If you’re reading this post, chances are you have one, if not several, IoT devices in your home. So how do you know that these connected devices are sending your data to the servers that you’d expect? The companies that make our video doorbells, sensors and smart speakers all have privacy policies of course, and we assume that the data they’re collecting is going to servers that the company manages our safely outsources.
But, how do you know?
You really don’t, which is why I’ve been testing a device that will show you where your data is going with a high degree of certainty. It’s called Firewalla and it costs either $109 or $179 depending on the model you choose: one is for home networks up to 100 Mbps speeds, and one is for faster networks. I tested the latter as I have 1 Gbps home internet.
Firewalla is a super small device, roughly the size of a USB charger. It connects to your router and monitors all of the network traffic in your home. Aside from capturing the flows of data, it also adds several optional whole-home blocking rules for ads, adult content sites, and social networks to name a few: Think parental controls for your network on steroids. And it also has a built-in no-fee VPN server that you can tap into when away from home.
So how does it work? Quite well in my testing, although I found a few quirks.
Setup, in general, is easy. Depending on your home network configuration and router, you plug the Firewalla into an outlet and connect it to your router using the included ethernet cable After the device fully boots up, it starts scanning your network for connected devices and provides a list of them, complete with their MAC and IP addresses. Then it starts to monitor all of the network traffic and bandwidth used from your devices.
That sounds like any other network monitoring tool provided by most routers these days. I have Google WiFi units for example and the corresponding mobile app shows much of this information. Firewalla takes this a huge step further, however.
First, the Firewalla app shows all of the server names that my home’s data is flowing through, as shown above for my WyzeCam. And it adds little flag icons next to each server name so you know if information captured by your connected devices is going to an unexpected country. Even better, if device data is sent to an unexpected place or during a strange time, Firewalla surfaces an alert. You can even drill down in the alert to see a map showing roughly where the external server is, who owns the domain, and more.
My June Oven, for example, occasionally sends some data in the middle of the night, which has generated an alert. By drilling down in the alert, I can see that the data is going to Amazon’s web servers in Seattle, which June presumably uses instead of managing its own servers. I can also see that the data was transferred using the official June API.
Overall, I’d expect this data flow for a connected device, so with one tap, I can mute future alerts that match these parameters. And if I saw June data going somewhere I didn’t expect? Instead of muting these alerts in the Firewalla app, I can hit the block button.
In over a week’s use of testing the Firewalla and scouring the network flows for hours, I didn’t see any device data going where I wouldn’t expect it to go. So I’m far more comfortable with the devices I have in my home; a certain peace of mind that I didn’t have is there now. And I also feel better adding new devices to the house. I know that I can quickly and easily see if they are “bad actors”.
While that’s the IoT-aspect of Firewalla, I did mention some other features that I’ll briefly hit upon from my testing. After all, this device is far more than an intelligent network device scanner.
There are one-touch buttons in the Firewalla mobile app to block ads, create a home IP address for remote access via DDNS, scan for open ports on your network, enable a “social hour” that blocks all social networking activities in the home for an hour and turn on safe-search for the home. I’ve tested nearly all – not the DDNS option – and they mostly work as advertised.
I say “mostly” because I did see some ads get through the ad blocker from time to time, but these were few and far between. My daughter can angrily verify that “social hour” works although she was able to see already loaded posts in some of her social networking apps. She couldn’t refresh the feeds or respond though.
The built-in Firewalla VPN worked great in my testing as well. Once enabled at home, you can be out and about safely on public Wi-Fi. The VPN works with the OpenVPN service and the app and is easy to configure with a downloadable file from the Filewalla mobile app.
I like that there are no VPN subscription fees and I love that the VPN server is in the home. That means I can be out of the country and still stream my local television content or watch Netflix even if I’m somewhere that Netflix isn’t supported.
Sometimes with a network monitoring device like this, you’ll see slower home internet speeds. That wasn’t the case with Firewalla. After multiple tests in my home, I didn’t see much of a difference from the tests I performed prior to adding Firewalla to my network. Your mileage may vary based on your router brand and set up.
Speaking of that, I did run into a frustrating glitch that applies to Google WiFi mesh networking. Every two to three hours after turning the Firewalla on, our home network would be completely inaccessible. Firewalla is aware of the issue, which appears related to how Google WiFi refreshes its DNS and has some suggestions on how to mitigate this.
The only method that worked for me was sort of the “nuclear” option. I had to enable bridge mode on my main Google WiFi unit. That solved the problem completely. But while in bridge mode, you lose wireless mesh networking to other Google WiFi access points. I’ve effectively cut my wi-fi coverage in half as a result. My hope is that Firewalla finds a better solution for Google WiFi owners in the future.
Overall, I’m very impressed by the Firewalla. It offers a broad range of useful features and adds the detailed monitoring of connected device network flows, complete with alerts for abnormal activities. It’s so good that I’m actually considering living with just the one Google WiFi router in my home and giving up mesh networking for a while. Peace of mind is more important to me than network range and that’s what Firewalla provides.