Ukubuyekezwa kwe-Firewalla Orange: I-Firewall Elingana Ephaketheni Eyangilandela Ukuya e-Tokyo
OKUHLE:
- Iguqula noma iyiphi i-Wi-Fi engathembekile ibe inethiwekhi evikelwe ngohlelo lokuvikela ngokushesha
- Ishaya okungu-1,720 Mbps phansi ngentambo, akukho nkinga
- Ukusethwa okugcwele emizuzwini eyi-10 ngokuzenzakalelayo okulungiselelwe kusengaphambili okuhlakaniphile
- I-Wi-Fi yehhotela isebenze ku-151 Mbps ngokuvikeleka okugcwele kuyasebenza
- Intengo yesikhathi esisodwa engu-$339, okubhaliselwe okuyiziro, azikho izinkokhelo ezifihliwe
I-CONS:
- Ukusebenza okungahleliwe kwe-MAC kwenza buthaka ubumfihlo bedivayisi obuvikelayo
- Izimbobo ze-Ethernet ezimbili kuphela zikhawulela ukushintshwa kwerutha yasekhaya
I-QUOTS YOMHLELI:
244 amagremu obufakazi ukuthi awudingi ukwethemba i-Wi-Fi yehhotela.
BUYEKEZA – Yonke inethiwekhi ye-Wi-Fi yehhotela iyisenzo sokwethenjwa olahlekelwayo. Xhuma ikhompuyutha ephathekayo kunethiwekhi yezihambeli zehhotela, futhi emizuzwini embalwa idivayisi yakho isizimemezele kuwo wonke omunye umshini kuleyo subnet eyabelwe, isakaza igama layo, amasevisi, nezimbobo ezivulekile kubantu ongabazi ongeke uhlangane nabo. Ngipakishe i-Firewalla Orange ohambweni lwakamuva oluya e-Japan ukuze ngihlole ukuthi ibhokisi elingamagremu angu-244 lingayixazulula ngempela yini leyo nkinga, noma ukuthi “i-firewall ephathekayo” kwakuwumusho nje wokumaketha owelulelwe phezu kweshaja yokuhamba enezifiso.
Kwavela ukuthi, i-Orange ilethwe ngesithembiso esiyinhloko futhi yahlanganisa engikulindele ngezindlela ishidi elingazange lingixwayise ngayo.
Yini I-Firewalla Ethunyelwa Ebhokisini
Vula okufakiwe futhi okuqukethwe kubukeka kulula kakhulu kumshini wokuvikela ongu-$339. Uthola i-Orange ngokwayo, ikhebula lamandla le-USB-C, i-adaptha yodonga ehlangene, intambo ye-Cat6 Ethernet eyisicaba, nekhadi elikukhomba ku-firewalla.com/install. Ayikho imanuwali ewugqinsi, ayikho i-CD yokusetha, ayikho i-hardware ekhwezwayo.
Idivayisi incane kunenoveli ye-paperback ku-12.8 x 8.3 x 3 cm, enegobolondo le-matte eliwolintshi eliphezulu elihlala phezu kwesisekelo sepulasitiki esimhlophe. Ibhrendi ye-Firewalla igxishwe esivalweni esiwolintshi, kucashile kangangokuthi ungaphuthelwa yideski. Izikebhe zokungenisa umoya zihamba ohlangothini lwesobunxele, futhi izinyawo zenjoloba ezincane ziyivimbela ukuba ingasheleli ezindaweni ezibushelelezi. Ukuyiphakamisa, amagremu angama-244 abhalisa njenge-smartphone enekesi kunegiya lenethiwekhi. Lokho kukhanya komzimba kuyiwo wonke amazwi: leli bhokisi lihamba nawe, futhi akukho lutho mayelana nokulibamba okuphikisana nalokho.
