Firewalla Security Questions

Comments

4 comments

  • Avatar
    Firewalla

    First, we never chase the latest and greatest; what's important to us are stability and security. Our team always monitors the patches and makes sure those that apply to our system get patched. 

    We do have a lot of security researchers/testers helping us on the side, and usually, they will come to us directly via help@firewalla.com if they have questions or issues to bring up. 

    1
    Comment actions Permalink
  • Avatar
    Mark Khan

    Thank you for your response. Since I am a new user to Firewalla products, I am trying to ascertain how they stack up against commercial products such as Netgear, ASUS and Ubiquity. I want to have the most secure router possible when I make recommendations to my customers. I know that statement is general in context, so a simple ranking based on overall security is what I am trying to come to regarding Soho routers. I know All routers offer different functionality some more some less. Some complicated some easy to use. I am just trying to ascertain where Firewalla stacks up.

    -1
    Comment actions Permalink
  • Avatar
    Michael

    Just because they're not chasing the very latest release doesn't mean they're insecure. Based on what I can see, they're using Ubuntu LTS releases, which specifically have long support cycles. Their oldest version looks based on LTS 18.04, which is supported until April 2023. That's just around the corner, but the latest releases claim to be based on LTS 20.04, which is supported until April 2025. The very latest beta release appears to be built on LTS 22.04, supported until April 2027.

    Even with the 20.04 release, which is already two years old, there are still three years of upstream support including security fixes on the base system.

    Overall, the security of the router will depend heavily on what you expose for it. If you don't use any of the extra features, you're going to have a very small attack surface compared to also running extra services like the VPN server, or docker containers with exposure to the outside. If you're that concerned about security, you might want to look at buying a router that only routes and then additional equipment that provides all the other features you want that you can audit individually.

    2
    Comment actions Permalink
  • Avatar
    GZ

    The last paragraph echos son3 of my thoughts.

    0
    Comment actions Permalink

Please sign in to leave a comment.