Data/Cyber/Cloud Security, Privacy, Website Security, Data Encryption, Malware/Viruses, Open Source Intelligence, Cyber Defence, Data Breaches
I am never one to talk about my current tech products, services or defences, and this article is no different. My methods and defences can be described as paranoid, and last year I spent over £1,000 alone on hardware. Only to ditch it all and go back to my old setup from a few months back.

Over the years I have tried an assortment of well-known hardware firewalls plus a similar number of software O/S appliance firewalls. A few months ago, I thought I would try out one which has been on my list for years - a SonicWall. £600 later, it arrived to my excitement. It has basic subscriptions plus an in-built Wi-Fi AP.

Firstly I of course plugged it in, and it wanted me to register for an account which I did. On logging back into the web account, it said invalid address and would not let me log back in to fix the issue - how stupid! At least let me log back in to fix the "problem". I created a new account in the end, and it registered the device.

The device is rather complex, and the next issue was a buggy UI. After 10-15m the browser would stop the connection due to cryptography reasons. Likely it was auto degrading the cypher suite. The only fix was a device reboot taking minutes. On calling support they have never seen the issue before and after some weeks it was patched.

Lastly, the final reason I ditched it is an overzealous subscription model. Even SSL-inspection requires an extra license over the base firmware and subscriptions package it came with. Other services require another £200 to activate to. Other hardware/software appliance firewalls I have used include a fair amount under the base yearly subscription.

After forgetting about the SonicWall, I moved on to three devices from Ubiquiti, a USG controller, managed switch and Wi-Fi AP. Each item was under £100. The main problem which caused me to give up was it struggled to see or register the other two devices despite passing traffic through the switch to my desktop.

On to attempt three, Aruba Instant On from HPE. Both HPE and Aruba have a good name, more for enterprise that SME or home use. Before ordering this for under £100 I moved back to my original physical firewall setup. Aruba sell this as being easy to use and it was, probably too easy to use, especially for me who wants more advanced security functions.

The box cannot be administered locally so you must install a smartphone app, pair it and then manage it through a SaaS portal. Zero local management means Aruba or HPE which I have nothing against have my network map and PSK (pre-shared key). Thus, a potential way into my home network since the key is stored in plain text or using reversible encryption at their end.

For a short while I accepted this, but this was not the only annoyance. It automatically logs and/or categorises endpoint traffic which passes through the AP. Thus, they can see everything which passes through Wi-Fi. On asking support there was no way to stop SaaS management nor logging.

My only thought to stop it logging was firewall 80/443 (TCP) past my home WAN interface. A solution which I should not have to do and by firewalling it, it means firmware updates cannot be done automatically. Goodbye Ubiquiti and hello back my old setup with an additional purchase of the same Wi-Fi AP as before.

£1,000 down the drain or as a colleague put it, £1000 of learning!