Firewalla Gold review — plug-and-play firewall for home network
Who is this for? Home users who want serious network security without CLI or configuration files. If you want more control and don’t mind technical configuration, look at OPNsense on a [Protectli Vault](/en/reviews/protectli-vault-review/).
Firewalla Gold review
Who is this for? Home users who want serious network security without CLI or configuration files. If you want more control and don’t mind technical configuration, look at OPNsense on a Protectli Vault.
Update April 2026: The original Firewalla Gold is discontinued. The current lineup is the Gold SE (~€200, ARM quad-core, 2× 2.5G + 2× 1G, ~350 Mbps WireGuard) and the Gold Plus (Intel quad-core, 4× 2.5G, ~500 Mbps WireGuard, higher price). The description below applies to both current models.
Firewalla Gold is a compact network security device you place behind your router and manage via an app. No OpenWrt, no CLI, no configuration files. The target audience: people serious about network security but who don’t want to become network engineers.
What Firewalla does
Firewalla works as an inline device — all traffic to and from your network passes through it. That makes the following possible:
Intrusion Detection (IDS): Firewalla analyses traffic patterns and warns of suspicious activity. If a device in your network suddenly connects to known malware servers, you receive a notification.
Ad and tracker blocking: DNS-based blocking for the entire network — all devices benefit, including smart TVs and gaming consoles.
Built-in VPN server: Firewalla can act as a WireGuard or OpenVPN server so you can securely log in from outside.
VPN client: Connect the entire network via WireGuard or OpenVPN to an external VPN provider (Mullvad, ProtonVPN, IVPN).
Device management: See every device on your network, block unknown devices, set rules per device or group.
Family filters: Block categories (gambling, adult content) per device or time period.
Specifications
| Property | Value |
|---|---|
| Processor | Depends on Gold variant |
| RAM | Varies by model generation |
| Storage | Varies by model generation |
| Ethernet | Multiple Ethernet ports, depending on Gold variant |
| Operating system | Linux (Firewalla OS) |
| Management | iOS and Android app |
| Cloud dependency | Partial (app communication) |
| WireGuard throughput | Depends on model and mode |
| Price | Paid |
App management: strength and weakness simultaneously
The Firewalla app is the reason most people choose this device. Everything is visible and clickable — no terminal, no configuration files. You see live which devices are connecting, to what, and how much data they use.
Strong: Accessible. You have control without technical knowledge.
Weak: The app communicates with Firewalla’s cloud for remote management. You can also use the app locally, but for notifications and external access an account and cloud connection are required. This is a compromise compared to fully local solutions like OPNsense.
Comparison with GL.iNet and OPNsense
| Firewalla Gold | GL.iNet Flint 2 | Protectli + OPNsense | |
|---|---|---|---|
| Configuration | App | Web interface + CLI | Web interface + CLI |
| Technical level | Low | Medium | High |
| Intrusion detection | Yes | No | Yes (Suricata) |
| Built-in VPN server | Yes | Yes | Yes |
| Open-source | No | Yes (OpenWrt) | Yes (OPNsense) |
| Cloud dependency | Partial | No | No |
| Price | Paid | Paid | Paid |
Who is Firewalla Gold for?
Good choice if:
- You want to take network security seriously without a technical background
- You want a device you install and forget until it reports something
- Family filtering or device management play a role
- You want a higher-end plug-and-play firewall appliance
Less suitable if:
- You want maximum transparency and control (OPNsense is better)
- You don’t want cloud dependency
- You already have a GL.iNet router — the overlap is large and the added value limited
Caveats
Not truly open-source: Firewalla OS is based on Linux but is not fully open-source. You cannot audit the internal workings like OpenWrt or OPNsense.
Cloud account required for full functionality: Some features (external notifications, management outside your network) only work with a Firewalla account. For a privacy device this is a tension.
One-time purchase: No mandatory monthly subscription for the hardware itself. That is an advantage over some competitors.
Pros and cons
Pros
- App-based management — no CLI, no configuration files required; accessible without a technical background
- Inline IDS monitors all traffic and warns of devices contacting known malware servers
- Built-in WireGuard and OpenVPN server and client — covers both remote access and full VPN routing
- One-time purchase with no subscription — app is free
- Family filtering with per-device and time-based rules
Cons
- Partial cloud dependency — notifications and external management require a Firewalla account; not fully local
- Not open-source — Firewalla OS is based on Linux but internal workings cannot be audited like OpenWrt or OPNsense
- If you already have a GL.iNet router the feature overlap is large and the added value is limited
- Those wanting maximum transparency and control are better served by OPNsense
Conclusion
Firewalla Gold is the best choice in the “serious network security without technical knowledge” segment. The app is good, the intrusion detection works, and the VPN functionality is broad. The compromise is partial cloud dependency and no true open-source.
Those willing to accept a steeper learning curve usually get more transparency and flexibility from OPNsense on dedicated hardware.
See also:
- Which network setup fits your profile? — when is Firewalla the right choice?
- GL.iNet Flint 2 review — the more technical home router
- Setting up a GL.iNet travel router — configuring VPN at router level