能。
功能是Firewall Gold最重要的优势,具有大多数用户可以打开并忘记的广告拦截和实时威胁检测等功能。
对于高级用户和企业来说,广泛的定制,尤其是能够使用Docker容器和SSH访问来扩展功能以安装额外的软件,这是一个非常灵活的解决方案。
毫无疑问,Firewalla Gold将很好地保护本地和商业网络,与简单的(Firewalla Gold)软件防火墙(software firewall)相比,提供了巨大的保护。毕竟,只有在您拥有合适的设备以确保您的安全时,您才能保护自己免受黑客攻击。(protect yourself from hackers)
Firewalla Gold Review – Firewall Router to Secure Your Home
Everywhere you turn on the internet, there are dangers lurking. Rogue hackerѕ are out there, trying to gain access to your data υsing malware infections, compromised firewalls, and brute force attacks. Without adequate safeguards in place, the safety of your network and personal data is at serious risk.
To protect your network, you could think about installing a network-wide firewall device like the Firewalla Gold. This new, family-friendly and easy-to-use firewall has been designed with home users and small businesses in mind, but to help you decide if it’s the right option for you, we’re putting it to the test in this extensive Firewalla review.
Firewalla Gold: Design and Unboxing
The Firewalla Gold is small enough, fitting in the palm of your hand, but it packs quite a punch when it comes to cybersecurity.
Don’t expect an outdated manual or lots of unnecessary packaging when you unbox the Firewalla Gold. Included in the box is the Gold itself, along with a power supply, mounting plate, USB control dongle, and screws to mount it. A small card inside provides you with the website link with instructions you’ll need to follow to set up the firewall.
It’s a mostly plug-in-and-forget solution, with a mounting plate included that allows you to mount it out of sight. That’s the point—it isn’t here to dazzle and grab your attention, but work in the background to block threats, ads, and more, only notifying you when it detects a potential issue.
By default, the Firewalla Gold comes with a US-style power cord. If you’re ordering through the Firewalla website, you can buy a suitable international cord for an extra $10, although you could find these elsewhere.
Compared to the earlier Firewalla Blue and Red products, this Firewalla is slightly bigger and flatter, with a metal groove design on top to help keep it cool during use. The product has been cleverly designed with passive cooling in mind, but we’d still recommend you only use it in well-ventilated areas.
The design is simple, striking, and much improved compared to earlier models. The only downside (that we can see) is a lack of included ethernet cabling to quickly connect it to your local network (or to set it up as a router itself).
While cabling is cheap, the Firewalla Gold retails at $499, so you’d expect it to come with everything you need to get started. Remember, this product has been designed with home users in mind, who (unlike tech professionals) may not have spare ethernet cabling available.
Firewalla Gold: Features and Specifications
This crowd-funded firewall has all the features you’ll need to protect your network. As the fourth generation of Firewalla products, the Firewalla Gold benefits from several years of real-world testing that has allowed the company to refine and improve the product.
According to Firewalla, the Firewalla Gold uses four stages of monitoring and protection to keep your devices safe, including deep packet monitoring of your network traffic to behavior analysis to pinpoint anything “unusual”. It also protects from threats (such as hacking attempts) using predefined or user-set rules.
As part of a series of defences to help keep your network safe, the Firewalla Gold includes parental controls to block websites that shouldn’t be accessed, as well as a built-in VPN server and client, allowing you to connect to an external VPN service, or create your own to connect to your network remotely.
If you want to block or remove ads, you can do this across your entire network using the Firewalla Gold’s ad-blocking features, which blocks a number of well-known networks from displaying ads (including video ads) on your devices. If you wanted to stop ads from appearing on your TV, for instance, this would be an ideal solution.
If you’re worried about the number of devices on your network, or if you want to “block off” a set number of devices from the rest, you can use network segregation. This isolates some devices, preventing internal and external access. This is a feature that would be great for outdoor security cameras to stop snoopers, for instance.
This feature can also be used to monitor and control the data usage used by other devices. This can be done through the web interface or by using Firewalla’s mobile app for Android and iOS users.
In terms of hardware, the Firewalla Gold is an open platform that supports expansion using Docker containers and SSH access for remote configuration and additional software installation. The device runs a version of Debian Linux, with a 64-bit 2.2Ghz Intel processor with four cores, as well as 4GB of RAM and 32GB of internal storage.
The Firewalla Gold can be connected to an existing local network, or it can be set up as a main router on a local network, thanks to the four “multi-gigabit” ethernet ports (rated at up to 3Gbits) that are available on the back of the unit.
Firewalla Gold: Installation and Set Up
Included in the Firewalla Gold packaging is a set-up card that directs you to a link on the Firewalla website. This link is your individual set-up guide, with tips and advice on how you may wish to set up and use the firewall on your network.
Firewalla recommends that you use the Firewalla Gold in router mode. This means that the Firewalla Gold manages and monitors your network traffic entirely. The set-up guide offers some support in helping you configure your existing router to do this, but you may need to consult your router’s user manual first.
