Great Product But... Ideas for more robust security opportunities & 1 more observation!

(Model in form is not listed - see first sentence) I recently purchased an AX4200 (RBK753S) with the RBR750 router and two satellites with tri-band Mesh WiFI 6 that I for use in the U.S.A., device was purchased at Costco.  I am running firmware version V3.2.16.22_1.4.9 on the router and there appears not to be newer firmware for the router or the satellites per the online check (nor in the app).

First off, I am loving the setup, it works fantastically fast with my 1Gb download speeds.  In addition to personal electronic devices in the home we have a smart home with ~80 home devices attached to the system, most via Wi-Fi.  There is no lag on Cat6 or wireless connections.

I have observed an issue when connecting ethernet to the Orbi router ethernet output directly next (on the right) to the "Yellow" "Internet" port. When I connect my Netgear 25-port Gigabit switch to that which connects the Cat6 to all our wall jacks, the Orbi fails to recognize the internet and reports that the unit is "Offline" in the app, in the web interface, and connected devices cannot connect to the internet.  When I connect to the second or third (from left) "Ethernet" ports the system has no problems.  The tertiary port is not well documented and has caused some setup issues, which we have overcome.  I recommend documenting that users should NOT connect switches or other appliances to the far-left Ethernet port (directly to the right of the Yellow "Internet" port unless they are wanting to perform device level diagnostics or configuration on the Orbi.

Additionally, I am a software and cyber security expert, holding several patents.  Consumer level cyber security needs are expanding.  My team and I currently maintain a dynamic blocklist of 3,568 (as of 1/25/2021) hostnames and domains for blocking adds, trackers, and other malicious sites.   In performing some advanced setup of my RBR750 I have attempted to load all 3,568 domains to the unit, along with other porn and adult content domains and ccDTLs for North Korea, Syria, Iran, Russia, and China.  In order to load these the interface requires me to enter each line item individually, no batch load of a CSV, XLS, or comma/ semicolon separated list exists.  Also, I found that there is a limit of only 255 unique entries.  I would like to respectfully recommend that the Netgear RBR750 or Orbi product line product manager consider removing the 255-item blacklist limit and adding 5Mb memory for blacklist storage capability AND a batch load capability for blacklists.  It might also be a good idea to add the ability to point the Orbi units at commercial and government managed blacklists.

Finally, I love that the Orbi can use OpenVPN to create a secure gateway to WAN for everything within the LAN.  That said, OpenVPN, while a decent option, is not the best solution for security conscious consumers.  I would like to request that you add support for another VPN provider, "Express VPN."  They can be found online at expressvpn.com (DISCLAIMER: I DO NOT WORK FOR EXPRESSVPN - but I think their products are outstanding).  Netgear and ExpressVPN will need to ensure that the interface if built will work with the Orbi Wi-Fi 6 MESH network standard.

That's it.  I want to keep the product but absent Netgear implementing these easy features, I will need to look at SonicWall or some other totally overblown SMB product.  Making these changes will effectively make the Orbi RBR750, or broader product line, the absolute best and most secure consumer grade router and Wi-Fi 6 mesh product available for the foreseeable future.  If your team has questions, please feel free to reach out.

I've shared these comments to your tech support under case ID: 44079185; however, I was told the only way I could get these comments to the appropriate product manager(s) was to put my comments into this online forum.  

Regards,

Luke Ribich