After countless network attacks over the years (like the Wannacry ransomware attack for example), network security is often thrown into the headlines. Keeping yourself and your family safe online these days seems like a task that is getting harder and harder.
However, there are certain things you can do. As well as installing an antivirus, keeping all your devices up-to-date, and being careful when browsing the web, it's nice to have firewall within your network too.
The Top Home Firewall Picks:
(clicking the links above will take you to the firewalls on Amazon)
If you are worried about your network security and want to know a bit more about firewalls, then please read on!
Best Home Firewalls
1. Gryphon Advanced Security Wi-Fi AC Router (Best For Parents)
Ok, so here's the first option on our list... The Gryphon.
It's not really a dedicated firewall....more an all-in-one unit.
This is perfect for home users. Users who maybe aren't massively tech-savvy, but want good security against hacks from the internet. It also some extra cool features, like advanced parental controls.
The Gryphon is great at preventing against hacking, without really trying. You can't administer it like a normal router (browsing to 192.168.1.1 and entering default credentials). No, you can only access this router via the Gryphon app.
What does this mean? Well, there's no way to remotely hack into the router (via SSL or HTTPs etc), because all the ports are shut down. There's no need to have them as you control them using the app.
The Gryphon is great for families who want to limit, control and view internet activity. Using the app, it's very easy to see what devices are on the network and what they have accessed.
Oh, and if your kids think they can be smart by using a VPN to bypass these controls? Well, the Gryphon blocks VPN ports - rendering VPNs useless.
It must be noted that at time of writing there is no ability to remotely VPN into the actual Gryphon from the outside world. That may change in a future update. If being able to VPN into your home isn't a concern, you can ignore this.
You can also purchase extra Gryphon units and connect together into a home mesh network. Handy for larger houses.
2. ZyXEL ZyWALL USG20W-VPN Firewall (Best For Home & Small Business)
The Zyxel USG20 is a high-end home firewall with a load of features to match. In terms of hardware, it comes with a WAN port and four LAN ports so you can connect a router and multiple devices to the firewall. These are all gigabit ports so they shouldn’t slow down your network. There's also 1.3Gbps theoretical Wireless AC available to use.
In terms of security, your network should be well protected from many different attacks if you use this device. Its Stateful Packet Protection will check all the data coming into your network at a rate of 350Mbps, meaning that all but the fastest of networks won’t notice any slowdown.
Other security features include anti-virus protection, intrusion detection and prevention, and anti-spam features. Basically, your network will be protected from all angles with this firewall. There is also site-to-site IPSec VPN capablities included to keep your data safe as well as allow for remote network access VPN.
In term of its design, it is pretty basic but that just means it shouldn’t look out of place in your home. As well as this, it is small enough to just slot in next to your router.
Configuration is done through your browser and there are wizards to make setting up both the firewall security settings and the VPN as easy as possible.
The icing on the cake with this product though, is that it has a lifetime hardware guarantee as well as free tech support. An all-round great buy!
3. Netgear ProSafe FVS336G Dual WAN VPN Firewall (Best For Redundancy)
The Netgear ProSAFE FVS336G is stylish looking firewall with a few tricks up ots sleeve. It is designed for small businesses yet its price point means it could also be suitable for a home user who wants some extra security.
It has a ton of security features including a secure VPN that uses the SSL (single client) and IPSec (site-to-site) protocols to keep your data extra safe, Stateful Packet Inspection, as well as extras such as DoS attack protection which restricts the maximum number of concurrent connections to help ensure that your network can’t be taken down by a DoS attack.
Also includes Quality of Service (QoS), that allows you to prioritize certain types of traffic to ensure that devices and applications that need more bandwidth get it.
The product's design is pretty standard for a firewall, the front is naturally dominated by the 4 LAN ports (and 1 WAN port), but other than that it is unlikely to stand out from the rest of your networking equipment.
Basically, this is an excellent product with a lot of great security features. The 4 LAN ports along with the other features mean this is a firewall worth thinking about.
4. Bitdefender BOX 2
Here we have the Bitdefender Box 2, from, erm....Bitdefender.
Now a word of warning: This is another firewall that doesn't have inbound VPN capabilities, so if that's important to you, take a look at the Netgear or Zycel above. It does however, have outbound VPN functionality (via Total Security) should you require it.
But what DOES it have? Well, it's a bit like the Gryphon in that it's fairly plug and play. It's set up using a phone app, or if from Windows or Mac - the Bitdefender Total Security software.
It's particularly useful for protecting network devices around your home that don't have anti-virus capabilities (think smart home here), and for the ones that can run AV, it also takes out the need to slow them down as they can let the Box 2 do all the hard work and free their resources. Obviously, if you have a laptop or phone that connects to different networks, you'll want to have AV installed on them regardless.
