Upgrade my network to 2.5Gbps with the fastest residential and small business firewalls: Firewalla Gold Plus
In February 2022 we reviewed some of the best DNS blockers and firewalls to protect your small business and residential network. Among our list of hardware firewall products that are easy to configure and provide top performance for residential or small business broadband connection are recommended. firewalla product line created by a group of former Cisco engineers.
It should be noted that high-speed broadband does not require high-speed firewall equipment. One can go “naked” without Firewalla, connect directly to the service provider’s high-speed residential port, and use its simple NAT-based firewall; however, that’s not a configuration I’d recommend in today’s multi-threat-threat environment as a small business — anyone could be a target.
I like Firewalla because it’s easy to set up, not particularly expensive, and has no ongoing fees. Unlike the DNS blocking solutions detailed in that article, which is an IP-based rule-based firewall, Linux is practically embedded with advanced intrusion detection capabilities that can monitor any device. device on your home or small business network. Their products are also very fast, which means you get line performance over a monitored connection; there’s no significant degradation as you might see with a purely software-based firewall solution, this is just the bare minimum considering protecting your home and business broadband connections.
Firewalla web UI (dashboard view) Jason Perlow/ZDNET
Firewalla also has a great mobile app for administration and notifications, and a powerful remote management web interface. You don’t have to be a cybersecurity genius to set the rules and protect your network.
However, while it’s easy to set up, it’s still possible to exercise some very granular permissions and protections on a device-by-device basis and set block lists of different target groups and more. For the most part, the default configuration, when applied to all devices on a network, may be enough to protect most home users and small businesses.
At the time of writing, Firewalla had four products, Red (100Mbps), Blue (500Mbps), Purple (1Gbps) and Yellow (Multi-gigabit).
Today it also has Purple SE (advanced protection for speeds below 1Gbps) and Gold Plus — looks very similar to Gold, which has 4x1Gbps ports, but this device has 4×2.5Gbps ports. With link channel (LACP) and supporting gateway device, you can connect Firewalla Gold Plus over a 5Gbps+ broadband connection.
From a functionality and feature point of view, Gold and Gold Plus are identical, but Gold Plus is twice as fast in line speed.
I recently installed Firewalla Gold Plus on my network. You may be wondering what kind of network and home broadband you need to get the most out of this device’s wire-speed packet testing: a very fast capability.
A thirst for speed means an upgrade
A few months ago, I signed up to AT&T Fiber’s 2gig+ service, unifies fiber optic terminals and routers into a single 5Gbps ethernet port for ultrafast gaming PCs. However, I didn’t have a computer fast enough to take advantage of this connection until very recently, when I bought one Apple’s Mac Studio with built-in 2.5Gbps ethernet for my main workstation.
Firewalla Gold Plus with AT&T Fiber gateway (Left), Netgear MS108EUP (Right) Jason Perlow/ZDNET
Mac Studio can use up one of the remaining three ports on Firewalla (one must be reserved for the broadband WAN interface), but what about all WiFi content and all other ethernet connected devices? ?
To do that, we need a 2.5Gbps switch — in fact, we need two of them because of how many devices we own. For the communication room where the broadband is located, we chose Netgear MS108EUPa managed switch with 8×2.5Gbps ports and 40W and 60W Power over ethernet (PoE+) support for devices such as remotely connected wireless access points.
For my office, we decided to choose TP-LINK TL-SG108-M2, an unmanaged desktop switch with 8×2.5Gbps ethernet ports. Between these two switches, I have enough spare ports for all the other devices in my office and home to be hard-connected (including the legacy 24 port 1Gbps switch).
To eliminate poor connectivity, we also purchased new Category 6 ethernet cables for all of our 2.5Gbps connected devices, such as switch-to-switch connections. I can’t overemphasize how important this is, because when I tried to reuse some of my old Category 5e cables on the faster 2.5Gbps ports, I couldn’t get them to negotiate properly and spent hours diagnosing various network problems as a result. So, if you’re going to spend more than $1000 on a new high-speed firewall and included switches, buy some new Cat 6 cables.