Ngasemuva, isakhiwo sembobo sisuka kwesokunxele siye kwesokudla: iphinikhodi ye-LED yesimo, imbobo ye-USB-A enosayizi ogcwele, amajekhi e-LAN nama-WAN Ethernet (womabili anelebula ngokuthi 2.5G ngombhalo osawolintshi), okokufaka kwamandla e-USB-C, kanye nenkinobho yokusetha kabusha ehlehlisiwe. Amachweba amabili. Yilokho kuphela. I-Firewalla ikhethe umkhawulo phezu kokuvumelana nezimo lapha, okusho ukuthi ayikho imbobo ye-IoT ezinikele, ayikho i-spare jack ye-LAN yedivayisi yesibili enezintambo. Ngomkhiqizo wokuqala wokuhamba, i-tradeoff inengqondo. Kumuntu ozama ukushintsha umzila wasekhaya ngezimbobo ezine ze-LAN, akunjalo.
Ukusetha Kuthathe Amaminithi angu-10, Ngokubamba Okukodwa
Ukumatanisa okuwolintshi kuhlelo lokusebenza lwe-Firewalla iOS kuqala ngokuskena ikhodi ye-QR ngaphansi kweyunithi. Uhlelo lokusebenza libuza ngokushesha ukuthi uyafuna yini ukuyisebenzisa njengerutha ezimele noma uyengeze kunethiwekhi ekhona, ukukhetha okunquma ukuthi kuthatha ngamandla kangakanani ukuphatha kwakho i-IP. Ngikhethe imodi yerutha yokuhlola ekhaya.
Kusukela ekuthepheni okuthi “Engeza Okusha” ukuze ubone isikrini sokuqinisekisa sokuthi “Siyakwamukela ku-Firewalla,” yonke inqubo ithathe cishe imizuzu eyi-10. Lokho kufaka phakathi isigaba sokunikeza (isikrini esithi “Ukusetha” esinebha yenqubekela-phambili nesixwayiso esigqamile esithi “Unganqamuli”) kanye nokuthi “Usulungele Ukusebenzisa?” isifinyezo sokuzenzakalelayo okulungiselelwe kusengaphambili: Umugqa Ohlakaniphile onokubeka kuqala ikholi yevidiyo ye-Google Meet, Amaqembu, i-Webex, ne-Zoom; I-Active Protect isethwe kumodi eqinile; kanye ne-Ad Block futhi ku-Strict. Ungabuyekeza futhi ulungise yonke into ngaphambi kokuthi izilungiselelo ziphushele kudivayisi. Leso sikrini sesifinyezo sizizwe njengocingo olulungile, singivumela ukuthi ngiqinisekise lokho i-Orange eyayizokusebenzisa kunethiwekhi yami ngaphambi kokuba noma iyiphi ithrafikhi igeleze kuyo. Imizuzu emine ukusuka ebhokisini ukuya ku-firewall esebenzayo iyashesha kunalokho okuphethwe amarutha amaningi, futhi i-Orange ayidingi iselekeleli sokusetha esisekelwe kusiphequluli noma uhlelo lokusebenza lwedeskithophu ukuze ifike lapho.
Ukubamba okukodwa kuvele ngemva nje kokuqedwa kokusetha. I-iPhone yami icuphe isexwayiso esithi “MAC Randomization Detected”, ngoba i-iOS izungezisa amakheli e-Wi-Fi MAC ngokuzenzakalelayo ukuze kuyimfihlo. I-Firewalla ilandelela amadivayisi ngekheli le-MAC, ngakho ngaso sonke isikhathi lapho idivayisi iphinda ixhuma ngekheli elingahleliwe, ivela njengomshini omusha ongaziwa. Uhlelo lokusebenza lunikeza isixhumanisi esithi “Indlela yokuvala”, kodwa ukulandela imiyalelo ye-Apple yokukhubaza Ikheli Langasese le-Wi-Fi lenethiwekhi ye-Firewalla kusho ukwenza buthaka ngokuzithandela isici sobumfihlo se-iOS ukuze wenze uhlelo lwakho lokuvikela lusebenze kahle. Lokho kungqubuzana kuphinda kuwo wonke amadivaysi e-Apple, zonke izingcingo ze-Android ezine-MAC randomization enikwe amandla, yonke ikhompyutha ephathekayo eqaphela ubumfihlo. Akuyona i-showstopper, kodwa yomkhiqizo owakhiwe eduze kwezimiso ze-zero-trust, ukucela abasebenzisi ukuthi behlise ubumfihlo bedivayisi ukuze bathole ukulandelela okunembile kwedivayisi kuzwakala njengokuphikisana kwefilosofi i-firmware okufanele ekugcineni ikuxazulule ngokusebenzisa izigxivizo zeminwe noma ezinye izindlela zokuhlonza.
