Administered by:
@SynAck@corteximplant.comListen up, kids - be aware that Netgear routers and such, even the high end ones like the Orbi 750 I just bought, do NOT come with a built-in firewall. You have to pay a yearly sub for their AppArmor service (which is BitDefender under the covers) unless you want to muck around with chaining a firewall device to protect your inbound network. [EDIT: Otherwise, your only protection is the standard NAT behavior.]
Nowhere in any of the documentation or product reviews (that I saw, at least) was I warned that the AppArmor sub was required if I wanted inbound firewall protection to my network.
Don't get soaked for more money like I just did, kids. Save yourself the frustration.
@SynAck I mean, it's still a NAT box right? So incoming connections are getting dropped unless you configure them to go somewhere just because the NAT can't do anything else
@SynAck Fortunately, many (although sadly not the exact one you mentioned) routers are supported by the OpenWRT project!
While maybe not the most user-friendly way to operate a router, it certainly guarantees that you won't get locked into a SaaS subscription for arbitrary features.
@zeyus@SynAck wow that is a scam... people shit all over unifi gear, I found out when I replied in a Reddit thread and got down voted, I've had it for almost 10 years now and it's still going strong, only had to replace one power supply for the firewall, no subscription required. I would like to upgrade at some point to > 1GBit infrastructure though (my NAS has 2x 2.5Gbit interfaces, and now there are fiber services offering >1Gbit as well)