Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Articles in this section

See more

Firewalla AI Assistant (Ask FireAI) (beta)

Avatar
Firewalla CM
  • Updated
Follow

Firewalla AI Assistant (Ask FireAI) – the latest smart assistant built right into your Firewalla.

Whether you need help understanding an alarm, learning about unknown domains, or identifying unknown devices, this new AI-powered feature simplifies your experience and helps you decide how to control and protect your network.

Disclaimer:

  • Firewalla AI Assistant is optional. It is not active by default and does not run in the background. It is only active the moment you use it. (It is also a one-shot action) 
  • If you wish to hide the FireAI buttons, turn them off under Protect from your box's main screen.
  • Personal or sensitive information is never sent to the cloud or used for AI model training.
  • There is no subscription fee for FireAI.
  • While we strive to provide accurate and helpful responses, AI-generated content may not always be accurate, complete, or up-to-date, and it is not a substitute for human judgment. Do not rely solely on AI responses for critical decisions, including security matters.
  • Firewalla is not responsible for any consequences resulting from AI-generated outputs. Always verify important information with trusted sources before taking any action.
  • In the future, if we add passive AI features, they will be off by default.

 

How do I use Firewalla AI Assistant?

More cool features to come in the future.

 

Get Insights into Alarms

Firewalla AI Assistant can help you understand more about your alarms. If you ever receive an alarm that you don’t understand (e.g., an Abnormal Upload alarm to an unknown domain), you can "ask FireAI" to explain it to you. 

Ask FireAI is available for these alarm types:

  • Abnormal Upload
  • Large Upload
  • Gaming
  • Video
  • New Device

To ask FireAI about an alarm:

  • Navigate to the Alarms page from the box’s main screen.
  • Tap the FireAI button on an alarm from the list.
  • Or, tap on an alarm to go to its details > tap Ask FireAI about this alarm

 

Learn about domains

Firewalla AI Assistant can help you look up unknown domains that your devices may access. If you ever see a network flow to or from an unfamiliar domain, simply ask FireAI to look into it.

Ask FireAI will be available for:

  • Network Flows, including Top Upload and Top Download Destinations
  • Blocked Flows, including Top Blocked Destinations

From your flow history:

  • Go to your network or blocked flows.
  • On the History or Blocked Flows tab > select a flow > tap Ask FireAI about this domain

 

Or, for top domains:

  • Go to your network or blocked flows.
  • Tap the Upload or Download tab for network flows or the Top Blocked tab for blocked flows.
  • Select a Top Destination, then tap Ask FireAI about this domain.

 

 

Identify Devices

Firewalla AI Assistant can help you identify unknown devices that join your network. Ask FireAI to look into any device to understand what kind of device it could be and who it may belong to. 

FireAI will be available for all devices. To ask FireAI about devices:

  • Go to any Device detail page.
  • Scroll down > tap Ask FireAI about this device.

 

 

 

Rate Limiting: Shared Token Pool System

Running AI models, especially large ones, requires significant computing power. Each question you ask is processed by powerful servers using specialized hardware (like GPUs), which consumes much energy and costs money.

 

To make FireAI access fair and efficient, we use a shared token pool across all users. 

 

What is a token?

  • A token is a small piece of text that FireAI uses to understand your question and generate a response.
  • For example, the sentence “How’s the weather today?” uses around 6 tokens. Longer messages use more tokens.

How the shared pool works

  • All users draw from the same pool of tokens. (Firewalla pre-pays this pool of tokens)
  • Each FireAI question and answer uses tokens from this pool.
  • When the pool runs low, new FireAI requests will first reduce the output token count. (Answers will be shortened by 30-70%.)
  • If the pool reduces further, you’ll see a message saying FireAI access is unavailable — just try again a bit later. 
  • The shared limit refreshes hourly.

Special handling for Firewalla MSP users (TBD)

  • Firewalla MSP users can access an additional reserve pool via their shared container during high-demand times. 

FAQs

 

Is the Firewalla AI assistant free?

The infrastructure needed for AI is extremely expensive to operate. We will do our best to pay for a shared pool of tokens for all users.

 

Can I turn off the Firewalla AI assistant?

Yes. From your box’s main screen, tap on the Protect icon and turn off Ask FireAI.

  • Even if FireAI is on, nothing will be sent to the cloud unless you "ask" (using the feature actively). 

 

 

How does Firewalla AI Assistant use my data? 

Firewalla AI Assistant runs in the AWS (or Google) cloud. The LLM (model) is too large to run on a standard consumer PC, MAC, or Linux device. 

  • Private Data: Personal or sensitive information — including personally identifiable information (PII), financial, or medical data — is never used for AI model training.
  • Non-Private Data: We may use anonymized, non-sensitive, or aggregated usage data to improve generative AI models. Any improvements made using this data are exclusively retained within Firewalla and are never shared externally (for example, when you vote "thumbs up" or "thumbs down" on a FireAI response, we will use that to tune the model).

We use multiple LLMs from AWS and Google, combined with our intelligence data.

  • This includes data such as, which sites are considered good or bad, site category (like porn), common device profiles, etc.
  • It does not include customer data.

 

How does FireAI process user requests?

Here's an example of how FireAI works:

  • FireAI sends a message to an LLM server in the cloud (Example: "A device XYZ is uploading 100MB to a random site at 10 a.m., is this good or bad? What are your recommendations?").
    • Firewalla will also send useful metadata from the alarm detail screen, device detail screen, or flow detail screen to the LLM to complement the text question. 
  • The LLM generates a response, which is then displayed on your app.
  • If you provide feedback ("thumbs up", "thumbs down", or custom feedback), Firewalla will relay that feedback to the LLM to help it improve.

 

 

Related articles

Comments

1 comment

Sort by Date Votes
  • Avatar
    J G

    Any word on tail scale support?

    0
    Comment actions Permalink

Please sign in to leave a comment.