Getting a home firewall for personal use was on my list for a very long time. $, time to configure / manage were my biggest issues. And they all sucked in terms of interface. I had Ubquiti on my purchase list but that’s outrageously expensive with nearly no new innovation. I somehow came across Firewalla and the Purple product seemed a perfect fit for me.
Affordable, feature-rich, plug-n-play, powerful iOS app
Firewalla Purple is hands-down one of the best tech products I currently have in my stack. The problem statements I was looking to address with a home firewall were:
- Stop traffic to / from certain countries (I am using Xiaomi’s app for my Roborock due to Home Assistant, and I have Aqara’s HomeKit cameras)
- Put a firewall with some preconfigured / basic protections in front of my home server (TrueNAS Scale running on my HP PC and Home Assistant on RPi)
- Have my own VPN server
- Get some interesting statistics about my Internet traffic
The Firewalla Purple as my home firewall allows me to do all these with quick toggles in the app and makes the user experience very intuitive. The best part, it is a very tiny form factor; no bigger than an RPi in a case. Here’s a photo of the firewall in my wire box and a comparison with an RPi 4 in a case:
My video walkthrough of the Firewalla Purple home firewall:
The setup was a breeze, the Firewalla has 2 modes that can be setup (app screenshots below):
- In front of your router with the router in bridge mode
- As a tap connected to your router monitoring your traffic
My home network runs on the Amplifi Alien and I was able to easily switch it to Birdge mode. This meant I didn’t have to change anything in my network. The ISP cable went into 1 RJ45 and the other went into my router. A couple of minutes later while the devices booted back up, and we were in action. It took me a couple of tweaks to understand the basic configuration settings like WAN, LAN and some port settings for Home Assistant. Once I figured that out, I was right into the settings I really wanted — the geo-blocks. Here’s how I’ve setup the firewall:
-
Geo-blocks for the entire network:
- No traffic from China, Russia, and a few other countries that are notorious for nefarious activities
- Blocked uploads from my Aqara smart cameras to non-US countries
-
Firewalla Blocklists
- Enabled a few blocklists that block specific type of traffic
-
DNS over HTTPS for my iPhone
- This was an absolute delight as a feature to know that it exists. The implementation often breaks because of iOS’s “feature” of MAC randomization.
-
Completely open traffic for Apple TVs and wife’s iPhone
- I consume a lot of TV and Paramount+ is a service that has some TV shows I watch. Unfortunately, Paramount+ devs have spent all their skills, time and energies on making sure that the app does not work if anyad blocks are implemented. (The app is actually garbage for UX but extremely effective at not working if it detects any network blocks on ads.) Firewalla’s Blacklists often are dynamic and block ad networks that render Paramount+ incapable. The only solution I could think of for a seamless TV experience was to put all my Apple TVs in a group in Firewalla and open all the traffic.
- Separately, my wife’s Internet experience requires the promoted ads from Google to always work. Again, the only solution was to put her iPhone in the same group as the Apple TVs and all traffic is open on her device
-
WireGuard VPN for my devices
- This has been super clutch for me. I have been able to bypass hotel WiFi to play Playstation Remote Play on my laptop. Very easy to setup as well.
- Here’s a video of me bypassing hotel WiFi limitations using Wireguard VPN that comes with the firewall:
-
Ad Block Enabled on the network
- I was using PiHole but it was becoming very difficult to configure specific devices to be open (use case above). So I disabled PiHole and switched to the Ad Block included in Firewalla. It’s a simple toggle ON/OFF and then I enabled device-specific rules for #3
-
Forwarded ports to allow TrueNAS Home Server and Home Assistant remote access
- Took me a few tries to get this working
I’ve been using the Firewalla Purple for a few months now, and I’m really impressed with it. It’s a great all-in-one security solution for your home network, and it’s easy to use. One of the things I love most about the Firewalla Purple is that it’s so comprehensive. It includes a firewall, intrusion detection and prevention system (IPS), web filtering, and ad blocking. It also has a built-in VPN, so you can safely browse the web even when you’re on public Wi-Fi. The Firewalla Purple is also very easy to use. The web interface is well-designed and easy to navigate. You can create custom rules to control how traffic flows on your network, and you can also block specific websites or categories of websites.
Screenshots of the iOS app and the web UI:
A feature I am not currently using is Network Segmentation. The reasons:
- I have not figured out how is it actually useful than me grouping my devices and applying specific policies
- Also, my WiFi network is on my Alien router and I have a separate 2.4GHz network for smart home devices–it hasn’t made anything easier or harder
*Here are some specific things I like about it as a home firewall:
- It’s very comprehensive. It includes all of the features you need to protect your home network, including a firewall, IPS, web filtering, ad blocking, and a VPN.
- It’s easy to use. The web interface is well-designed and easy to navigate. You can create custom rules to control how traffic flows on your network, and you can also block specific websites or categories of websites.
- It’s affordable. It’s a one-time purchase, and there are no monthly fees.
*This was written by Google Bard.
Overall, the Firewalla Purple is a great all-in-one security solution for your home network. It’s comprehensive, easy to use, and affordable. If you’re looking for a way to protect your home network, I highly recommend it.