You can also set the Firewalla Gold to supplement your existing router as the DHCP server (issuing IP addresses) in DHCP mode. Or, if you want to leave your router settings intact (or can’t modify them), you can set it to simple mode. As the name suggests, simple mode is easy to set up as it doesn’t need any other configuration.
Simple mode uses ARP spoofing to convince other devices that the Firewalla Gold is your network router, forcing any connected devices on the network to route traffic through it. This does have some compatibility issues with some types of routers, and may not work as effectively, but will be the simplest to set up and use.
To get started, you’ll need to connect your existing router or access point to the Firewalla Gold to port 4 on the back (the WAN port) using an ethernet cable. Ports 1 to 3 can be used to connect other devices. While a HDMI port is available on the device, this isn’t currently used on the test model we received.
Once the device is plugged in and switched on, you’ll need to install the Firewalla Gold app from the App Store for Apple devices or Google Play Store for Android devices. This will allow you to set up and configure the device.
The Firewalla app is well designed, easy to use, and should take you from the initial set-up stages to fully operational within 10 minutes, as long as your Firewalla Gold firewall is connected to your network correctly.
Beginner users should be able to understand the instructions on-screen, with visual guides and clear explanations to help you through the setup process. Power users and professionals will certainly have no issues, but as a product aimed at consumers, it’s good to see the simple approach take priority.
Firewalla Gold: Usage
The Firewalla Gold is the evolution of a service that has been in development for several years. With a focus on homes and small businesses, the Firewalla Gold has been designed with simplicity in mind. That much is obvious from our tests over several days.
Of course, a firewall isn’t designed to be noticeable—you should be able to set it and forget it. That, thankfully, is a feature that works well. With features like ad and IP-based location blocking enabled, the device simply worked without any problems during our tests.
It blocked ads, it stopped threats, and most importantly, it didn’t interfere with any existing network services. All devices on my network continued to use the internet, share files, and connect to each other without issues. Except during testing of the network segmentation features, all devices could continue to communicate.
Using the Firewalla app, it was also easy to change settings when needed. For instance, blocking ads can have an impact on some UK-based streaming services, so removing certain devices from ad blocking ensured that the services were back up and running in less than a minute.
Services like VPN connectivity and segment lockdowns (where devices can be quickly quarantined if they’re infected with malware, for instance) may prove a little harder to understand for novice users, but the Firewalla website has an extensive FAQ section that should help to explain difficult-to-understand features and settings.
Testing of the Firewalla Gold over several days, with several users and many devices connected to it, proved that the device does what it says it will do: protect your network, block ads and outside threats, and give you extra security features that your network might otherwise be lacking.
Firewalla Gold vs. Alternative Firewall Devices
The Firewalla Gold is an all-in-one device that makes protecting a local network an effortless process. There are alternatives you could try, but it all depends on your budget and the time you have to set things up.
For instance, you could use the open-source pfSense on a custom-built machine, old PC, or Raspberry Pi to act as a network firewall. pfSense is industry-recognized and highly recommended, but it comes with a steep learning curve, from setting up to configuration.
It’s also entirely free to use, or you could grab it pre-installed on a Netgate SG-3100 for the same price as the Firewalla Gold, but with older hardware and fewer features.
In contrast, the Firewalla Gold benefits from several years of development, testing, and improvements. It’s the fourth edition of the Firewalla device line, and with an easy-to-use app and SSH access to update and install your own software, it offers all of the customization without the headache.
Alternatives to the Firewalla Gold do exist, but you may need to pay extra to match the functionality. For instance, you could grab the Bitdefender Box, which also offers threat detection and anti-malware for your entire network, but on a slower device that can’t be as easily configured or extended compared to the Firewalla Gold.
You could also look at enterprise-grade equipment, such as the Ubiquiti EdgeRouter 4. This offers similar features to the Firewalla Gold, but without the user-friendly interface and on slower hardware.
Whether you build your own firewall or go for an all-in-one, prebuilt solution, few firewalls offer the refined user interface, number of features, modern hardware, and level of customization that the Firewalla Gold offers to its users.
Protecting Your Network
The Firewalla Gold is one of the most interesting consumer-grade security products to reach the market in recent years. At $499 with no additional charges or fees, it’s priced like it’s at the bottom end of the market, but with the kind of features you’d see in an enterprise-grade Cisco or Juniper unit instead.
Functionality is the most important benefit of the Firewall Gold, with features like ad blocking and live threat detection that most users can switch on and forget about.
For power users and businesses, extensive customization, especially with the ability to expand functionality using Docker containers and SSH access for additional software installation, it’s a very flexible solution.
There’s no doubt in our minds that the Firewalla Gold will protect local and business networks well, offering a huge step-up in protection compared to a simple software firewall. After all, you can only protect yourself from hackers if you have the right equipment in place to keep you safe in the first place.
