Firewalla Managed Security Portal Introduction

Follow

Comments

43 comments

  • Avatar
    Daniel Nguyen

    Thank you for writing up this article.

    4
    Comment actions Permalink
  • Avatar
    LoRdNeX

    Looks to be fun. Just wish I had a purple so I could play with routing and vpn technique. But thanks a ton Guys for providing this for us to try out!

    2
    Comment actions Permalink
  • Avatar
    Chuck

    I have 4 Gold's & 1 Blue+. Too bad beta only does 3.

    2
    Comment actions Permalink
  • Avatar
    Firewalla

    @broadnetwork created a ticket for you, we can increase the limit for early access mode.

    1
    Comment actions Permalink
  • Avatar
    Bryan Bellino

    I signed up a few days ago. Any way to find out where we are on the list? Thanks!

    1
    Comment actions Permalink
  • Avatar
    Support Team

    @Bryan

    Just invited, please check your email inbox.

    1
    Comment actions Permalink
  • Avatar
    Chris Thomas

    This is a neat concept; look forward to seeing how this unfolds.

    0
    Comment actions Permalink
  • Avatar
    Matt Niswonger

    Does the MSP have the same 20 target list limit as when creating target lists on the box?  Also, is there currently a way to add additional users to be able to log into the MSP and access the account, or do we have to share credentials for now?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Try to add more target list, I think we increase that to 2000 or so. 

    Do you mean invite more people into your MSP container? That has to be done manually at the moment. 

    0
    Comment actions Permalink
  • Avatar
    Matt Niswonger

    @Firewalla - yes, I was going to add some boxes but wanted to add an additional user.  It isn't a big deal to share creds with this individual, but, I would prefer to use 2FA once available, so that will be an issue at that time.  Ideally role based access would be best, so I can limit their permissions, but that is a long term goal.

    On a related note, I've been hesitant to really start adopting the MSP portal because of the lack of a pricing model.  I'd hate to start using the APIs for alerts, automation, etc., or start building shared target lists only to find it cost prohibitive.  I've seen mention about the possibility of a "lite" version of the MSP which would lack HA or other features to cut cost.  Also, this article reads as if beta users will remain free, but it isn't clear what limits there may be.

    0
    Comment actions Permalink
  • Avatar
    Dion Warj

    Once this becomes a paid service, do we have the option to roll back to pre-MSP?

     

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    @Dion, pre-MSP is just the my.firewalla.com, yes, you can go back

    1
    Comment actions Permalink
  • Avatar
    James Willhoite

    You are spinning up a new container for each user correct? Could this be something that is bought and installed on our own server in house?

    1
    Comment actions Permalink
  • Avatar
    Johann R.

    … Building on @James’ thought: or even run the container directly on the Firewalla itself (for Gold), exposing the API and integrations and management locally, using the same code than MSP?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    The container themselves are tied into the aws infrastructure, so it is not possible move them around. they are essentially, cloud based by design.

    0
    Comment actions Permalink
  • Avatar
    Chris Hewitt

    Instructions need to be updated.

    Should be ....

    Adding Firewalla Boxes to your Inventory

    To add a Firewalla box to your management inventory, follow these steps. 

    1. Go to Inventory on the left menu (https://companyname.firewalla.net/#/inventory)
    2. ...
    0
    Comment actions Permalink
  • Avatar
    Micah

    Holy cow... How am I just now seeing this??? 

    WTG Firewalla. Can't wait to drive it!

    1
    Comment actions Permalink
  • Avatar
    Shawnon Parkinson

    We need more functionality within the MSP portal. I would like to be able to get into the router and have the same functions and see the same User Interface as the IOS app. We should be able to change settings on the router from the MSP and log in remotely to fix issues to all of our routers in the field. I don't want to have to pull out my phone to attempt to fix an issue in the field. Full computer access is needed. 

    0
    Comment actions Permalink
  • Avatar
    Shew

    This introduction talks about multiple admins.  How do I add a new admin?

    1
    Comment actions Permalink
  • Avatar
    Support Team

    @Shew

    Right now it can only be added by us, configuring in the backend. But we are working on it to support it in the UI.

    1
    Comment actions Permalink
  • Avatar
    Ari

    I am using this as a power user and it is GREAT! May I make a suggestion? Once you start charging for it if the only 2 tiers are the basic web app and unlimited, it will probably be priced out of power users budgets. I would suggest the FREE tier (1 box basic) and then a power home user tier (1 box but with the MSP dashboard) and then 2-3 or whatever, and then 3-99, 100-1000, etc. Otherwise a lot of us "power users" may get priced out.

    2
    Comment actions Permalink
  • Avatar
    Firewalla

    There have been discussions on a cheaper tier for not MSP's; since amazon charges us for the containers/extra storage/network bandwidth, there is no way this cheaper tier will be free. 

    -1
    Comment actions Permalink
  • Avatar
    Ari

    Absolutely! I would expect to pay something for it. But I would expect to pay less than people who are managing more boxes. Anyway, thanks for listening.

