You'll likely be amazed by the Firewalla Blue or Blue Plus. Each is a tiny device that can do so much. Almost instantly.
Indeed, connect it to your router, and you'll be able to monitor, manage, and view the status of your entire home network, in great detail, with ease. And the performance panned out well in my testing, for the most part.
In all, if you have 500Mbps or slower Internet and feel a bit cavalier about your privacy, or if you trust Firewalla, this little Blue cube is an excellent home protection investment for the one-time cost of some $180, or better yet, pay another $20 for the Blue Plus. Get one!
Dong's note: I tested the Blue Plus for this review, but you can expect a similar experience with the slightly lesser Firewalla Blue. As the name suggests, the former is essential the latter plus a bit more.
Firewalla Blue / Plus: A colorful home firewall application
There's nothing blue, as in depressing, about the Firewalla Blue. It's an exciting product. But yes, it's totally blue all around and does look a bit underwhelming.
Tiny design, simple setup
I had low expectations when getting the Blue Plus out of the box.
It's a tiny cube—almost small enough to be a choking hazard—with a Gigabit port on the back to connect to an existing network (like a router or a switch) and not much else.
The Firewalla is so small that it's a shame not to be a PoE device. The included power adapter, which is smaller than that of a phone, seems a bit too big for the device itself.
The Blue uses a micro-USB port for charging and has another USB-A port currently of no use as far as I know. On the front, you'll find a miniSD card slot already occupied by an included 16GB SanDisk card that works as its storage—don't remove it!
And finally, on the underside, you'll find a QR code for the setup process. And this code is all you need. Run the Firewall mobile app on your phone, scan this code when prompted and you're all set.
Once set up, the Firewall Blue virtually inserts itself in between the router and the rest of your network. "Virtually" because it's physically attached to the network at the same level as all other devices. Nonetheless, it functions as a firewall and, among other things, allows you to monitor your home via the mobile app.
Note on ease of use: By default, the Firewalla works via ARP spoofing and is compatible with most home routers. If you happen to have one that is not compatible, you'll have to opt for the DHCP Mode, where the setup gets more involved and is only suitable for advanced users.
Firewalla Blue: Detail photos
Firewalla hardware specification: Red vs. Blue vs. Blue Plus vs. Gold
Other than the Blue, Firewalla comes in a few flavors. They all share the same set of core features and differentiate only in the capacities and advanced features.
Gold | Blue+ | Blue | Red | |
---|---|---|---|---|
Price | $418 | $199 | $179 | $109 |
Packet Processing Speed | 3Gbps | 500Mbps | 500Mbps | 100Mbps |
Memory | 4096 MB | 2048 MB | 1024 MB | 512 MB |
Gigabit Ports | 4 | 1 | 1 | 1 |
Max Internet Speed | 1Gbps | 500Mbps | 500Mbps | |
Active Protect Entries | 40,000 | 20,000 | 10,000 | 1000 |
CPU | 64bit Quad-Core Intel 2.2ghz (AES NI) | 64bit Quad Core ARM 1.2ghz | 64bit Quad Core ARM 1ghz | 32bit Quad Core ARM 1ghz |
VPN Encryption Speed | 120Mbps | 70Mbps | 70Mbps | 28Mbps |
Storage | 32 GB | 16GB | 16GB | 16 GB |
Console Port | 1 | None | None | None |
Power Usage (Watt) | ~10W to 12W | ~7W | ~5W | ~5W |
Size | 5.12 x 4.33 x 1.34 in (13 x 11 x 3.4 cm) | 2.13 x 2.13 x 1.34 in (5.4 x 5.4 x 3.4 cm) | 1.77 x 1.77 x 1.18 in (4.5 x 4.5 x 3 cm) | 1.77 x 1.77 x 1.18 in (4.5 x 4.5 x 3 cm) |
Weight | 19.9 oz (565 g) | 2.15 oz (61 g) | 1.59 oz (45 g) | 1.52 oz (43 g) |
Operating Temperature | 32°F to 122°F | 32°F to 95°F | 32°F to 95°F | 32°F to 95°F |
Common Features: Active Protect, Deep Insights, Deep Insights, Ad Block, Device Management, Family Protect, Device Groups, Rules, Alarms, Content Filtering, Bandwidth Monitoring, VPN Server, VPN Client, DNS over HTTPs, IPV6, DDNS, Simple and DHCP Mode | Yes | Yes | Yes | Yes |
Site to Site VPN | 10x connections | 1x connection | 1x connection | Client only |
Geo-IP Filtering Regional Blocking | no limit | Ten countries | Three countries | None |
Web Interface (beta) | Yes | Yes | Yes | None |
Custom or 3rd Party Software App | Yes | Yes | Yes | Yes |
Inline Firewall | Yes | None | None | None |
Simple Smart Queue | Yes | Yes | None | None |
Advanced Smart Queue and Rate Limit | Yes | None | None | None |
New Device Quarantine | Yes | Yes (beta) | None | None |
Docker Containers | Yes | Yes | None | None |
Can Work as a Router | Yes | No | No | No |
All of these are add-on devices that you connect to an existing network, except the Gold version, a full-fledged non-Wi-Fi router that can host a network on its own.
