Firewalla and Sandboxing Advanced UTM

Comments

4 comments

  • Avatar
    Firewalla

    There are a lot of marketing terms here.  :)

    Some of the services here require a man in the middle HTTPS, or "HTTPS decryption", which is something the Firewalla box doesn't do.  Messing with encryption is not a home or small business feature, it belongs to an enterprise with a dedicated InfoSec team. (Plus, many of the home devices does not accept certificates, which means, nothing can break the HTTPS from them). 

    Firewalla is a combination of many different types of features, and it is a firewall, router (Gold), IDS/IPS, does content filtering, application control, adblocker, multiple-wan,  load balancing ... content filtering ... and a lot more.  The best to learn more about the box is https://firewalla.com/pages/user-manual

     

    0
    Comment actions Permalink
  • Avatar
    Vincenzo Corsaro
    Thanks first for the answer, I realize that these are advanced features for a home network but having been hit by a ransomware this time I would like to protect myself as much as I can, obviously maintaining a certain simplicity in managing the network and without having to pay monthly fixed costs.
     
    That's why I'm interested in Firewalla, but I'm also interested in understanding the sandbox aspect because I've read that Zero-Day Protection attacks are now becoming the practice for hackers, so the only form of protection is a sandbox, since we are talking about still unknown threats to be identified and blocked.
     
    Or in any case, even net of the Sandbox, Firewalla how does it work against a Zero-Day attack? Does he have any proactive defense tools that allow him to protect me even if that attack is not yet known? Or are you already planning future expansions of the Firewalla software that also includes a sandbox or that in any case offers protection against Zero-Day attacks?
     
    I will look at the Link calmly, but I would need an answer from you precisely because I am not very expert on the subject :)
     
    Thanks again and sorry for the questions if they seem trivial to you.
     
     
    0
    Comment actions Permalink
  • Avatar
    Firewalla

    I think zero-day protection is also a marketing term.  There is no such thing ... otherwise, solarwind attacks wouldn't be hiding so long.

    As for detecting "zero-day", there are so many ways to look at the problem.  So even the concept of a sandbox is depending on the vendor. But the better way is always ... perspectives  

    Firewalla's way of looking at this problem is detecting abnormal transfers through behavioral analytics.  This is also not a perfect thing, but rather looking at problems from a different perspective.  We do not claim zero-day protection ... but rather ... again, a different perspective at looking at things https://help.firewalla.com/hc/en-us/articles/360020926913-Abnormal-Upload-Alarms-Tutorial

    But ultimately, the best way to fix "ransomware" is human ... make sure your employee (or yourself) is always aware, and think hard before clicking, I think that will eliminate a lot of problems.

     

    0
    Comment actions Permalink
  • Avatar
    nsmurali

    Great responses.

    I just wrote this about firewalla: https://www.linkedin.com/pulse/installing-low-cost-hardware-firewall-small-business-murali-dnbne/

    I wish Firewalla UI had one for real dummies like me where it would be possible for the owner to whitelist sites that commonly communicate with office computers while still monitoring for malware and rootkit injection while connecting. It should be possible to do this without entering the firewalla configurator. Make it as safe and "unmanaged" as it can be, out of the box. 

    0
    Comment actions Permalink

Please sign in to leave a comment.