    2
    Comment actions Permalink
  • Avatar
    Chris Hewitt

    Looking to collect all blocked in-bound IP addresses and the source country.  This is my API call.

    curl -s --request POST --url 'https://central.firewalla.net/v1/flows/query'  --header ' Authorization: Token dfd143d.............016ad' | jq '.[] | {ip,blocked,fd,country} | select(.blocked) | select(.fd=="in")'

    That gives me results that look like ...

    {
      "ip": "",
      "blocked": true,
      "fd": "in",
      "country": ""
    }
    {
      "ip": "",
      "blocked": true,
      "fd": "in",
      "country": ""
    }


    But this is nowhere near the number of blocked flows on the MSP portal or mobile app. Also, from the API I can't get any of the blocked inbound flows.

    What am I doing wrong.

     

    And even if we assume I don't understand what "fd" represents, I still get very few results.

    Trying this call ...

    url -s --request POST --url 'https://central.firewalla.net/v1/flows/query'  --header ' Authorization: Token dfd143d.............016ad'' | jq '.[] | {ip,blocked,fd,country} | select(.blocked) ' 

    I still only get ...

    {
      "ip": "",
      "blocked": true,
      "fd": "in",
      "country": ""
    }
    {
      "ip": "41.214.134.201",
      "blocked": true,
      "fd": "out",
      "country": "MA"
    }
    {
      "ip": "89.248.163.175",
      "blocked": true,
      "fd": "out",
      "country": "NL"
    }
    {
      "ip": "",
      "blocked": true,
      "fd": "in",
      "country": ""
    }
    {
      "ip": "80.66.83.55",
      "blocked": true,
      "fd": "out",
      "country": "RU"
    }
    {
      "ip": "89.248.163.175",
      "blocked": true,
      "fd": "out",
      "country": "NL"
    }

    0
    Comment actions Permalink
  • Avatar
    Client Support

    Hi Chris, 

    By default the API returns 200 responses. If you need more or less than, that you can specify like so: 

    curl --request POST \
    --url 'https://your_instance_name.firewalla.net/v1/flows/query' \
    --header 'Authorization: Token [your token]' \
    --header 'Content-Type: application/json' \
    --data '{ "limit": 300, "start": 1677613186, "end": 1677631186}'

    The start/end times are in unix epoch format are optional, but give you bracket precisely the time inspected.

    1
    Comment actions Permalink
  • Avatar
    Chris Hewitt

    Thank you.  Please consider documenting that somewhere ... any other tricks you can share?

    I tried setting the limit to 100, 300, and 500 and still only was able to get 200 records returned. Seems like no matter what the "limit" is set to only 200 records are returned.

    What am I doing wrong?

    ┌──(pi㉿x)-[~]
    └─$ curl -s --request POST --url 'https://central.firewalla.net/v1/flows/query'  --header ' Authorization: Token dfd143d.............016ad' --data '{ "limit": 500}' | jq '.[] | {ip,fd,blocked}' | grep fd | wc -l
    200

    ┌──(pi㉿x)-[~]
    └─$ curl -s --request POST --url 'https://central.firewalla.net/v1/flows/query'  --header ' Authorization: Token dfd143d.............016ad' --data '{ "limit": 300}' | jq '.[] | {ip,fd,blocked}' | grep fd | wc -l
    200

    ┌──(pi㉿x)-[~]
    └─$ curl -s --request POST --url 'https://central.firewalla.net/v1/flows/query'  --header ' Authorization: Token dfd143d.............016ad' --data '{ "limit": 100}' | jq '.[] | {ip,fd,blocked}' | grep fd | wc -l
    200

     

    Adding the date range for the past 12 months (yes, I know that the data don't go back more than 24 hours) still doesn't give the right results.

    curl -s --request POST --url 'https://central.firewalla.net/v1/flows/query'  --data '{ "limit": 500, "start": 1646110800, "end": 1677686238}' --header ' Authorization: Token dfd143d.............016ad'  | grep ip | grep 89\.248\.163\.110
        "ip": "89.248.163.110",

    Certainly more than enough data to return.

     

    Let's assume I am going about this the completely wrong way. How can I use the API MSP feature to get a list of all blocked inbound connection attemps?

    0
    Comment actions Permalink
  • Avatar
    brad

    Is the Beta still open? I would love to give this a try.

    0
    Comment actions Permalink
  • Avatar
    Manuel Asorey

    Hello,

    I filled the form days ago but never got the invite. Could you please check if I'm in the list?

    Thanks,

    Manuel

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Please be patient, we are working on an automatic signup system now, may take a week or two to get it ready. When that is done, we will don't need the waiting list.

    If you are on the list, please do watch out an email from us. 

    0
    Comment actions Permalink
  • Avatar
    Alejandro Sánchez Márquez

    Hello team,

    I am receiving this message since last saturday:

    Status
    Error
    Description
    Box Purplewalla is offline
    Timestamp
    18/3/2023 3:53
     
    Is this because you started already charging for a subscription? I cannot find the pricing details or how to sign up for it.
    Thanks.
    1
    Comment actions Permalink

Please sign in to leave a comment.