Firewalla Blue Plus VS Winston Privacy
I was wondering how the Firewalla Blue Plus would compare with Winston Privacy. Plusses & minuses....features...etc ?
-
I have no experience with the FW line of products but I have been using Winston Privacy from day 1. Here's a little info based off what info Ive read on the FW line vs my experience with Winston Privacy. They are 2 very different products and I've actually be thinking about putting a FWG into my mix. To me it feels like they could work together in a very smart way. WP can handle all the privacy/adblocking/etc. while the FWG handles all the management of the network. (I do wish FW had more adblocking options, seems its only on/off with no idea what its doing)
My current setup is this: WP handles all the DNS (they use cloudflare on the back end)
ISP->Winston Privacy-> Unifi UDM Pro. I was thinking I'd like to try this. ISP->Winston Privacy-FWG.
Think of WP of a better more targeted easier to use PiHole/Adguard. (I've used PiHole/Adguad on a Pi4 before switching to WP) Here is an article from WP site about the diff of WP VS PiHole. https://support.winstonprivacy.com/support/solutions/articles/48000963349-why-not-just-use-a-pi-hole-
ok so back to your question. I think a FW would be an excellent compliment to using Winston. FW does a lot more of the administration tasks. Firewal, VLANs, Parental Controls/Content Filter, VPN, Threat Protections, Device Management, Docker, 4 port Router (FWG). While WP handles all the dns ad blocking.
The biggest limitation I've found with WP is their current hardware can only handle 500mb/s. this is an issue for may because many homes now have access to 1GB speeds.
-
I am readin guide https://support.winstonprivacy.com/support/solutions/articles/48000963392-how-does-winston-work- and it says
"Winston provides you with optional access to a virtual, distributed private network with no logging. This network scrambles your internet activity with those of up to 30 other users, making it incredibly difficult to correlate your IP address with your physical location."
They are doing what TOR is ... sending my traffic to people I don't know. and other people's to my network. No thanks! I bought firewalla to prevent that!
I prefer to stick with IPVanish VPN and use local services like pihole or the new firewalla strict adblocker. At least I know my network is clean.
-
1980cyber. first off a FW doesnt prevent mesh/tor. its not even a feature.
with Winston you have the ability to not use the mesh network. I've notice zero slow down or latency in web browsing, games, videos, etc when using the mesh network. We all can agree that VPN and Tor can make everything much slower.
I would like to see some more info on the strick adblocker FW implements, and some options to add lists or etc. a global on/off doesnt really tell us much about whats going on and if there are blocking issues how to fix.
I also think a WP with a FWG on the back end could be a really nice setup.
I guess i also have a question. why use a US based VPN?
also a great source of privacy info is Privacytools.io
here is the vpn section.
-
You can find out more about the strict adblocker here. https://help.firewalla.com/hc/en-us/articles/1500003521641-App-Release-1-45.
It is nothing fancy, but using a stricter list that will block a lot more ad's than the default mode, but has a higher probability of triggering an adblocker blocker.
Can't really comment on WP, none of us use it. But I do know a couple of users got it working in front of the Gold.
-
I have the WP, and will be getting FW Purple. I have a company computer and VoIP phone I currently have connected to another port on the modem, but do have a managed switch. How can I set these up on their own VLAN, while not being affected by WP? I'd like it to only be in line with my home devices along with FWP. I don't know what VPN type is used to connect to the company.
-
Isn't WP discontinued? Another customer told us their box is no longer working ...
Assume WP works, in your case, you can do
ISP --> Firewalla Purple --> Managed Switch VLAN2 --> Winston -> your other box using winston
ISP --> Firewalla Purple --> Managed Switch VLAN2 --> Work PC
A little warning, if you place the winston behind firewalla on the LAN, it will likely generate a lot of alarms if you allow other people to share your internet, or use other people's internet ...
-
WP has gone out of business, but the boxes continue to work. There will not be any updates (obviously) and eventually will need to override the certificate as it will expire. My plan was for modem > WP > FWP > Switch > mesh wifi with the company setup into the switch. Will this work if I want to segment the company equipment from everything else?
-
The default position when cloaking is enabled, is to only send high risk traffic through that network of other WP devices. I can whitelist a domain (or IP) but not a range if that's needed. I have not messed with pass-through mode and left it as disabled. In theory I believe VPN traffic will bypass the WP device, which may be even with it plugged into the router/modem on another port it doesn't seem to be affected. With FWP, would I need to put it on its own VLAN then? Or will similar rules apply.
-
I have the Winston, just got the FW purple to try. Since Winston went out of business I’ve been looking for some sort of solution that has some parity. Sure the distributed Tor bit was nice, but what I also liked was Winston blocked things from phoning home continually like Roku devices that pulled ads or reported data usage. I’m wondering if that same functionally will work with FW
-
The blocking part is here https://help.firewalla.com/hc/en-us/articles/360008521833-Manage-Rules
and you can find more on adblocking, doh ... here https://firewalla.com/pages/user-manual
-
@Pylorns, winston still works, but since the company has gone out of business there will be no updates. I got the FWP, and it does give the option of blocking outbound traffic per device, or you can setup groups. I have not tried setting it to block incoming ping requests, but that is an option. The best solution for me, was replacing Winston, and setting FWP to router mode and my combo modem/router to bypass. This resolved many of the issues I had with devices being blocked. YMMV. I may see what works/doesn't with winston back in the loop later. As you probably know, with that you basically are opening holes for certain devices with the built-in rules or whitelisting.
Please sign in to leave a comment.
Comments
16 comments