Ukusebenza Kwezintambo ku-2 Gbps Fiber
Ixhumeke ngqo kulayini wami wefayibha we-2 Gbps nge-Cat6e ne-QoS ikhutshaziwe, i-Orange idonse u-1,720 Mbps phansi kanye no-1,380 Mbps phezulu. Lezo zinombolo zisondele ngokwanele ku-Unifi Gateway Fiber yami kangangokuthi i-Orange ibinganyakazi ngendlela enenjongo ekuxhumekeni kwentambo. I-Firewalla ithi “okukhulu kuno-2 Gbps” ukucutshungulwa kwephakethe kusuka ku-4-core 64-bit ARM CPU, futhi ngenkathi uhlelo lwami lwe-ISP lungagcwalisi ngokuphelele lolo silingi, umphumela wokulanda ongu-1,720 Mbps uphakamisa ukuthi i-Hardware ingaphusha ithrafikhi ngesivinini i-spec sheet ethembisayo ngaphandle kokuba ibhodlela.
Ukusebenza kwe-Wi-Fi 7 kuxoxe indaba ehlukile, nakuba kungeyona into edumazayo. Njengoba i-Orange ifakwe ekhabetheni cishe ngamafithi angu-26 kuya kwangu-33 ukusuka kufoni yami (ingxenye eyodwa yodonga olumisiwe phakathi kwethu), ithuluzi elakhelwe ngaphakathi Lokuhlola i-Wi-Fi libike ukulanda okungu-183.5 Mbps. Lokho kuyahlonipheka ngohlelo lokuhamba olunothi olulodwa olusakaza odongeni, kodwa kwenza kucace ukuthi irediyo ye-Orange engenantambo iyisici esiwusizo, hhayi ukumiselela indawo yokufinyelela ezinikele noma isistimu ye-mesh. I-Wi-Fi yomzila wakho wasekhaya cishe izoshesha nakanjani. I-Orange’s Wi-Fi ikhona ukuze ukwazi ukudala inethiwekhi evikelwe noma yikuphi, okuhlanganisa nezindawo lapho kungenakho nhlobo ukufinyelela kwe-Ethernet, futhi ngaleyo sisekelo isebenza kahle ngokwanele ukusakaza ividiyo ye-4K, ukwenza amakholi wevidiyo, nokuphequlula ngaphandle kokubambezeleka okubonakalayo.
I-Peninsula Tokyo: Ukuhlolwa Kwangempela
I-Wi-Fi Yehhotela ilapho i-Firewalla Orange iyeka ukuba igajethi ethakazelisayo futhi iba ithuluzi elizuza inani layo. Ngixhume i-Orange emandleni e-USB-C egumbini lami lasehhotela, ngavula uhlelo lokusebenza, ngathinta okuthi “Setha uxhumano olungenantambo?” ngokushesha, futhi yakhetha inethiwekhi yezihambeli ze-Peninsula ohlwini lwama-SSID atholiwe. Ingosi yokuthunjwa yehhotela ilayishwe ngaphakathi kohlelo lokusebenza lwe-Firewalla ngokwalo, ngafaka imininingwane yegumbi lami, futhi i-Orange yayiku-inthanethi.
