Comments

3 comments

  • Avatar
    Firewalla

    Short answer:

    Pi-hole is a DNS server.  Firewalla is a layer 3 to 7 Firewall, that also includes DNS server, VPN Server, IPS/IDS.

    Pi-hole sees domain names.  Firewalla sees IP Addresses and Domain Names and Protocol actions (such as a failed ssh attempt) 

    Long answer:

    "Pi-hole is a Linux network-level advertisement and Internet tracker blocking application[2][3][4][5] which acts as a DNS sinkhole[6] (and optionally a DHCP server), intended for use on a private network.[1] It is designed for use on embedded devices with network capability, such as the Raspberry Pi,[3][7] but it can be used on other machines running Linux and cloud implementations.[6][8][9][10]

    [Quoted from Wikipedia]

    Pi-hole is a DNS based device, which means it sees DNS requests such as "what is the IP address of pornhub.com"

    Firewalla, on the other hand, is a network layer device.  It sees all network traffic, including DNS requests, and able to control data streams.  (Firewalla is also an IPS/IDS/VPN Server/DNS server ... and can filter traffic using IP addresses)

    Example:

    Firewalla will know how much data is getting transferred between your devices and the internet.   It can block any connection between your LAN and WAN.   Pi-hole will not be able to see this, nor block any IP addresses.

    Firewalla will be able to enforce which DNS server your devices are using by listening to the stream of data and change the DNS server to the one you configured.   (including forcing everything to go into Pi-hole).  

    Firewalla will be able to see and block if someone is trying to hack your system.  Such as ssh ... guessing password... 

    Firewalla can also do deeper SSL inspection, which means, even if DNS queries are encrypted, Firewalla will be able to extract the domain from the SSL protocol. 

    Co-existence:

    Pi-hole is a very powerful DNS server, it can fully coexist with Firewalla.  And Firewalla can manage which devices can be served by pi-hole.  

    Since Firewalla is an open platform, you are free to run pi-hole inside the firewalla.  https://help.firewalla.com/hc/en-us/articles/360034635473-Tutorial-Running-Pi-Hole-on-Firewalla-Blue-in-5-min

     

    1
    Comment actions Permalink
  • Avatar
    Manny Cavalier

    Why pi-hole won't or can't run on Red?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    It is possible to run on the Red, the only problem is you have to watch out for memory usage.    Overall we recommend the firewalla blue, due to memory footprint. 

    0
    Comment actions Permalink

Please sign in to leave a comment.