When the word IT is used, business comes immediately to mind but these days IT is needed in the home too. This isn’t a new notion. I have a book on my shelf, called Mommy, why is there a server in the house? It’s an adorable, narrated book explaining the features of Microsoft’s now defunct Home Server from 2011. Home Server had two major flaws. It was far too complex for the average homeowner and it was before its time. As it turns out, it was also all wrong.
A server isn’t what’s needed today. Today we IoT devices, SAAS apps and our data is stored in the cloud. Instead of a server and a couple of PCs making up a home network, today we have personal assistants, mobile phones, laptops, tablets, smart TV’s, gaming systems, doorbells, security cameras, baby monitors, audio systems, lighting, outlets, sprinkler systems and even appliances on our home networks and this network is largely unprotected.
My household is made up of two adults. When I put my IT hat on and look earnestly at my own home network, I realize that its actually more complex that any two-person business I’ve ever encountered. I have protected it for years with a standard issue business firewall, but I no longer believe that this is the right thing to do, so for the last few years I’ve been investigating what ‘s available to protect the home network.
For the most part my investigation has found that home network protection generally centers around anti-virus software for your computer, maybe backup of your security system video footage and the always unconfigured firewall built into the ISP’s router. Some vendors will point you to their small business firewall. That’s about it. Many of these IoT devices are invisible to the traditional firewall. They might see the traffic, but they really aren’t designed to manage the odd protocols, non-IP addressed traffic and filter the incoming hits that these targets are attracting.
A tiny handful of vendors seem to be on a different track. BitDefender has a product called Box. The subscription includes their Total Security locally installed product, parental controls and machine learning IDS and IPS protection with a focus on IoT devices. I ran one of them on my local network. It did a good job, but I wanted more. (note: BitDefender’s website says that it is sold out.) My research then turned up, Firewalla. Firewalla isn’t as simple to deploy but still can be done with ease. Its focus is also IoT devices and was designed by a Cisco engineer who had his baby monitor hacked. Traditional firewalls just aren’t built for securing IoT. IoT is the dominate device type in homes, so he went to work creating something to protect his home. Firewalla has parental controls, region blocks, DNS over HTTPS, machine learning IDS and IPS, device grouping, privacy VPN, ad blocking, built-in and configurable policies and more. They even make a model that lets you deploy Docker containers on it to add functionality. It’s a real old-geek piece of kit yet simple enough for a home user to manage. I’m running one of these now, but a newer model is temping me.
So, I’m curious, how are you protecting your home network?
All we do is support IT professionals. Help for IT Pros, Super Secret News, Security community, MSP Legislation community, Kits, papers, MSP training and more. https://www.thirdtier.net
2 thoughts on “Identifying home security needs”
Hello Amy https://www.thirdtier.net/2021/04/13/identifying-home-security-needs/
You and others* have written articles relating to senders preventing forwarding by recipients.
This has happened to me recently when signing up for a new website that requires address verification.
I have a mail account at a domain with a great ‘address’: email@example.com
They use Zimbra as their MTA .
I now prefer to use gMail as my desktop interface, so most mail is forwarded to a personal account (not paid edu, etc)
Can you identify what codes are in the mail header which prevents the forwarding ?
I’d like my ISP not to discard such mail, but leave it in my mailbox there.
Thought about trying to find & read IETF RFCs or experimenting with some test mailings to myself, but thought you might have some pointers !
Thanks in advance.
In the case of Exchange, its a transport rule and not anything in the header that prevent forwarding. This could also be the case for your situation. Autoforwarding is common trick that criminals use to gather your email for later impersonation. We do have an occasional reason to make an exception to the rule. Since with Microsoft 365 we control the rules, we are able to do that. I’m not sure if Zimbra or West.net provides you with that level of control. That is going to be where you need to inquire about getting an exception applied.