Which Firewalla to get?
For most homes, the Blue is a good fit.
If you have a home with lots of devices, the Blue Plus might be more suitable—it has double memory and, therefore, is more capable.
The Red is virtually the same as the Blue but designed for those with sub-100Mbps Internet—so I'd skip it.
All the three above will give you the same core experience. Get the Gold only if you plan to add Wi-Fi broadcasters separately—it's also the only one that can handle Internet speed faster than 500Mbps.
Excellent mobile app and sleek web interface
Like all add-on security devices, the Firewall Blue (and all other versions) requires the Firewalla mobile app to work. And to use the app, you need a login account with Firewalla, and all that implies—more below.
In return, you can manage your home network from anywhere globally, as long as you have Intenet on your phone.
The app worked well in my testing. On my Pixel 3 XL, it launched fast and was always responsive. Most importantly, it allowed access to all of the Firewalla Blue's settings and features with an excellent level of detail.
But if you're like me and prefer the web user interface, you can have that too.
Here's how: On an Internet-connected computer, navigate a browser to my.firewalla.com, and you'll get to a page with a QR quote. Now on your phone, run the Firewalla app, hit the Firewalla Web button to scan the quote, and voila, you can access the device's web UI. The whole process is quite neat.
The web interface makes working with things easier since you can use a big screen via a mouse and a keyboard. However, it has the same level of access as the mobile app.
Effective features, flexible controls
The Firewalla Blue has a lot of features and settings, but the following are the major categories:
- Protects home devices from cyberattacks
- Content filtering and safe search
- Detailed insights into your home network
- Ad-blocking and data usage monitoring
- VPN server and clients
I tried them all out, and they worked, though not as you might imagine.
For example, the protection feature, called Active Protect, can only be turned on or off. It works behind the scenes, and you generally have no say in what it does and how. But it did prove to be a layer of protection for the entire network in my trial.
Content filtering allows for blocking Internet access, porn, social, gaming, video, etc. And that worked. However, you can't block a particular website, nor can you set up a comprehensive schedule. Instead, you can quickly invoke it on any or all devices for an hour at a time.
The Ad Blocking feature kind of worked in my trial. It wasn't super effective. While it blocked text and image ads, the frame of the ads still appeared. So if you hope to keep a web page uncluttered, that's not going to happen. Also, most video ads still got through.
The VPN feature also took a bit of work for me to set up. It's easy enough for advanced users but still far harder than the Teleport feature found in Ubiquiti AmpliFi routers, such as the Alien. The Blue can work either as a VPN server or a VPN client, where it turns the entire network to be part of another at a remote location.
In all, I loved the flexibility of the app. For any of the available features and settings, you can set it up manually and apply it to a certain number of connected devices. Or you can also tap on a device, view its details, and then use a setting manually.
Another thing worth noting is the level of detail. The Blue treats each suspicious activity as an alarm. You'll get a notification when each happens. Or you can proactively view them all on the Firewalla app's interface. And when you tap on one, you'll see a ton of information about the event.
For example, I used several Arlo security cameras that uploaded recorded security footage to Arlo's server. Each time this happened, the Blue detected data being transmitted out of the network and called it an "Abnormal upload" alarm.
When I tapped on the alarm, I saw the time when the upload happened, the IP address of the destination server, the amount of uploaded data, the involved port number, etc., and the location of the server on a world map.
Yes, I could find out all that information manually, but the idea here is that you can see everything in one place via just one tap. One could get used to that convenience fast. I know I did.
Some catches
For this review, I used Firewalla Blue Plus for more than a week, and it was a fun and positive experience. That's not to say the device is perfect. Here are a few things to keep in mind.
The privacy issue
First of all, like all firewall devices, the Firewalla virtually puts itself in between your router and the rest of your network. All of your Internet traffic, inbound and outbound, go through it. Consequently, folks at Firewalla could collect a lot of information from you.
