Hi gang, What kind of firewall (Hardware or software on dedicated pc) do you use to secure your network at home ( or insourcing office). Would be really interesting to know what is out there.
pfSense for me. I’m using a Netgate box, and a self built (2 locations)
In both locations, they front Ubiquiti switches and APs.
Regarding Hardware, I think it depends a little bit, where you live.
I use the build-in firewall from my Fritz.box, my DSL-Router. I think they are also sold into some European countries, but I’m not sure, whether those are sold, and compatible, somewhere else in the world?
Ubiquiti UniFi Security Gateway here. I don’t know about it being “out there” as it and seemingly half of the Ubiquiti product lines are out of stock.
Fritzbox is also sold in Australia via Amazon and may be other outlets
I checked out protecti but it is expensive. There are cheaper alternatives but I am not sure they are trustworthy
I have a Firewalla Gold running. Very happy with it.
I am using pfSense on an Intel Atom E3845 based system. The device has 4 LAN ports built in and all I had to add was some RAM and an SSD.
Firewalla Purple user here. I supported them during a recent Kickstarter. Very happy with this product.
I have an ASUS router with free AiProtection, but I disabled that, since I don’t like my entire surfing behavior being sent to Trend Micro…
If the Raspberry Pi 4 ever gets back in stock here, I might experiment with Suricata.
Using pfSense on a Protectli FW4B since years.
I´m not sure, if I would trust an open source software solution at a security matter?!
Yes, open source means, that the programer couldn’t “hide” something within the code, that could be harmful, because everybody could find such code.
But, not everybody will even be able to read and understand the code.
So, this “advantage” is only for a relatively small number of people relevant.
The big disadvantage on the other hand, every Black Hat is also able to have a look at the code, and could find, and misuse, the failures within (and there are a lot of failures within every code, that became a certain length).
So I wonder if the risk will be not much higher, than the benefits, if I, as a “regular user”, use an open-source-solution for security measures?
Nearly all closed-source software also include/use many many open source software components. Just look at the latest log4j issues.
Open-Source does not mean issues will be found and fixed faster than closed source and not the other way around either.
I tend to be more comfortable using open-source regarding security.
i have big hardware firewall machines at work , Fortinet and Checkpoint mostly which i manage , also some other brands like sonicwalls etc .
at home i use Openbsd router on 4 port embaded old machine and now moving to a 2.5 gig machine . i also use OpenSense from time to time ( dont like pfsense right now and prefer Openbsd by far )
i dont see any point in using the hardware big-names at home and i have a couple of them .
if you know to update frequently and have a backup machine you should go the open route . just update and dont open anything without a vpn .