Fibre is everywhere, its reshaping our daily lives, I recall a few years ago when we were all stuck having to use ADSL, oversubscribed and erratic at the best of times. Nowdays we can stream TV in full HD while someone has a skype video call and someone else downloads emails. Its great…..I think… but is it really?
Children nowdays all have tablets and one annoyance I find is that all the games have adverts and links, before long they have clicked or touched, and the Tablet is full of junk. In some instances, they have clicked and ended up in places where one would prefer they did not.
Well, I found a great solution....
It’s a small Firewall Appliance, ordered off the shelf installed with the latest version of PFSense. This is a full firewall product that will give any commercial competitor a good run for its money, except that PFSense is open source. (Free)
These boxes are perfect for the job, they all can run the WAN DHCP configuration that most ISP's use and by default they allow nothing in but the LAN is allowed out. So a basic setup will get your home connected in no time.
The appliance I bought has 4 Ethernet ports for use, this is fantastic if you have a more than basic setup like I have. One port is LAN, one port is Fibre WAN, one port is LTE WAN and the other port is DMZ for guest Wifi.
You can run some pretty nice services that will for example strip those banner ads in YouTube and many websites. You can block sites based on DNS Blacklisting or category. (malware, Advertising, social media, Adult…)
If you really want to get fancy you can give priority to the Video calling but limit/block your teenagers ability to download torrents with the Traffic Shaper.
Of course, there is a web proxy you can use with its own antivirus engine and then you can use the DHCP function to control all your local addressing too.
I bought these boxes for 126 USD each, they ship with 2 Gigs or RAM and a 16 Gig SSD. They are low power devices and run super quiet as they are fan-less. You can specify more RAM and SSD if you wanted to.
My boxes arrived with PFSense installed but you could always install your own PFSense build directly off Netgate’s website.
The software is very capable, you can run two of these in a HA Cluster if you want and failover is within seconds, for any small to medium business that does not have the budget for Checkpoint this is a really great second choice. Sadly, it does not do any SD WAN although if you created multiple link and tuned the Traffic Shaper you would get pretty close.
A super little box for a bargain price...
Here are some pictures:
New in the box..
