Hardware firewall recommendations for home networks.

Hi everyone, I'm looking for a hardware firewall for my home network, I'm looking to see if anyone can guide me on which firewall or router/firewall to buy. I don't know if links to stores are allowed here, so just in case, I don't attach the link where I can buy.
Well, I'm waiting for your recommendations/guidance on this subject.
Thank you very much in advance.
Best regards.

 

Which hardware is already present?
Why do you need improved security? Corona homework?

From myself - I own a router which is enough. Any (decent) router drops unwanted/not ordered traffic. Means - my program send a request, answer appreciated. No request = drop.

 

I have a tp link ax1500 router that weakens a lot in the security options like the firewall, that's why more than anything I want to change it, some hardware that has more firewall configuration options. Thank you very much. Best regards.

 

Hi Solitarios:
My understanding, recently, is one of having less confidence in the “hard-wired” firewall inside my modest priced router.

A corollary to that feeling is the realization that a very good software firewall in one’s computer is actually much more important that I had previously thought. I now believe it’s a false comfort to feel entirely secure behind a router’s firewall. Rather, with the internet becoming filled with exploits I am now leaning to the idea that a hardware appliance (as in enterprise grade) is now needed / preferable these modern days.

A cheap way of having a firewall appliance in a home environment is installing a Linux / BSD operating system such as IPFire (Linux), pfSense (FreeBSD) or OPNsense (Hardened BSD) into a dedicated computer of modest specs.

Currently, this project is above my experience, but is on the to-do list to learn and achieve.

References I have found so far:

Wikipedia: Firewall Comparisons:
https://en.wikipedia.org/wiki/Comparison_of_firewalls

Wikipedia: Next Generation / 3rd Generation Firewalls (NGFW):
https://en.wikipedia.org/wiki/Next-generation_firewall

TechRadar: (Review) Best free Linux firewalls of 2020;
https://www.techradar.com/au/best/best-free-linux-firewalls

OPNsense web site
https://opnsense.org/
https://docs.opnsense.org/

OPNsense Partners

(Deciso)
https://www.deciso.com/
https://www.deciso.com/downloads/OPNsense_Deciso_Brochure_2018.pdf

(Sunny Valley Networks) – Sensei [Note, this seems to be a feature add-on to OPNsense]
https://www.sunnyvalley.io/post/how...ptimize-their-networks-and-increase-security/
https://www.sunnyvalley.io/sensei/#installation
https://www.sunnyvalley.io/plans/​

IPFire
https://www.ipfire.org/
https://wiki.ipfire.org/hardware

LInux / BSD News Generally:
https://distrowatch.com/

Best wishes in your own journey
cheers,
feandur

 

If you work with admin rights any security solution on a running OS is futile.

While using a modem i had Outpost and its log file was full with dropped packets. Starting using a router that log file was close to empty.

Conclusion for me: software firewall on an OS is nice for outbound, but for inbound protection a router or (managed) switch is mandatory.

People more and more work with pi-hole machines and blocking lists similar to ublock/adblock.

 

How about the D-link Dfl-210 or the Edgerouter Er-x , SYMANTEC SGS 360, Soho Apl31-0b9 I know they are all old equipment but it is what is in my budget.

 

Seriously? A piece of hardware started 15 years ago?

Don't buy D-link, just crap, I lost 2 devices in the years, first both power-sup, then the 2nd device with chip failure inside.

Thought you were hunting for security, not usual hardware!?
TPlink would be the cheaper choice with the same features.

Go Zyxel pages and look for a decent USG device (USG 20/40/60)
https://www.zyxel.com/products_services/Unified-Security-Gateway-USG40-40W-60-60W/

USG40 here around 300 Euro without security software. USG are NGFW!

I suggest you to consult a professional if you really want to improve security for your home network. In any other case buy some cheap router like TPlink or more featured from AVM.

 

I blocked all incoming connections with a MIkrotik and I am more than happy with the results. Thank you all very much. Topic solved.