Firewalla offers powerful yet simple-to-use features that protect your privacy online, whether you're at home, in the office, or on the go. With Firewalla, you can:
- Stop ads from tracking you with Ad Block.
- Prevent entities from snooping on your website traffic with DNS over HTTPS or Unbound.
- Encrypt your personal or business traffic with our complete VPN solution.
- Use custom and system Target Lists for additional filtering.
- Securely sync time with NTP Intercept.
Privacy Protection is complex, and the best solution may require many different parts of your network to work together. Firewalla's role is to protect your network by using encryption and traffic controls to hide data or content that's not under your control.
Here are some types of activity tracking that Firewalla can help protect against:
- Application Layer Tracking – Applications and websites sometimes use trackers (pixels) to send ad clicks and other events to ad platforms.
- DNS Server Tracking - DNS services/servers may track your DNS requests.
- Network-based DNS Tracking – Intermediate networks (such as your ISP) can learn information about what you're doing through your DNS requests.
- ISP/Network Tracking – Networks can use IP flows to guess where your network traffic is going. VPN service providers may also engage in this kind of tracking.
- Tracking from Public Networks – When connected to a public network (such as airport or hotel Wi-Fi), the service provider you use may track your actions, even on purchased Wi-Fi access packages.
Privacy Services |
Reduce Application Tracking |
Reduce DNS Server Tracking |
Reduce Network-Based DNS Tracking |
Reduce ISP/Network Tracking |
Reduce Tracking from Public Wi-Fi |
Ad Block |
✓ |
|
|
|
|
Unbound | ✓ | ||||
DNS over HTTPS (DoH) | ✓ | ||||
Firewalla VPN Server |
✓ |
||||
Firewalla VPN Client (3rd-Party VPN) |
|
|
✓ |
✓ |
Notes:
- The level of protection of a VPN connection depends on what features you apply to it. For example, the Firewalla VPN Server can reduce DNS Server tracking if you enable Unbound.
- 3rd-Party VPNs can reduce network-based DNS tracking from your ISP, but your 3rd-Party VPN provider will still be able to see your DNS traffic.
- The Firewalla VPN Server can encrypt your device's traffic while on public Wi-Fi, but cannot hide it from your ISP unless you combine this feature with a 3rd-Party VPN through the Firewalla VPN Client.
1. Stop Tracking and Block Ads
Ad Block is Firewalla’s built-in ad-blocking feature. It helps eliminate ads and stop ad providers (such as Google, Amazon, Facebook, etc) from tracking your web browsing habits. Ad providers are constantly attempting to see your online behavior to sell you services and products.
If you want to block ads more aggressively, you can turn on Strict mode in Ad Block. Strict mode will block more ads than the Default mode, but may also trigger ad block detection more often than needed. Learn more about Ad Block on Firewalla.
While we can’t eliminate all ads, we’re continuously improving our ad-blocking processes.
2. Prevent Snooping with DoH and Unbound
Whenever you use the Internet, your device sends DNS requests to retrieve the websites or applications you want to see. Those requests are answered by a DNS server.
Traditionally, DNS requests are sent in plain text. DNS over HTTPS (DoH) encrypts your DNS requests, making DNS exchange more secure and protecting user privacy. With Firewalla, you can enable DoH for devices on individual network segments. Learn more about DoH with Firewalla.
Unbound is a recursive DNS resolver that prevents a single DNS server from having all your DNS records. This helps increase your online privacy and security. Learn more about how Unbound works on Firewalla.
3. Encrypt Traffic with Firewalla VPN
VPNs create connections between your device and a remote server. Firewalla has a built-in VPN Server and VPN Client, providing a powerful VPN solution that is extremely easy to deploy for home and business use.
- Securely access your network no matter where you are with Firewalla VPN Server.
- Connect to a 3rd-party VPN or send your devices to different VPNs with Firewalla VPN Client. Note that if you use a 3rd-party VPN, your VPN provider will be able to see your traffic.
- Combine Firewalla VPN Server with Firewalla VPN Client to create a secure one-way link into a network or establish a secure two-way link between two networks.
Firewalla VPN supports both OpenVPN and WireGuard on the Firewalla Blue Plus, the Firewalla Gold series boxes, and the Firewalla Purple series boxes.
Securely Access your Home Network
When traveling or using public Wi-Fi, you can connect to your Firewalla VPN server at home (or work) to securely access content on your devices. By connecting to Firewalla VPN, you can also surf the Internet just as safely and easily as if you were at home. You can rest easy knowing that neither the Wi-Fi operator nor anyone around you can eavesdrop on any of your communications.
Working Remotely from Home
When working from home, you often need access to servers or devices on your work network. By connecting your device's VPN Client with your work's Firewalla VPN Server, you can securely access content and applications at work just as if you were in the office. Additionally, you can tell Firewalla to only send work-related traffic over your VPN and keep your personal traffic between you and your ISP.
"Teleport" your Devices with a 3rd-Party VPN
If you are using 3rd-party VPNs to shield your data from your ISP or government and want more devices to use the same service, you can use Firewalla VPN Client to route traffic from each device over your 3rd-party VPN connection. You can even route traffic from devices that can't install VPN clients, such as IoT devices like security cameras and home automation controllers.
Connect Multiple Networks with Site to Site VPN
If you have multiple offices or homes, you can use a Site to Site VPN to connect your networks together over encrypted links. This allows you to establish secure bi-directional access between your two networks. Learn more about how to configure a Site to Site VPN.
Learn more about Firewalla VPN use cases.
4. Use Target Lists for Additional Filtering
Firewalla has a large database of dynamic security intel that your box uses to judge the risk of your connections. However, if you have a lot of targets or want to use some other list of targets, we offer the Target List feature. A Target List is a set of targets defined with domain or IP which can be used as a building block to create rules or prioritize a group of targets. If you create a rule to block a Target List, its entries will always be blocked regardless of the site's reputation. Learn more about Target Lists.
Firewalla's content-blocking features and Ad Block features are comprehensive enough for most users. However, if you want an extra layer of protection, you can block the preconfigured OISD Target List, which is a list of risky sites or sites that have unwanted content. You can read more at https://oisd.nl.
5. Securely Sync Time with NTP Intercept
Many devices regularly make Network Time Protocol (NTP) requests to keep their clocks in sync – you'll see these requests as traffic over port 123 on your box's Flows page. NTP traffic is very common and generally considered safe. However, vulnerable NTP servers can sometimes be exploited for DDoS attacks or as a covert communication channel.
Firewalla's NTP Intercept feature catches your devices' NTP requests and processes them locally using standard ntp.org NTP servers (or servers set by your ISP via DHCP), reducing your network's risk exposure while saving some bandwidth. From the devices' perspectives, NTP requests simply succeed as usual. Learn more about NTP Intercept.
To learn more about how Firewalla protects the security of your network, check out our article on How to Secure Your Network with Firewalla: Protect.
Comments
0 comments
Please sign in to leave a comment.