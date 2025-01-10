The threat environment for cybersecurity has changed drastically over time, and home broadband use has skyrocketed. When remote jobs and hybrid working arrangements are added, the security features in many consumer routers might not be enough. Adding a hardware firewall appliance to your home network adds another layer of security to your network, while giving you advanced features to manage network traffic and connect to corporate networks.

Whether you want to keep your family safer online or work as if you're physically in the office, a good hardware firewall adds stronger security measures while affording some level of preventive threat analysis before it becomes an issue. Some employers might even require them to be installed so you can take advantage of WFH arrangements, but how do you know what you need in terms of features? Whatever hardware firewall you go for, there are some basic features that you should aim for, as well as some more advanced nice-to-haves that make your home network that much safer.

7 Throughput and ports

You want high throughput numbers, especially once you turn on filtering and inspection

Close

Before looking deeper into the functionality of a hardware firewall, you want to know two things. The first is how many ports it has and the speed of those ports, because that determines both current and future setup needs. As hardware firewalls, when used in home networks, are usually set up as edge devices, they go between the internet and your internal hardware. That means you might only need two ports, but it's important to match the speed of these to your existing hardware so they can all sync up together. They could also be used for internal segmentation, but that's less likely at home. It's still important to match port speeds with existing hardware, but you might want more ports so that future expansion can be planned.

You'll also want to check the throughput of the firewall, which is the volume of traffic that can pass through at any one time. Most firewalls will support 1Gbps+ throughput, so it's not as important to check, but if you're buying ex-enterprise or other used hardware, check the specs because older devices can drop the throughput drastically once you put filtering, intrusion prevention, and other security features on.

6 Basic functionality

Stateful inspection, packet filtering, and access control lists

Hardware firewalls have some features that are generally thought of as table stakes, like access control lists to allow or deny web traffic based on predetermined rules. This list of rules filters traffic before it hits the network, making it easier for the other security features to do their jobs while hopefully stopping unauthorized traffic. For example, you can set them up to only let video call data go to certain devices on your network, so other attempts will bounce off the firewall.

While they're also part of the software firewall in your operating system, having them on a dedicated network appliance means the rules get applied to all traffic, not just that aimed at your computer. They're best when used in conjunction with a stateful firewall that can monitor every packet in a session and detect and reject any unauthorized traffic.

5 Virtual Private Networks(VPNs)

Keep your data private and access your home network from outside