Kusukela ngaleso sikhathi, yonke idivayisi engiyixhume kunethiwekhi ye-Wi-Fi ye-Orange yayihlezi ngemuva kwe-firewall egcwele, i-IPS, nesivimbeli sesikhangiso esikhundleni sokulenga inqunu ku-subnet eyabelwe yehhotela. Ukuhlolwa kwesivinini nge-Orange kubonise u-151 Mbps phansi no-76 Mbps phezulu, okudlule ngempela engangikulindele kusukela ekuxhumekeni kwehhotela okuphindwe kabili ngedivayisi yomlamuli elingana nephakethe. Okuhlangenwe nakho kwazizwa kungenakuhlukaniswa noxhumano oluvamile lwe-Wi-Fi, lusanda kuhlunga ngesitaki sokuvikeleka inethiwekhi yehhotela ebingenakho ngokuphelele.
Ngiphinde ngalungiselela iklayenti le-WireGuard VPN ukuthi lidlule kuseva ye-VPN yenkampani yethu, ngayisebenzisa kumadivayisi amabili, futhi ngaqinisekisa ukuxhumana okuzinzile. Kunoma ubani odinga ukufinyelela kumasevisi akhiywe esifundeni noma umzila wethrafikhi ebucayi yomsebenzi ngokusebenzisa indawo yokugcina ethembekile ngenkathi uphesheya, ukusethwa kweklayenti le-VPN kuthatha cishe imizuzu emibili futhi kunamathele phakathi kokuqalisa kabusha. Ihlola ideshibhodi ngemva kosuku lokusetshenziswa, i-Orange yayicubungule ukugeleza okungu-56 futhi yavimba okungu-15 kwakho (isilinganiso sokuvimba esingu-26.8%) phakathi kwemithetho yokuvinjwa kwezikhangiso ne-Active Protect. Lezo zixhumanisi ezivinjiwe zazihlanganisa izizinda zokulandelela kanye namanethiwekhi ezikhangiso abezosebenza buthule ngemuva ekuxhumekeni kwehhotela okungavikelwe.
Uhlelo lokusebenza lenza okuningi, kodwa lubuza okuningi futhi
Uhlelo lokusebenza lwe-iOS lwe-Firewalla lupakisha inani elingajwayelekile lokulawula kumkhiqizo wenethiwekhi yabathengi. Ngalé kwedeshibhodi eyinhloko (ebonisa ukugeleza, ukuxhumana okuvinjiwe, negrafu yethrafikhi yezinsuku ezingu-30), ungakwazi ukungena ekuqaphelweni kwedivayisi ngayinye ngedatha yokuphuma bukhoma, ulungiselele idivayisi ngayinye noma izilawuli zenethiwekhi ezibanzi ze-inthanethi, Amageyimu, Okomphakathi, Ividiyo, kanye nokuvinjwa Kwezithombe Zocansi, uguqule ukusetshenziswa kokusesha okuphephile, usethe imodi ye-DNS yomndeni. Isikrini seKlayenti le-VPN sisekela i-OpenVPN, i-WireGuard, nokuxhumeka kwe-AnyConnect ngezinqubomgomo zomzila zedivayisi ngayinye.
I-Active Protect isebenza ngemodi Yenjini Eyodwa ethola ukusongelwa kwe-IPS/IDS, futhi uguquko oluhlukile lwe-Firewalla AI lunika amandla ukuhlaziya okufundwayo ngomshini kwama-alamu, izizinda ezingaziwa, nokuhlonza idivayisi.
Ukujula kuyamangaza uma usuyazi ukuthi imithetho ye-IPS ne-DNS-over-HTTPS isho ukuthini. Uhlelo lokusebenza alukubambi isandla sakho ngalezi zici, noma. Ukuvinjwa kwezikhangiso kwemodi eqinile, ngokwesibonelo, kuzophula amawebhusayithi athile nezinhlelo zokusebenza ezincike ezizindeni zesikhangiso somuntu wokuqala ukuze zisebenze. Uhlelo lokusebenza likutshela ukuthi “Kungase kuthathe amaminithi ambalwa ukuze kusebenze kumadivayisi akho, kuye ngezilungiselelo ze-TTL zeseva yakho ye-DNS,” okunembile kodwa okucabangela ukuthi uyazi ukuthi i-TTL kanye ne-DNS caching isho ukuthini. I-Firewalla ibeke i-Orange njengomkhiqizo wezingcweti zamaselula eziqaphela ukuvikeleka, futhi ukuminyana kolwazi lohlelo lokusebenza kubonisa lezo zithameli eziqondiwe. Umsebenzisi wobuchwepheshe obuncane angasebenzisa okumisiwe futhi azuze ngokushesha ekuvinjweni kwezikhangiso nasekuvikeleni izinsongo, kodwa ukwenza ngendlela oyifisayo isethi yesici kudinga ulwazi lwenethiwekhi oludlula lokho okufunwa amarutha amaningi wabathengi.
