NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Data Blackmail via Router Function?
I'm considering purchasing a NetGear AX5400 router, or maybe a similar model, but I have a question.
My current router is an ASUS unit that is comparable in technology to the AX5400. My home network has about 20 devices that connect. Security cameras, tablets, PC's, laptops, etc. I'm very careful when it comes to certain security issues and one of the things I have done is to block my security cameras from communicating outside my own network. They have no access to the WAN per a setting in the ASUS router.
Now I have a child who is accessing the internet and I want to set up some additional controls. The ASUS router has the controls (features) I want, but in order to use them, I have to check the box on a user agreement that allows the router to send my data to another company.. WTF???? In order to make full use of the router, ASUS wants to force me to allow Trend Micro or some name like that, to get my data. (see screenshot) NO WAY am I allowing that. I'm still trying to wrap my head around the fact that any company would pull this type of thing..
My question: Does Netgear pull this same garbage? If I purchase the netgear router, will I be able to use all the features without giving up my data to another company?
Exactly. WiFi is a separate decision from the Firewall/router. Everything depends on the area that requires coverage and the number/type of WiFi devices involved.
Things get more complicated when the area is large enough to require some sort of mesh WiFi system.
10 Replies
This website forum won't seem to allow me to upload a screenshot PNG file.
If its that much of a concern, why not go the open source route? I use Opnsense for a home built router and then just use my netgear routers/mesh systems as access points for it. Opnsense gives you a lot more controls/blocking/features and isn't very expensive. I just used a cheap N150 PC of that jeff bezo's site that had dual multi-gig ports and a multigig switch. Works great. Plus i setup unbound on it for DNS resolving/adblocking
Oh.. That's interesting. Looks like I'm going to have to do some Opnsense research. Does Opnsense allow me to block specific websites to specific users? In other words, can I block my child from accessing a specific website?
To date, from my ignorant perspective, a firewall/router has just been a box I plug into my modem that I can configure to manage my network. Block camera's from accessing the WAN, assign static IP's and give them labels, etc. I've never employed an entirely different PC to act as a firewall.. although I suspect the boxes I've been using are essentially just that.
Can blocking websites be done at the router/firewall? How does that work with HTTPS? Or is this something that has to be done within the specific PC itself?
I've never employed an entirely different PC to act as a firewall.
There are a lot of inexpensive small form factor PCs that will work. ServeTheHome has done extensive reviews (both videos on youtube and written versions on their website). These include both new and older used platforms.
There is a learning curve here, and if you haven't worked with an enterprise-grade firewall before, it will take a while.
Can blocking websites be done at the router/firewall?
Certainly. But one puzzle here is figuring whether a website is safe for children or not. Router vendors use a third-party cloud service because they really don't want to invest the resources needed to create the needed database and keep it up to date.
Opnsense does have some built-in tools for this that only run on premise. But I think some of the tools will share some info with a cloud service, so you'd want to be careful to research the ones you want to use (particularly ones that are not enabled by default).
Note there are almost always parental controls that you can set up on your child's device(s). You normally should be using those as well, particularly for devices that are portable.
How do you folks handle wifi with the opnsense setup? These mini pc's don't seem to come with wifi, and even if they did, I'm not sure it would be adequate.
The only two options I can come up with are either 1) A wifi antenna like a TP link unit that is hardwired back to whatever switch is on the network, or 2) A regular wifi router in access-point mode.
Any other solutions to consider?
2) A regular wifi router in access-point mode.
Generally folks with these firewalls are using access points (or routers in AP mode).
Exactly. WiFi is a separate decision from the Firewall/router. Everything depends on the area that requires coverage and the number/type of WiFi devices involved.
Things get more complicated when the area is large enough to require some sort of mesh WiFi system.
Now I have a child who is accessing the internet and I want to set up some additional controls.
I ran across this today - it could be part of your overall solution
Bascially you set the DNS server on firewall to 1.1.1.3 instead of cloudflare's usual 1.1.1.1. That will not resolve any IP addresses for sites that offer malware or adult content, so they will be unreachable. That would a safety net to your opnsense firewall.
