I like them too. I've only installed one professionally (it was replacing a Comcast router) and the big caveat I gave was that due to their business model, it's possible in a year or two they would have to replace it if it turned out to be unsustainable or if they sold the company. I do hope they find a way to generate recurring revenue so we do not have to worry about that.

Yeah no.

I think the solution is to make a device for small to mid-sized businesses with enhanced features and charge a subscription for those devices... and then maybe adding a few advanced features to consumer level devices and making those features subscription.

A free web browser based option is available. If you need to control more than a single Firewalla for remote sites, there are two subscription based plans, beyond the FREEBIE, cheaper than Pfsense. Can't fairly fault the device on what companies might or might not do in the future. Pfsense has changed to a tiered yearly subscription in Oct 2023 so no more freebies or updates without subscription on the previously free software only version of home+lab.

Indeed!

I have a Unifi setup that is managed via cloud interface, so I don't really care. Pretty sure there is a console port on Firewalla anyways.

I'm curious, what option would you choose these days?

Probably one of those small fanless N305 PCs (Serve the Home reviewed one recently) with pf sense or opn sense. I really have no issue with the firewalla and it's still going strong but if I was spending 500-600USD/GBP (yay for import tax) on a router there's tons of options now And since the nightmare I had with netgear's insight I wanna stay away from anything that needs to "phone home" or require a service to work

@@MarcBehar I've been using pfsense for over 15 years and it serves me well. I have a couple of kids now though and I'm looking at firewalla as a solution to keep better tabs on what the kiddos are doing online while allowing me to keep my vlans and network segmentation for my home office. I understand the cloud based control issues but I honestly trust a company whose sole source of revenue is from this product more than a multinational corporation. In the end these devices don't last forever so I'm really just betting they're around for another 6 years or so.

What features are you looking to get out of a pfsense that firewalla does not have? I do not think I have outgrown my Firewalla Gold yet, but I am very curious!

Tbh not too sure yet, more just out of curiosity, but mainly so I have a local management portal I might have to install it on a small machine or VM just to try it out a bit first

Are you using your Firewalla as the gateway with Unfi AP’s or any other UniFi products? If so, I would love to be able to ask you a few questions! Essentially, are there any Unifi features I cannot use by using my Firewalla Gold as my router compared to using a UniFi gateway? I don’t think so because it seems like everything with UniFi runs off of their controller software which I can either spin up using a Docker container directly on my FWG, a different computer on the network, or just buy a CloudKey. Is it correct that I will be able to use all UniFi features even if FWG is my router?

@@gmennc2648 yes I am. You can’t use any of the unifi routing features obviously such as packet inspection and security but the WAPs work fine.

@@ystebadvonschlegel3295 Doesn't the firewalla provide it's own packet inspection, monitoring and reporting?

@@SpaceCadet4Jesus ​​⁠it does but I don’t believe the layer 3 inspection is to the level that untangle offers. I had terrible issues with vpn host performance with untangle on a dedicated box which is why I switched away.

@@ystebadvonschlegel3295 👍 thank you for a quick and informative reply. I will look deeper into a Firewalla (replacing a dead Unifi Gateway 3P). Unifi products are getting too hard to get and more finicky to setup.

you know, i've rather come to hate the word "cloud". it obfuscates and fluffs the real meaning of it being a foreign server/s, who really knows where to boot.

Nice attempt at shilling Alta

Says cloud is cool, has cloud associated Unifi and cloud required Omada, yet downplays the Firewalla because of seemingly far less reliable service on a product he's never used. Why then pick cloud based equipment? Firewalla is meant for home, very small business and IT installs where it's not hugely complex. Also he doesn't know he can SSH right into the box. Actually, it's low on the variables.

​@@SpaceCadet4Jesus Cloud managed infra as a service IAAS... everything is becoming cloud managed nowadays if allowed by security strategy. I do wonder however, how long before their business model dries up and leaves consumers high n dry without updates. Other than that its a great option. I have 8gb internet coming to my area soon. So downsizing boxes isnt an option to save on cost. Funny thing is i would buy it on a subscription model either.

Fully agree, my biggest issue would be WHAT if you have no internet you can't log into the device ? :(

The premise is that it will connect to the Firewalla using bluetooth on one’s phone. I’ve had this work, and I’ve had it fail. Your point is a good point.@@JasonsLabVideos

@@JasonsLabVideostrue - I have come across that. In that case you’d need to be in Bluetooth range so you can connect with your phone or use the serial port to connect to a compute.