Ingabe kufanele uphathe i-firewall esikhwameni sakho?
I-Firewalla Orange ibiza u-$339 ngaphandle kwezimali ezikhokhwa nyanga zonke, okuyibeka kubakaki senani elixakile. Ibiza kakhulu kunerutha yekhwalithi yokuvakasha efana ne-GL.iNet Beryl AX ($80) kodwa inamandla amancane njengedivayisi ye-Wi-Fi ehlanzekile. Kushibhe kakhulu kunokuthenga i-firewall yasekhaya ezinikele kanye nerutha yokuvakasha ehlukile, futhi imodeli yokubhalisa enguziro isho ukuthi izindleko eziphelele zobunikazi zihlala ziphansi ngemva kokuthenga.
Okuthatha indawo ye-Orange ukufakwa ebucayini okungapheli kokuxhuma kumanethiwekhi ongawalawuli. Yonke indawo yokuphumula yesikhumulo sezindiza, yonke indawo yokwamukela izivakashi ehhotela, yonke indawo osebenza kuyo inethiwekhi ye-Wi-Fi isebenza ngokuthembana ongeke ukuqinisekise. I-Orange iqeda lokho kungaqiniseki cishe emizuzwini emi-2 yesikhathi sokusetha endaweni entsha ngayinye: xhuma amandla e-USB-C, joyina i-Wi-Fi yasendaweni ngohlelo lokusebenza, futhi amadivayisi akho ahlala ngemuva kwe-firewall yangempela ene-IPS, ukuvinjwa kwezikhangiso, kanye nemizila ye-VPN oyikhethayo.
Ukusebenza okunezintambo kokungu-1,720 Mbps phansi kufakazela ukuthi kungasebenza futhi njengesicishamlilo esikwaziyo sasekhaya kunoma ubani oxhumeke kwi-multi-gigabit, nakuba ukukhawulelwa kwezimbobo ezimbili kanye nobubanzi obuncane be-Wi-Fi (183.5 Mbps odongeni olulodwa ezinyaweni ezingu-30) kusho ukuthi ayizami ukufaka esikhundleni sokusethwa kwerutha yasekhaya egcwele. Izama ukuba isendlalelo sokuvikeleka osingezayo ngaphambi kwesinye. Ukungqubuzana kwe-MAC okungahleliwe kudinga ukunakwa kusibuyekezo se-firmware esizayo, ngoba ukucela abasebenzisi abaqaphela ubumfihlo ukuthi benze buthaka ubumfihlo bedivayisi ukuze basebenzise umkhiqizo wokuvikela kudala uhlobo lwe-tradeoff i-Orange eyayiklanyelwe ukuqeda. Ngo-$339, i-Firewalla ibheja ukuthi abantu abaqondayo ukuthi kungani i-Wi-Fi yehhotela iyingozi bangabantu abafanayo abazimisele ukupakisha elinye ibhokisi elincane endaweni yabo. Ngokusekelwe evikini lami phakathi kokuhlolwa kwekhaya negumbi lehhotela lase-Tokyo, lokho kubheja kuyakhokha.
Isampula yalokhu kubuyekezwa inikezwe i-Firewalla. I-Firewalla ayizange ibe nezwi lokugcina ekubuyekezweni futhi ayizange ibuke kuqala isibuyekezo ngaphambi kokuthi ishicilelwe.
Uyakuthanda okuqukethwe kwethu?
bhalisela ephephandabeni lethu namuhla.
Azikho izikhangiso, azikho ugaxekile, izixhumanisi eziya ezihlokweni zethu zakamuva!
