Network Traffic Analysis / Firewall Compatability
The context of my questions below are based on the following using a Windows 10 OS, industry standard modem, router, and switches.
- Wireless LAN
- Wireless web enabled thermostat
- Wireless security system
- Wireless security cameras
- SMART devices such as TV, game systems
- Wired NAS (Synology) with internal and external application apps, i.e., VPN, security camera app, music apps, etc.
- Wired security cameras
I note from the F-Secure Sense webiste information the following from FAQ: What makes F-Secure Sense different from other products on the market?
F-Secure Sense Answer: Deploying a high-end router with current Wi-Fi technology, F-Secure Sense analyzes network traffic in the home and prevents attacks from ever reaching the various devices in your home network, which may include anything from your PCs, laptops, smartphones to Smart TVs and Smart Locks.
While I relize F-Secure Sense is not a firewall, rather a "router" product, the F-Secure Sense "router" does provide somewhat similar protection servcices as a firewall.
Questions:
- Please advise what "analyzes network traffic" means relative to connected network devices via F-Sense in comparison to firewall "network inspecaton at levels 3-7" of a 3rd party firewall?
- If substantially different, does F-Secure recommend to install a "layered" 3rd party firewall, i.e., DOS attackes?
- If so, is F-Sesnse compatibile with industry standard 3rd party firewalls?
Thanks for your consideration.
Comments
-
Hi Zippy_MS,
“Analyzing network traffic” means that Sense will first determine the device type from the network traffic.
So you’ll be able to see your connected devices on the device list of your Sense app and you can recognize them easily. In addition, the devices will be classified as “IoT device” or “personal device”.
The IoT devices usually have a relatively simple and deterministic network traffic pattern. Sense will “learn” those traffic patterns for each IoT device. This will allow Sense to recognize unusual traffic to/from any of your IoT devices which might be an indication of a compromised device. This is used as a second line of defense in case a sophisticated IoT malware somehow would be able to bypass the first line of defense (the firewall and URL or host name blocking based on reputation). You’ll be alerted on the unusual traffic for that IoT device and you can block internet connectivity to that device or you can disconnect it completely if you wanted.
This device traffic anomaly detection is not used for personal devices as your browsing habits don’t follow a simple deterministic pattern.
As for the firewalls, it’s a bit unclear whether you mean local firewall in your device (eg Windows PC) or you mean the network firewall. Sense _is_ a network firewall (among others) and should be used as such in your home network. There is no need for another firewall. (Unless you have some very specific, customized needs, in which case you most likely already have a custom-built or configured firewall solution anyway.)
Sense currently doesn’t have protection against DoS attacks.
If you mean firewall in your local computer then that’s still needed as the Sense firewall doesn’t do layer 7 protection (except for the browsing protection).
