Privacy Tool Spotlight: Firewalla Purple and AP7
Routers are one of those things most people rarely think about until something goes wrong. Maybe your streaming keeps buffering during a movie. Maybe online gaming feels laggy. Or maybe it just sits there, quietly collecting dust until the next firmware update that may or may not come.
That is exactly where the trouble starts. Your router is the gateway to the internet, yet it often gets ignored and rarely updated. This makes it an easy target for attacks from the internet. A recent example comes from the UK’s National Cyber Security Centre bulletin: "APT28 exploit routers to enable DNS hijacking operations".
Many routers supplied by internet providers or the cheap models you find in stores have short firmware support periods. They simply do not offer the security features or everyday usefulness that modern homes need.
Better options exist, but they can feel overwhelming and require advanced networking knowledge. Tech enthusiasts might enjoy setting up pfSense on a Protectli Vault and fine-tuning every detail, but most family members who do not live and breathe technology would feel frustrated right from the start.
Fortunately, there is a practical middle-ground solution. It gives you much more than a basic $50 router without forcing you to earn a Cisco Certified Network Associate (CCNA) certificate. That solution is the Firewalla Purple. As the name suggests, it works primarily as a powerful firewall. When you pair it with Firewalla’s AP7 wireless access points, you get a complete, easy-to-use system that is perfect for the average household.
Firewalla Purple
Firewalla is on an important mission. As outlined on their LinkedIn profile, "Firewalla is dedicated to making accessible cybersecurity solutions that are simple, affordable, and powerful." We believe they are making great headway toward that goal.
We first came across the Firewalla Purple in 2024 while searching for an easy-to-use firewall for the office and travel. The tiny purple box measures just 9 x 6 x 3 cm and is powered by USB-C. We quickly discovered it does far more than basic firewall duties. It started as a simple app-controlled router and firewall. In the last two years, it has gained many new features, including the Managed Security Portal (MSP) web interface and an ever-growing collection of block list options.
The Firewalla Purple is compact enough to take on the road, yet powerful enough for home use. It gives you deep visibility into everything happening on your network. You can monitor connected devices, block ads and trackers, set up parental controls, create custom rules, and even run a VPN server or client. All of this is managed through a straightforward mobile app that most people can understand without technical expertise.
Firewalla Access Point 7 (AP7)
The real power comes when you add the Firewalla Access Point 7, or AP7. This is a modern Wi-Fi 7 access point designed to work seamlessly with the Firewalla Purple.
Wi-Fi 7 brings major upgrades that make a noticeable difference in everyday use. You get much faster speeds, lower latency, and far better performance when many devices are connected at once. This means smoother 4K and 8K streaming, more responsive online gaming, and quicker downloads even when the whole family is online. The AP7 uses tri-band technology (2.4 GHz, 5 GHz, and 6 GHz) with advanced features like Multi-Link Operation. Devices can connect across multiple bands simultaneously for greater reliability and speed.
It easily handles busy smart homes packed with streaming TVs, phones, tablets, laptops, and IoT gadgets without slowing down. You can create up to 10 separate Wi-Fi networks (SSIDs) for different purposes, such as one for guests, one for kids, and one for work devices, each with its own rules and security settings.
When Paired Together...
At this point you might be thinking, “OK, it is just an easy-to-use router paired with the latest Wi-Fi access points. What is the big deal?” On the surface that seems fair, but the combination offers some powerful features that most people overlook.
Most home networks use a flat setup where everything shares the same network: your work laptop, phones, game consoles, streaming devices, and smart home gadgets. While some routers now offer basic guest or IoT networks, this is still very limited segmentation. It is like living in a studio apartment where everything is in one open room, with only the bathroom behind a door. It works, but it is far from ideal.
The traditional way to improve this is by setting up virtual local area networks (VLANs) to separate devices and traffic. We have done this many times in both professional and personal setups, but it requires planning and a solid understanding of networking. For most regular users, that is simply too complicated.
Firewalla solved this problem with a much friendlier approach called Virtual Quarantine LAN, or VqLAN. This is their smart, proprietary way to do advanced network microsegmentation. It works like a traditional VLAN by isolating devices for better security, but it does so without forcing you to manage multiple SSIDs, different IP address ranges, or complex configurations. Everything stays simple while still delivering strong protection.
Let’s look at the solution in context.
Example Setup
Setting everything up is much easier than it sounds. We followed the official guides and had the system running quickly.
Start by downloading the free Firewalla app to your phone. Connect the Firewalla Purple to your internet connection (the cable from your modem or ISP) and plug in the USB-C power cable. Open the app, tap “Add New,” and scan the QR code on the bottom of the Purple box.
Once it connects, use the built-in Auto-Configuration Wizard. It walks you through a typical setup and turns on helpful features like Active Protect and default ad blocking right away.
Next, add one or more AP7 units by following the simple instructions in the AP7 Installation Guide. The app handles most of the work.
Now the fun part begins. You can start creating rules to block unwanted traffic. Firewalla uses two simple pieces: Target Lists and Rules. Their built-in lists are surprisingly powerful. For example, we created a rule that uses the “Newly Registered Domains” list to automatically block fresh malicious websites. Just pick the list, choose “Block,” apply it to all devices, and save. Everything is done with buttons and drop-down menus.
You can also create a VqLAN for better security. Make a new group called “IoT Devices,” select the smart plugs, cameras, or other gadgets you want to include, then turn on VqLAN and Device Isolation. That is it. Your IoT devices are now separated from your phones and computers without any complicated settings. You can learn more about groups and segmentation in Firewalla’s guide here.
This was a high-level overview of the setup process and features. We will dive deeper into specific features and advanced tips in future posts.
You Have Options
Basic routers from your internet provider or the store may get the job done for a while, but they often fall short on the security that today’s devices and threats require. At the same time, more advanced networking gear can feel intimidating and overly technical.
This is where the Firewalla Purple and AP7 shine. They sit right in the sweet spot: powerful protection that is still simple enough for regular families to use. You can set up new VqLAN groups on the fly, quickly add block lists to stop ads and trackers, create parental controls, or isolate smart home devices with just a few taps in the app.
If you are looking for better privacy, stronger security, and reliable performance without the usual headaches, the Firewalla Purple paired with AP7 is worth serious consideration as an upgrade for your home network.
Remember: We may not have anything to hide, but everything to protect.
