Does enabling QuFirewall on home network make sense?

[Freeco]

When QuFirewall is running the disks in my TS453D no longer go in standby mode. The passed few months every time I passed by the NAS the disks were spinning.
When I stop QuFirewall the disks are regularly spun down, which is what I want.

So... on a home network, does it make sense to have QuFirewall on? My NAS is behind my ISP router, which also has an active FW.
I don't use port forwarding or uPNP, and I keep Download Station in stopped state when not used. When I use Download Station (which is not frequently), I then also start QuFirewall. I don't have any other tools on my NAS that connect to the internet.

Should be OK, I guess?

[dolbyman]

no need for QuFirewall when behind a NAT .. and the NAS should always be behind a NAT (so QuFirewall can be uninstalled and forgotten)

[Moogle Stiltzkin]

i use a pfsense firewall. the qufirewall i just enable though i don't rely need it, to limit access to other lan ips on network (though i've already setup vlans to separate iots from other devices so probly not rely needed either)

when i suspect an issue for access to qnap, these days i'd first suspect the qufirewall and disable to check if that resolves the issues. but the rule setting i have seems to work fine no issue.

if u don't use qufirewall, it reverts back to the previous network security settings for the QNAP to handle things like ip/blocking for failed attempts to login with credentials. This is the change if u opt to disable qufirewall.

if ur protecting ur home network from internet, rely on something solid like pfsense on a router for that *default settings for it is already good, though u need to change password and some minor setup as per youtube guides online.

even with qufirewall disabled, the reverted network security options in qnap still gives u the option to setup white/black listing for ips, if u want to restrict access on your lan. but since qufirewall works as well, i just use that. It's up to u which works best for u ^^


oo and don't expose your nas online. e.g. don't enable upnp on router, and nas (and anything for that matter). And don't port forward unless there is a good reason to do so

remote access to the nas over the internet should ideally be done via vpn which you configure a vpn server ideally on your router. But if you don't have remote access requirements then that's far easier, as long as u don't expose ur nas, and u update regularly enough, and maintain a clean network (u don't download malware and stuff), and you keep regular backups, then you should be fine


anyway there is already an indepth discussion for qufirewalls usefulness, u should check it out here
https://www.reddit.com/r/qnap/comments/ ... o_protect/

[jaysona]

When QuFirewall is running the disks in my TS453D no longer go in standby mode. The passed few months every time I passed by the NAS the disks were spinning.
When I stop QuFirewall the disks are regularly spun down, which is what I want.

There may be other services writing to logs besides QuFirewall, get a copy of IOtop to what other processes are writing to disk as well.

So... on a home network, does it make sense to have QuFirewall on? My NAS is behind my ISP router, which also has an active FW.

QuFirewall does not make sense in any enviuronment, it is just a p.o.s software that serves more use of providing a false sense of the warm and fuzzies vs providing any real security benefit at all.

As dolbyman stated, QuFirewall can be uninstalled and forgotten when a NAS is used in a home network environment - with the following caveats (you've donme that already, so good, this is for other readers): Disable UPnP on the NAS, disable UPnP on the Internet router, make sure tcp 8080 and tcp 443 are not forwarded to the NAS from the Internet router.

....
Should be OK, I guess?

Yes, should be more than okay,