Author Topic: Firewalls Part II  (Read 537 times)

0 Members and 1 Guest are viewing this topic.

Online Billy Welsh

  • Scalliwag
  • ******
  • Posts: 3058
  • Karma: +464/-5
  • Who's scruffy looking?
Firewalls Part II
« on: March 25, 2019, 12:42:36 pm »

What are your informed opinions on the security baked in to today's routers for the home?


My current setup REALLY needs updating, and I am looking at the mesh setups that are out there.  Currently I have an old SonicWall that came from eBay, with and old WiFi router acting as an access point.  I do not pay support on the SonicWall, so it is stuck at a point in time from a software standpoint, which of course means it is not evolving with respect to new threats.


The SonicWall is there because that is what I knew and trusted in my past life employment-wise.  But like that product itself, yours truly is also a dinosaur as I am no longer involved in IT and as a result much of what is in the SonicWall today mystifies me.


When I pull the trigger on a mesh setup, is there sufficient security baked in that I really don't need the SonicWall in my setup?  The mesh systems will act as an access point/bridge if I keep the SonicWall as the first line of defense; I just am not sure that is the right way to go.


TIA!
Accounting
Uniti Fiber

Offline Jeff Golas

  • Administrator
  • Scalliwag
  • *****
  • Posts: 3032
  • Karma: +345/-0
    • JKJ Website
Re: Firewalls Part II
« Reply #1 on: March 25, 2019, 01:21:55 pm »
I can't speak to the mesh networks out there, although I know there's quite a few now. In terms of Firewall, like the other post, unless you're doing something crazy or require a crazy amount of reporting or rules, what's baked into the router will likely suffice.

That said, I've noticed a swing in routers where they used to be $50-60 devices, now they're nearly $200, but have a lot more power and seem to be supported for a long longer than before. I use ASUS at home but Linksys and others aren't much different. What I typically do is look up reviews for the exact model of router you're looking at, and take them with a grain of salt. If you see a lot of bad reviews, chances are it's not a great product (or at least had bad firmware, etc at some point). If you see generally OK or decent reviews, chances are it'll work good for you.

I do know there's products like Sophos UTM and Untangle that offer free, fairly functional versions for home use for IT nerds to learn on.
Jeff Golas
Johnson, Kendall & Johnson, Inc. :: Newtown, PA
Epic Online w/CSR24
http://www.jkj.com

Offline Jeff Zylstra

  • ScurvyDawg
  • *******
  • Posts: 5152
  • Karma: +566/-2
Re: Firewalls Part II
« Reply #2 on: March 25, 2019, 04:11:32 pm »
What I said goes double for home.  I don't remember what I bought for a router at home, but it's been great for me.   I too, was using an old SonicWall router with a separate WAP for wifi.  I didn't realize how under powered is was.  It was dropping WiFi connections all the time, especially when I had relatives and their cell phones over.  It kept spooling Netflix, it would not let IPhone and IPads share phone calls or data.  The new router does all of that with no additional settings.  You'll be glad you upgraded.
"We hang the petty thieves, and appoint the great ones to public office"  -  Aesop

Online Billy Welsh

  • Scalliwag
  • ******
  • Posts: 3058
  • Karma: +464/-5
  • Who's scruffy looking?
Re: Firewalls Part II
« Reply #3 on: March 25, 2019, 04:30:06 pm »

Initially I am relying on a review done by the Wall St. Journal.  But I always look at the reviews posted by buyers before pulling the trigger.

What I typically do is look up reviews for the exact model of router you're looking at, and take them with a grain of salt. If you see a lot of bad reviews, chances are it's not a great product (or at least had bad firmware, etc at some point). If you see generally OK or decent reviews, chances are it'll work good for you.
Accounting
Uniti Fiber

Offline Tom Fisher

  • Frequent Flyer
  • ***
  • Posts: 263
  • Karma: +32/-0
Re: Firewalls Part II
« Reply #4 on: April 01, 2019, 10:40:55 pm »
For a home setup look at the Ubiquity gear.  Both for WiFi APs and they have great router/firewalls at a very attractive price point - even for home setup.
Tom Fisher
The Tech Frood
tom@techfrood.com
www.techfrood.com

Online Billy Welsh

  • Scalliwag
  • ******
  • Posts: 3058
  • Karma: +464/-5
  • Who's scruffy looking?
Re: Firewalls Part II
« Reply #5 on: April 02, 2019, 02:59:43 pm »
Thank you for the reminder.  We use that brand regularly here, and they were on my list last time I thought about this but this time I was forgetting.  They also have a "mesh" product.
Accounting
Uniti Fiber

Offline Tom Fisher

  • Frequent Flyer
  • ***
  • Posts: 263
  • Karma: +32/-0
Re: Firewalls Part II
« Reply #6 on: April 02, 2019, 04:21:11 pm »
They do have mesh product and as far as those go, its supposed to be a good one.  However, if you can avoid meshing - its always better to just have multiple AP's wired back.
Tom Fisher
The Tech Frood
tom@techfrood.com
www.techfrood.com

Online Mark

  • ScurvyDawg
  • *******
  • Posts: 7292
  • Karma: +617/-7
  • meh.
    • Mark Piontek
Re: Firewalls Part II
« Reply #7 on: April 08, 2019, 10:58:29 am »
I am almost totally unfamiliar with the consumer gear these days.  I'll be looking at Ubiquity when my Meraki trial ends (and I may try to hack the Meraki first).
Mark Piontek, MBA
Director of IT
BS in Information Systems Security
MarkPiontek.com

Offline Jeff Golas

  • Administrator
  • Scalliwag
  • *****
  • Posts: 3032
  • Karma: +345/-0
    • JKJ Website
Re: Firewalls Part II
« Reply #8 on: April 10, 2019, 02:49:53 pm »
I am almost totally unfamiliar with the consumer gear these days.  I'll be looking at Ubiquity when my Meraki trial ends (and I may try to hack the Meraki first).

I use Meraki here. Very mixed reactions by people who say Uniquiti rocks/Meraki sucks and so on, but for us it just worked. Most people just don't like the subscription model, but I looked at it as a 3 year depreciated cost. After 3 years I'd rather replace the gear with newer stuff anyway, so I just bake the subscription pricing into it, and its always better the longer you get it for. This year I replaced it all with new stuff, and literally just added the 3 aps...plugged one in and unplugged the other, and went on with my business. Everything automatically fell back on available APs too, so I did this in the the middle of the day and no one was the wiser (I did make sure there were no important meetings going on).
Jeff Golas
Johnson, Kendall & Johnson, Inc. :: Newtown, PA
Epic Online w/CSR24
http://www.jkj.com

Online Mark

  • ScurvyDawg
  • *******
  • Posts: 7292
  • Karma: +617/-7
  • meh.
    • Mark Piontek
Re: Firewalls Part II
« Reply #9 on: April 11, 2019, 02:16:14 pm »
I have been running Ubiqiti in the office for years and can switch out just as easily as the Meraki.
Mark Piontek, MBA
Director of IT
BS in Information Systems Security
MarkPiontek.com