​@@JasonsLabVideosyou can SSH into the box with no internet. It's a feature now. Add apps, docker containers and more has been added.

MEH! @@SpaceCadet4Jesus

Kyle, what brand APs are you using?

Thanks

I believe it has two modes; the primary / recommended mode is directly after the modem, ahead of any clients (e.g., a typical wired router setup). I might be wrong tho, never bought it after reading about the hardware bugs with the Purple's upload speed.

That was the original device and the current entry level device. Most of their devices are traditional routers.

@@stevevuoso8411 Thanks for the info, it was indeed some years ago last time I looked at those.

@@ikjadoon I think at the time they had the models with only port, so that was the only way it could do what it claimed to do, with the added disadvantage of halfing the port speed (which back then wasn't that big of a deal since the average internet speed was nowhere near a gigabit)

You mean it's taking a page from the Fing Box. Arp poisoning, something I used to do to manipulate local traffic. Oh, the younger days are coming back!

right, and when the backend dies, the product is dead. a firewall that relies on a phone app and some remote server is not a firewall, but a way to exfil customer data for sale.

Netgate 2100 is a solid choice.

Yet this is what almost all companies are forced to do

Yup, almost every corporate firewall has some form of cloud based services. Even if they fully own the hardware onsite.

I believe you can do that. When I look in the firewalla app, or even in the web UI, it shows me the license key for the software. I remember exploring Firewalla’s community/documentation pages at one point and somebody was talking to their support team about just that. Unfortunately, I believe the only way to purchase a license is to purchase the hardware too. They make it very easy to get their software, but you’d probably have to shell out the cash for the hardware in order to get the license. Their support is phenomenal; maybe try giving them a call and see if they’ll sell you a product key if you really want to go that route!

Is hot garbage a thought or a feeling ? 😜

Nope, but I do like Fisher Stevens as an actor.

"Mr Tom Lawrence?" "my name isn't Tom Lawrence, my name is The Plague" "uh..Mr The Plague?"

90% or more of my smart home devices require an app for setup. Who doesn't have a smart phone? Yesterday, I just helped a friend, in his late 50's, move from a flip phone to his first smart phone, so I think he might have been the last non-texting non-scrolling adult alive in the US. His scrolling finger definitely doesn't understand what it's supposed to do. Lol.

I disagree. Pfsense is still light years ahead here and best part works great in home and business at any scale. All while still be easy to use and configure with a full feature set. I deploy pfsense and protectli hardware and they are bullet proof.

@@carlostavaresjr958 I’m glad it works for you. I tried pfsense a couple different times and wasn’t able to get it up and running correctly. I always had trouble adding my old router as an ap and getting it all to work

@@carlostavaresjr958 Currently looking to replace my UDM-SE with something like opnsense ... protectli looks interesting for a hardware choice, thanks for the tip!

My collar bone & ribs broke, it has healed enough for me to take off the sling for recording.

@@LAWRENCESYSTEMS maybe it is the hot sauce that increases healing factor ;)

You're really paying for the incredibly robust CI/CD they put into it. In comparison, Ubiquiti is extremely slow to offer fixes or improvements.

@@Phitur1 You are miss-informed, sorry.

@@ralmslb No, that's from my own direct experience with both products.

Try to buy Unifi products nowadays. So much out of stock for months. I bought 4 Unifi AP Pro which took 10 months to finally arrive. Now I need a couple Unifi Gateway 3P and nobody has them, doubt they are even selling them anymore. Gotta get off the Ubiquiti train at next stop.

On first setup or Internet down scenarios, it uses Bluetooth for connectivity with the app on the phone.

@@jbhorner Cheers! I guess that's one way to do it with the 'app' requirement. Although guessing you need internet somehow for downloading the app, so kind of assuming that you have app and mobile data... Still guess that eliminates an 'outage' type scenario. Thank you muchly for the reply :)

Firewalla does not do SSL inspection and there are commercial firewalls that do offer that but it does require installing a certificate on each end point.

wish there is a homelab version / non commercial ones @@LAWRENCESYSTEMS

@@LAWRENCESYSTEMS Wow, how can you avoid SSL inspection if someone is using this feature to spy on people? Imagine someone create a WiFi hotspot somewhere in airport, and people connect to it using VPN, thinking that they are safe because traffic is encrypted right? But with SSL Inspection all this traffic gets decrypted, and all your sensitive information can be stolen! Or I’m not right? Who can tell me if I’m wrong or not?