Also similar to the Gryphon, it has decent parental controls. Includes web monitoring and time limiting of web access. Useful tools for the parent.
It has MU-MIMO Wireless AC (up to 1.93Gbps), and it can plug into a router or a modem....although most people will plug it straight into a modem. If you do plug it into a router, make sure you disable the router wireless!
5. Trend Micro Home Network Security Firewall
This IPS (Intrusion Prevention System), offering from Trend Micro is another easy-setup for those who just want quick and easy protection, without having to take a course in network security. It plugs straight into your router. Basically, this firewall will protect your network from a large variety of threats using Deep Packet Inspection.
There's no wifi radio on this. The idea is that you keep your router, plug in this device, and it continually monitors all your home network devices to make sure there are no intrusions and that your devices haven't been compromised and are making suspicious outbound connections. All traffic inbound and outbound from your network passes though the Home Network Security firewall.
Also contains parental controls, which are again monitored via an app.
No VPN functionality with this one.
What Is A Firewall?
There are two types of firewall out there. The first kind, one that you will likely be very familiar with, is a software firewall. These are the firewalls that often come with your antivirus software and they are used to block incoming malicious connections from your computer.
The second type of firewall is a hardware firewall. These firewalls can come as separate pieces of hardware that connect to your router, or also, they are often already included as a feature on your router.
Where they differ from software firewalls is that they are able to stop malicious, incoming connections before they enter your network. This is beneficial as they offer extra protection for any devices with a firewall installed on then, while also protecting any device that is connected to your network without any firewall at all.
As well as this, dedicated firewall also often include extra features such as advanced VPN options (not normally seen on consumer equipment), deeper traffic analysis, and more configuration options.
What both these types of firewall do is act as a wall between your computer (or network) and any connections that they believe to be unsafe. This can stop things such as trojans and hackers from accessing your gear (and personal files).
Why Would I Need A Firewall At Home?
If you are a home user, you many wonder why anyone would want to enter your network. After all, you may not have much information that seems important to people from the outside world.
However, while it is certainly true that businesses are more likely to be the victim of a targeted hack attack than a home user, there is still a risk of attack when you use the internet.
Using a firewall can significantly reduce your chances of being hit by a remote access attack, by a trojan, or by a hacker who tries to get through a known security hole on an operating system that hasn’t been updated.
As well as this, hardware firewalls, that you can attach to a router, are extra useful as they offer protection to devices that don’t have firewalls. While most computers are now protected (at least to some extent), some aren’t and could be vulnerable. And they can add extra protection to devices like smartphones - especially if you have rooted your phone.
Firewall Features To Look Out For
Even if your router already has a firewall it can still be advantageous to use an extra firewall (or just use a dedicated firewall with disabled router firewall). All the firewalls on this list have a multitude of configurable options and features that you may not get with the firewall on your router.
Many of the firewalls on the list have VPN functionality. There are two main types of VPNs found on firewalls which are remote access VPNs and site-to-site VPNs, each with a slightly different use.
Remote Access VPNs
Remote access VPNs allow single client devices to access your network from remote locations. The firewall acts like a VPN server which can give you access to the home network from anywhere in the world. When you access the VPN, all the traffic is encrypted which despite the remote access should keep data you send private and secure.
Site-to-site VPNs are slightly different. These allow you to set up an encrypted tunnel between two networks over the internet. When you do this, it is like both the networks are connected together and users of one network will have access to the other.
This is a feature that is most commonly used for businesses with more than one location.
Advanced Web Filtering
Advanced web filtering on a firewall will allow you to choose exactly what type of content if allowed on your network and to block certain websites.
Depending on the exact firewall, advanced web filtering could allow you to block things such as:
- Specific URLs
- Certain keywords
- Certain types of files
- Certain IP addresses
Stateful Packet Inspection
Stateful Packet Inspection analyses the packets of data that are being sent over your network. While other types of inspection only check the packet’s header, stateful packet inspection checks packets all the way to the application layer.
Basically, it makes it much less likely that a packet of data will be able to enter or ‘trick’ its way into your network.
If you have a fast internet connection, with many users, SPI on a dedicated firewall will generally operate better than SPI on a consumer router.
To conclude, a firewall is a useful bit of equipment to give your network and the devices on it an extra layer of security. By stopping threats before they even reach your network you can help keep all your data safe and reduce the risk of hacks or trojan attacks.
Each of the products on our list is pretty unique, although they do all come with the basic firewall capabilities. The perfect product for you will likely come down to what extra features you think are important as well as your budget.