Here's the company's lengthy Privacy Policy. (Or check out this page of friendly-worded FAQs on the matter that Firewalla provided me.) You'll note the device does collect quite a bit of information.
Again, that's the nature of any vendor-assisted firewall hardware. Like in real life, you can't be protected without somebody watching over you.
Reduced Internet speed
The Firewalla Blue / Plus will throttle your Internet down to slightly slower than the speed it can handle, which is 500Mbps.
In my case, I had a cable plan with over 600Mbps download. With the Blue plugged in, my broadband immediately and consistently reduced to slightly below 500Mbps and remained that way. When I unplugged the Blue, things got back to normal within half a minute.
Keep in mind that you'll have to sacrifice a portion of your Internet bandwidth when using this device. And if you have a super-fast broadband connection, you'll lose everything over the 500Mbps mark and then some.
That's quite normal, however, and also what I experienced with other similar devices, such as the TrendMicro Home Network Security, which was much worse on this front.
Still, pick the Blue or Blue Plus only if you have 500Mbps or slower Internet. Else you should go with the more expensive Firewalla Gold or skip this type of device at all.
Excessive notifications
The Firewalla app, as mentioned above, is a bit oversensitive and treats almost everything that takes place within your network as an alarm.
As a result, if you opt to have the notification turned on, which is the default setting, be prepared to get bothered constantly. It can be ridiculous.
Indeed, every time somebody in your home starts a game, streams a video, searches for something even slightly controversial or just does whatever online, you'll get a notification on the phone.
In my case, the uploads of the Arlo cameras alone were enough to drive me nuts.
Yes, you can turn the notifications off (which I did), but you will get no update even when something bad happens unless you check with the app. It's a bit of a dilemma.
For now, the notification is an all-or-nothing approach. Likely soon, the app will allow for picking and choosing when and what you'd like to be notified of via updates.
Firewalla Blue Plus' Rating
Pros
Super easy to set up and use
Lots of useful and well-designed network protection, monitoring, and managing features
Intuitive mobile app and web interface
Compact design
No subscription required
Cons
Privacy concerns
Causes the Internet to max out at sub-500Mbps
No PoE support
VPN is a bit hard for home users to set up
Excessive notifications
Conclusion
As a home firewall box, the Firewalla Blue / Plus is way ahead of the Trend Micro Home Network Security on all counts.
The device works well and is super user-friendly. In a way, it puts your entire home network in your palm for you to manage, at any given time, no matter where you are. And for that, it's worth the relatively high one-time cost.
So, the only sticking point is the matter of privacy and the Blue's slight adverse effect on Internet speed. And that is the call you have to make.
I decided to stop using the Firewalla despite the positive experience. It took me quite a bit of effort to get to the 600Mbps download speed. I'm not going to give that up easily.
I opted for the Firewall Gold instead.
Just don’t go down the Firewalla road. Offshore support only through email, short warranty (if they will RMA at all), if RMA is approved it’s lost in transit to China. The appliances are not remarkable for the cost. Power users will be locked down due to automation & poor feature design, retail customers will be lost when something is misconfigured. These issues often end up on the vendor’s Reddit page where 1) told you are the problem 2) given wrong answers 3) no meaningful answers at all. Stateful firewalls will never be set & forget, get idea, does not work. Frankly, many of the marketing statements made are in a perfect lab setting or not true. Engine to this is all open source with them adding app integration & automation. In current price point there are much better appliances to be had. Will any be true plug & play? No, but that is an unrealistic goal for this type of network equipment, IMO. This includes all the vendor’s product line.
@Ngo. Thank you for this review. It is quite helpful, and I am thankful for the pictures and added information you have provided to allow someone like me (not very tech savvy) to easily follow through your article.
Sure, Ra. 🙂
With many new routers utilizing IPV6, how useful is Firewalla now since there is no ARP spoofing? I have Firewalla blue plus on a T Mobile home internet Nokia router/Modem that’s locked up tighter then a drum. I can’t turn off DHCP nor switch from ipv6 to ipv4. Firewalla support would never answer my question ” am I protected from outside malicious attacks since firewalla can’t ARP spoof on IPV6″ Wonder your views? Much appreciated.
You can always turn off IPv6 for your local network, Tony. In fact, you should do that, for the foreseeable future, unless you have specific needs for IPv6.
Thanks for nice review and the people who share their comments.
I am looking for ways to block gaming especially among us or amung us. I can’t even see this game do dns lookup. ( I am using pi-hole to “simulate” a blocking mechanism)
Hope that the blue plus can easily precisely blocking the gaming site.
