Products Firewalla Gold Firewalla Purple Firewalla Blue Plus Firewalla Red Firewalla Blue

What is the source for the malware etc. signatures?

Follow
Avatar
MilesBFree

And how often will those be upgraded (weekly?  daily?  in real-time?) 

And what happens if Firewalla the company goes bust? Or decides not to offer new threat profiles / signatures? 

I am feeling a bit burned by Netgear since they did away with support for their UTM5 and even though they will let you download the latest firmware from their web site they won't let you upload it to the UTM5 which seems really poor treatment of customers...  (The upload feature is still in the management menu but the upload fails with a message that you need to buy a new maintenance agreement, which they won't sell you.)

One of the attractive features of the Firewalla is no subscription fee, but before I buy I wanted to be sure we would be getting new signatures and updates.

0

Comments

5 comments

Sort by Date Votes
  • Avatar
    MilesBFree

    Thanks for the quick reply.  I was more looking for something like is there a central repository on the Internet like CERN where these are stored/aggregated, or do you monitor a bunch of different sources like Apple, Microsoft, Norton, etc. and aggregate the signatures yourself? 

    And have you automated the process so if for example CERN publishes a new threat, you scan their "list" every X minutes/hours and push a new signatures list to the Firewalla within Y minutes? 

    1
    Comment actions Permalink
  • Avatar
    networker5

    So if there is some intrusion trigger, would an alarm be generated? I have never seen one so perhaps nobody is trying to hack me? I find that strange because I used to find many attacks in my old firewall. This is directly connected to the Verizon otn.

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    If attacks are blocked, we do not show them.  (this is outside in).  I have replied to another thread, we are slowly adding "blocked" sites, starting 1.45 and 1.972 on the firewalla box side.  So you will be getting that visibility soon. 

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    It really depends on the signature and the source of the signature.   Most are daily, and some are API based (instantly), some are hourly.  There are some are calculated by us ... which has a life of its own.

    We did answer someone question a while back

    https://www.reddit.com/r/firewalla/comments/i3s6f5/how_does_firewalla_make_money/

     

     

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    So _if_ y'all do go out of business, the cloud stuff will stop working, which I'm understanding is pretty much everything... (?) Not only the block lists, but the management interface also.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post