I have a Hub 3 which works fine, which has a Firewall built-in BUT I am concerned about security, so questions:
a) how good is this firewall? Seems pretty basic ..
b) any advantage with having a hardware firewall appliance put between the Hub 3 and the rest of my wired home network? Like a Ubiqiti, Zyxell, Cisco, Partaker ..
I have a large and complicated setup; the Hub 3 goes to a Netgear 32 port box switch which then distributes wired 1Gb connections to various devices including 5 x Wifi boxes (I do not use the VM WiFi).
Personally. I use pfSense as my firewall. It is built on a AMD 5350 APU.
So gives me excellent FW functions where I can manage traffic in all directions, to/from LAN(s)/WAN with schedules, ability to invert (not) selections etc.
But also the added features I use
HA proxy enables me forward http(s) to devices. So with a DDNS pointed to the pfsense wan, set up your domain server to assign cname to the DDNS host and all your web servers can be internet exposed on port 80/443. Put a wildcard certificate on it or even use lets encrypt and you automatically apply ssl against your hosting.
VPN, allow road warrior so family can connect to home resources from phone/tablet whilst away as if part of the home network
VPN service provider. All my dhcp assigned device leave via nord. one connection/rule nothing needed on the devices.
Hurricane electric IPv6 tunnel. So I have a full routable IPv6 /64 network around the home.
Try any of these with a hub! no way
I used to manage 60+ Checkpoint FW-1, have also used Cisco PIX / ASA and Watchguard professionally. Netgear firewall appliances and smoothwall at home. But pfSense gave me the firewall features I needed plus a heck of a lot more.
it depends what you expect the firewall to do. Placing a firewall behind the Sh won't really matter unless you open a computer to the Internet using port forwarding of DMZ. no incoming traffic will pass the SH unless you forward ports