Netgear WAX630e 6e WiFi Hotspot Jason Perlow/ZDNET
As for WiFi, though upgrading from my current Eero Pro 6 isn’t necessary, as I’m getting reliable speeds in the 400Mbps-500Mbps range — more than enough to handle any streaming tasks any 4K video, I wanted to take advantage of PoE and also 2.5Gbps connectivity, so I bought one Netgear WAX630E The AXE7800 ($369) enterprise-class WiFi 6e managed access point, will provide the fastest possible wireless connection to everything in the house, and is proof for future 6Ghz devices (perhaps an iPhone or my next iPad).
End-to-end WiFI speed test in Firewalla app using 2.5Gbps connected access point and iPhone 14 Pro Max Jason Perlow/ZDNET
If you are looking for something a bit cheaper with 2.5Gbps connection but only 2.4 and 5Ghz bands, as the access point above might be overkill, I recommend the AX1800 ($150), AX3000 ($159) and AX3600 and AX6000 models. depending on how much coverage you want — all of these devices have 2.5gbps Ethernet ports and are powered by PoE+. Some, such as the AXE7800, also include a 1Gbps Ethernet port for hooking up an auxiliary switch or other ethernet-connected device, helping to extend gigabit connectivity to other rooms for wired devices.
For the switches, we ran a new Category 6 to AP cable from the MS108EUP on one of its 60W ports to ensure a seamless connection. We also put our broadcast 5Ghz SSID network on the new access point for channel widths up to 160Mhz so that modern customers like me iPhone 14 Pro Maxrecent Android devices and Advantages of Macbook can use WiFi 6 connection.
Fly at over 2Gbps
To run Firewalla Gold Plus, we don’t have to do much different than Gold. We started it up, loaded the smartphone app, connected to the device using Bluetooth on our iPhone, and put it in “router mode”. We also had to configure IP forwarding on the AT&T Fiber residential gateway’s web interface to forward packets of everything to Firewalla’s WAN port MAC address, which is an AT&T-specific issue.
We also used this app to migrate previous rules that we had set in the previous product, stored in Firewalla’s cloud. But once we did that, it was very smooth sailing.
Speedtest.net Performance with full ad blocking enabled with Firewalla Gold Plus Jason Perlow/ZDNET
Get started with wired performance with Mac Studio. Even with up to 35 to 50 percent of streams blocked using built-in rules and full ad blocking enabled, and over a million objects filtered using threat protection Enhanced by Firewalla, we still achieved over 2Gbps ups and downs using Speedtest.net and Fast.com using the local test servers.
WiFi 6 speed using 2×2 80Mhz channel width through Firewalla Gold Plus using Netgear WAX630e access point connected at 2.5gbps Jason Perlow/ZDNET
And Wi-Fi? Average speeds were higher than 650Mbps in both directions, sometimes over 700Mbps or even 1Gbps depending on the device — on our Qualcomm 888-based Android phone we were able to achieve high WiFi download speeds. up to 800Mbps or 900Mbps with enhanced wide channel support.
Who is it for?
We were impressed with the speed of Firewalla Gold Plus and AT&T Fiber’s 2gbps service. But who needs such fast broadband? For most residential consumers and small businesses, a 1Gbps connection is sufficient. Unless you have a dozen kids at home making simultaneous Netflix streaming or 1080p Zoom calls, you probably don’t need 2Gbps broadband service.
Extreme PC gamers will want this for low-latency connections and for cloud-based virtual reality applications, but it’s a tough case — at least until all of them. We are bound to the Metaverse. However, content creators who need to upload and download large amounts of video and high-resolution photos will appreciate it, as will anyone who needs a reliable connection for 4K streaming video. and better quality video conferencing solutions than Zoom can offer.
I believe an argument can also be made to upgrade the 2.5gbps network, as it pretty much improves the throughput of the WiFi network through the supported access points. It is also useful — as long as the PC workstation supports these higher speeds — for transferring large files on a LAN, especially when connecting to NAS devices that support the backbone’s faster ethernet standards. switching 2.5, 5 and 10gbps.
