A First Glance At The Firewalla Gold
(Quick PSA: if you signed up for my blog interested in my post about Jet, it moved to it’s own substack, so you will want to follow it here, as Jet posts will not occur here)
So I recently had a Fiber internet outage where the estimated time-to-repair was listed as something like two weeks. I called support and the explanation from them was something like: “OMG, something really big has been cut! doom! aaaargh!”. Perhaps not the actual words used, but you get the idea.
This thankfully ended up not being the case and internet was back up in about 5 hours, but I decided to do what a few neighbors have done and decided to pay for seemingly excessive backup internet. After all, working from home, etc. I had experienced some three day outages before on my Fiber, and beforehand, in the early days of Covid, had watched my earlier cable connection crawl to well below dialup speeds. In the age of React, dialup speeds do not get very far. Cable can have some occasional blips that are more frequent, but seemingly always short.
At this point, I’m saying to myself, the backup internet provider has better TV services, so why not use that? Except, problem! The old internet has glorious upload speeds. I could merely use the old internet for backup and move the cable when needed, but certain TV channels are not available unless on the new internet’s IP address block. And now, somehow, I stumbled into dual WAN territory.
So, finally getting to it - I decided to order a Firewalla Gold based on minimal googling. It’s been just a half day so far but I am initially VERY impressed. Apparently the product was started by a lot of ex-Cisco people, which is pretty cool.
Setup is pretty easy if you can set up a WiFi router at least. To hook things up, you initially plug the Firewalla into your router and pair the Firewalla with your phone over Bluetooth by scanning a QR code and holding it close to the box. From there, there’s tons of easy configuration with the mobile app. The default “easy” configuration makes the router DHCP off of the first WAN port (Fiber), so you move the Firewalla over to connect directly to your internet modem and then connect your access point to the Firewalla.
I got this running, then went into configuration again, and assigned another port to be the interface for the second WAN port (Cable).
The Firewalla Gold supports both failover and load balancing modes, and can set a bias percentage for the amount of connections to route to each.
What’s brilliant here is that while most the features of advanced networking are offered, everything is done with a very high quality app interface. There is no sense of “I am going to screw this up and lock myself out” but also no sense of anything being dumbed down or not being able to scale once too many things get into the system. It’s full of charts and graphs, and somewhat because I’m slightly paranoid on infosec things, I’m not going to show any of mine ( they do look really cool). Take a look at the online screenshots, they are great.
I was able to categorize each device behind the router into categories, allowing different groups of devices to use preferred WAN connections for each group if they were available. For instance, my TVs will use my cable modem to appease the licensors, my computers will use the faster fiber, and I can make sure that certain other components don’t get split out into different networks.
When one of the WAN devices goes down, you get a notification in the app, and failover is basically seamless. Further, there’s the obviously mentioned firewall features, which is great if you happen to have an ISP that hands out public IPs and are constantly getting port scanned from overseas IPs.
While I don’t have any need for internet controls, it has relatively comprehensive ability to control internet access to specific device/site combinations and I could see that being something a lot of people would like to have. There’s also built in adblocking and alerts for detection of abnormal traffic.
I think this is a remarkable tour-de-force in balancing ease of use and features. Are there any drawbacks? I don’t know yet, I will see how reliable it is long term, but I don’t expect any problems! Connection speeds are great. It runs a tiny bit warm with the intel chips, but I see an ARM version will be available soon. Still, it’s fanless (good) and the whole top of the box is a heat sink. I guess the main thing is it’s $485.
Might be worth checking out if you are interested in dual WAN, an easy firewall, ad blocking, understanding what your IOT devices are up to, or any of the family/device control features.