There are not guarantees for that

Have it run 24/7 and tell us about your energy bill. Apart from the hardware costs, it is heavily tested and the components have been selected for this use case. The NICs alone make a huge difference. In the FW space, there are a lot Intel NIC fanboys for a reason. And not every Intel NIC has the same good reputation. After that, the hardware combination needs to be tested and you have to optimize things for mass production. So there is a quiet high baseline of costs that a home build computer does not have. But the reduced hardware costs will be compensated completely by unexpected issues, increased size and power consumption. A good retail network card is already more expensive than the firewalla top of the line product.

Smarthome companies were nascent a few years back so it stands to reason. Fortunately, all the smarthome companies I invested in are still going strong.

@@SpaceCadet4Jesus this is where I invested in at first smart things when I was learning how to build a smart home. And I got tired of the constant outages and issues and trouble as it was shortly after Samsung acquired smart things and then release the V3 hub. And so there was a lot of transitions between old app and new app, old hardware new hardware, firmware upgrades, standardizations in their ecosystem, etc. And so about 4 years ago, I decided to deploy home assistant. Where where I have migrated over all my Z-Wave and take me devices, and all the devices that I used on smart things actually worked native on home assistant so I was able to stop using my hub for smart home items, except for my Samsung TVs, refrigerators both of them, washer and dryer, air dresser, etc. But I've even moved over to new items like inovelli switches, in building my own custom sensors and controls with ESP 32 and ESP 8266 SOCs. And now my home has over 160 devices integrated with nearly 1200 various sensor and data readings. So the amount of data my dashboard shows for my smart home tech is insane. Plus with home assistant being able to integrate all my everyday devices into it as well, like cell phone s, and even my car and my wife's truck I can control remote start lock unlock GPS temperature readings speed accelerator pedal position coolant temp engine time running hours odometer oil life just every reading you could think of in your vehicle and controls you can do, I can do native in my home assistant dashboard as well and then even integrated into items like calendar. So if I have a dentist appointment coming up I put the address and the location and I put either ST for my wife's explorer or C7 for my car and the description and 15 minutes before Google says it's time to leave to make your appointment on time that vehicle will automatically remote start and either cool down or heat up. And then automating the baby's crib and nap times where if the baby goes down for a nap I have a mat that detects the baby running on ESP home within ESP32 and then as very sensors for light temperature motion radar MMWave and if the baby is down for a nap during the day the doorbell automatically turns off and the screen on the doorbell says baby's asleep and then if anybody rings it it just notifies my wife's phone or my phone. And when we get the baby up everything goes back to normal doorbell turns back on and will ring the chime and set the house again. And this is all hosted out of my own house not relying on any third party cloud hoping they don't charge

I don't expect it to, but now I can type less and just reply with this video.

Already did a review on this channel for them

He did refer to a couple review videos for that. He simply is only giving his personal opinion since so many people asked. He doesn't have any experience with the latest hardware/software as he said. Light on the details I know.

I don't think his broken collar bone allows him to fit on the cross though.

Pretty sure his hair was around that length before. He just had it in a ponytail. I don’t think the content gets better or worse due to hairstyle.

What does that have to do with the content?

Not really since there is no subscription and it's more powerful/secure than a TP-Link, Netgear, etc. Think about the target audience. Read the comments above and you will see quite a few use it. DDWRT and pf/opnsense are not exactly easy to setup/use properly. Netgear charges $70/yr just for parental controls, which pf/opnsense don't even have in any useable capacity.

For some of us, the ease of use has value that makes the pricing not quite as ludicrous :) it’s expensive in my eyes but when I see how much it’s blocking everyday for me, I love it. My wife hates ad block which tickles me every time she says something about it 😂😂😂 I tried pfsense but as someone who is techie (but not a networking expert) it was just too much to configure

You're really paying for the CI/CD which is very robust and responsive. In contrast, Ubiquiti's CI/CD is like a snail.

Alright you have me persuaded.

Well thats one time pay for they’re included service they maintain for all features they offer, I think that comes with a price