I am using a linksys (beklin) router and hope that the “arp spoofing” will work in my case.
If anyone can share his/her view in my case, appreciate that in advance.
It should work, Paul.
I’m really impressed with Firewalla. I use both the Blue Plus and Gold in different installs. The ease of use far surpasses the performance hit. If performance is a concern, you should buy the next bigger model.
Hello.
What are your thoughts on RATTrap by IoT?
I haven’t tested it but the fact it works only when placed in front of your router alone can be problematic.
Well, I have been struggling with a Firewalla Red for months now. Have given up on it. The problem is that it runs out of memory and crashes-reboots. I have multiple tickets open with Firewalla tech support about this problem. They know about this problem. They keep saying we are running P2P in our network and Firewalla cannot handle the “large number of connections”. We are not running P2P here. They recommend I buy a newer Firewalla (read: more expensive). I bought red version because my internet service is less than 100 mbps.
I do not know why did they release the Red if it cannot even do its basic job. Please stay away from Firewalla…at least the Red version!
Sorry to hear, Raj. From the look of it, the Red is not good, which is why I didn’t want to even try it out. But you might not need this type of device anyway. 🙂
What do you think about the Synology RT 2600AC router’s (SRM) Threat Prevention feature? Is it similar and comparable to Firewalla on most of it’s features? Or is it different?
Thanks for your expertise.
The protection part is similar, Manny. But the Firewalla is also heaving on monitoring.
Thank you for your prompt reply. Could you elaborate on how Firewalla is heavy on monitoring? In what way? How is that different from Synology Threat Protection? Doesn’t the Synology router also monitor in some way? I’m a newbie at home networking, so any information would be helpful. Thank you again for your expertise.
I mentioned that in the review, Manny. It basically monitors all activities within your network and spams you with notifications. All applications of this type are similar and different by degrees. I can’t go into details, nor should you expect that from me — your need to find books or take courses if you want to know the intricate details.
arp poisoning / spoofing is slow, terrible, and unsuitable for anything.
how can anyone justify not putting a firewall inline? double nat is far preferable to arp spoofing and thats bad enough.
its sad to see cheapskates try and charge big bucks for artificially crippled firewall machines. put two damn ports on there.
i run my own firewalling on my own vanilla hardware and pay less, can attach a keyboard/mouse/monitor in a break glass situation. this firewall industry is mostly a joke and none of them keep the damned kids from playing fortnite and watching youtube crap effectively. nothing l7 or intelligent goes on with these piece of garbage, and people care and ooh and aaah over L4 firewalling stuff which has been doable with iptables for 20 years (or pfsense, etc).
I hear you, Mick. And thanks for your opinion. I wouldn’t use this one myself but for most home users, it’s quite cool.
@Mick Russom, Hi Mick, what makes Dong’s site stick out above most, is that is very understandable for a layman. I also think I’m not alone in this. I read your review and I do not understand a word of it, but you end with a harsh judgement. Perhaps you could elaborate for the audience on this site. I’m curious in what you have to say.
Grtz Henk
@Mick Russom, while I agree with most of what you said, you are wrong on the Firewalla. I have no affiliation WITH firewalla except owning a Gold and while not currently a Network Engineer, I still hold 2 of Cisco’s certifications. I know my way around the network and have a highly customized router, but I still couldn’t truly accomplish what the Gold did. Take blocking YouTube or Fortnight. I spent hours hunting down the IP ranges of Google and Google video.com and then GogVid, etc. And after hours of work, they judr add a new range. I never could block them all. Sure, I could segment my network and run everything thru a proxy and then filter out video feeds, but then I have to run another box, maybe two and to be honest, who wants to do all that for your spouse to then say, “let the kids watch YouTube for an hour”? However, I put up the Firewalla Gold and tap a button twice (first to block it for 1 hour and the second will block it until you unblock it) and poof YouTube and I can unblock it just as quick. There is even a “Family Hou” setting so you can setup an hour that you designate to force you kids to come to dinner and participate in an actual conversation. So, in conclusion, can you manually do everything this can do? Yes. Can you do it in a one box solution like they did? Maybe.. If you had the time, effort, and equipment (on-hand or willing to buy it), but you will have to invest hours to get it running and keep it running, especially if you have a layperson spouse who thinks the “internet” is at her whim since she is married to a “Computer Expert”. For me, it is worth every penny and I’m not paying $400 or $600 annually for the firewall subscription from the other players in this arena.