ThingzFirewall User Manual

1. Overview of ThingzFirewall Box

The ThingzFirewall Box has the following items

  • A power connector  to – connect the ThingzFirewall Lite to the DC power adapter.
  • A LAN (Local Area Network) cable to connect the ThingzFirewall device with Internet Service Provider (ISP) router or modem.

ThingzFirewall displays its status in different colours with the help of a front mounted LED. These LED have the following representations:

  1. Red Light: ThingzFirewall is connected to the power supply correctly.
  2. Yellow Light: ThingzFirewall is working as a client under DHCP mode.
  3. Blue Light: ThingzFirewall is working as a WiFi access point in Router.

1.1 Overview of ThingzFirewall Box

ThingzFirewall supports the following connection modes:

  1. WiFi Mode: In this case, you connect the ThingzFirewall Lite with your home router provided by your ISP. The User will connect the device with ThingzFirewall Lite WiFi.  Firewall will work as a DHCP client of your router but monitor all the traffic coming in or going out of your router.
  2. DHCP Mode: This is the most secure connectivity mode that offers routing functionality along with the security. Your home router will become a client and its DHCP mode will be disabled to enable connectivity of all the home devices to ThingzFirewall. Home devices can connect to the Wi-Fi access point “ThingzFirewall”. Please follow the instructions in the setup manual to configure this mode.

2. ThingzFirewall Application Features

ThingzFirewall dashboard will be accessible after the successful completion of the configuration steps. The application will notify you on the occurrence of the network events of your interest. The dashboard of the application is divided into five parts: Internet usage, network monitoring overview, system usage, network monitoring and network security.

2.1 Login

2.2 Internet Usage

You can view the internet volume usage insights of the smart home network within the time frame of 24 hours i.e.

  • Total Number of MBs consumed
  • Total Number of MBs consumed while downloading
  • Total Number of MBs consumed while uploading

2.3 Network Monitoring Overview

2.3.1 Notifications

Under the notifications section, ThingzFirewall provides the usage insights of this solution to gain a better understanding of the network activities going on.

  1. Firstly, it provides the information about the devices currently connected to the network:
  • Device Name
  • Device Connection Time
  • Device Connection Date
  • Device IP Address
  1. Secondly, it provides a track record of the  timestamps when ThingzFirewall was turned ON :
  • ThingzFirewall turn ON time
  • ThingzFirewall turn ON Date
2.3.2 Devices

Under the Devices section, ThingzFirewall provides the connected devices information. It gives an overview of the device and quick control panel to monitor and control the following attributes of the listed devices:

  1. Name: Displays the name of the device. The user can also change the device name by editing it.
  2. MAC Address: Displays the MAC address of the device.
  3. IP: Displays the IP address of the device connected.
  4. Type: Displays the type of the device i.e., IoT device, Laptop or Mobile Phone. The user can also change the device type by selecting from the dropdown menu.
  5. Private Device: By enabling “Private Device” mode, the device’s log information gets private which means the information would not be displayed. Communication history, Device profiling and Children behaviour would be disabled of that specific device in private mode.
  6. Communication History: Displays all the communication history of the device.
  7. Internet Blocking: By enabling the internet would be blocked from a device by assigning the duration, day and date.
  8. Controls (AdBlock, Safe Search, Adult): From the controls, user can enable or disable AdBlock, Safe Search, Adult on a specific device.
2.3.3 Threats

Under the Threats section, ThingzFirewall provides the following connected devices information. The following  information can be accessed via device profiling:

  1. Type of violation such as communication profile violation by V2024
  2. Threat conduction IP addresses (source address and destination address)
  3. Time of  threat detection
  4. Date of threat detection

2.4 System Usage

The following statistics will be displayed for each of the connected devices:

  1. CPU usage
  2. RAM usage
  3. DISK usage
  4. Temperature of the system

2.5 Network Monitoring

The Network Monitoring section helps you to monitor and control a number of parameters such as the following.

2.3.3 Threats

The goal of ThingzFirewall is to make managing different activities in your network easier to control and monitor. Under the children behavior tab, you can easily monitor what your children are doing on their Internet connected devices. It helps to protect the children from cyber bullying, online predators and other harmful or adult content related social media applications. ThingzFirewall gives you statistics about their activities and interests.

The device specific features included in ThingzFirewall Children Behavior monitoring are:

  • Device Name
  • MAC Address
  • IP Address
  • Access to Cartoons Sites
  • Access to Videos Sites
  • Device Access to Social Media
  • Access to Business sites
  • Access to Adult Content Sites
  • Access to Gaming Sites
  • Access to Gambling Sites
  • Access to News Sites
  • Access to Science Sites
  • Access to Shopping Sites
  • Access to Sports Sites
  • Access to Travel Sites
2.5.1.1 Children Behavior Logs

All the information of the connected devices are shown in the ThingzFirewall application in a more detailed way. This module is present in Children Behaviour named as Children Behaviour Logs. In Children Behaviour devices’ communication history was categorized in 12 different categories and the information was shown statistically which means how many percent specific category websites are accessed by the connected user/device. With this information, Children Behaviour Logs shows category wise detailed information which contains link of websites accessed by the user/device as well as the number of times that specific website is accessed by the user. In this way, children’s behavior can be monitored in depth. Children behavior logs displays the following information:

  • URL of the website accessed
  • Count of how many times a websites is accessed
2.5.3 Adult

ThingzFirewall Adult feature allows you to block access to adult websites and makes you able to lock inappropriate content on your children’s devices, and shield your kids from adult stuff.

  • To turn on this feature, just tap on the Adult button on the main page, then swipe the Adult button to turn it on.
2.5.4 Safe Search

Safe Search is a feature offered by ThingzFirewall that blocks offensive content from search engines and makes Internet search playgrounds safer for everyone. It filters out any inappropriate content such as adult content from our search results.
● To turn on this feature, just tap on the Safe Search button on the main page, then swipe the Safe Search button to turn it on.

2.5.5 Physical Topology

ThingzFirewall shows the physical topology of the home network under consideration. It shows the interconnected structure of a local area network (LAN). It gives the holistic view of the devices connected to the network. Physical Topology representation provides following information.

  • Physical topology network diagram showing the connected devices
  • Device Name
  • Device IP Address

2.6 Network Security

The set of elements that collectively impact the security of your network can be managed on the desired level of granularity such as:

2.6.1 Device Profile

ThingzFirewall helps to analyze a specific device behavior for a selected period of time. With the help of behavioral analysis of the device, the user will be able to see if the device shows any anomalous , unpredicted or unusual behavior within the selected timeframe. If the device shows any out of the bound behavior as compared to the normal device profile, then the Device Profile feature of ThingzFirewall app generates an alert.  Following are the steps to set the device profile of a specific device:

  1. Click the Device Profile button on the dashboard under the Network Security bar. The green dot against the device name demonstrates that this specific device profile is being set and being monitored.
  1. Device Profile is showing the devices which are present in the home network. To set the Device Profile of the device, click that specific device name on the application screen. As you can see the screen is showing “No Profile Found  Please add a profile and it will show here”.
  2. To set the device profile, click the red button on the bottom right corner.

4. Add Profile option will appear where you can set the start date and end date of the device profiling.

5. You can set the Start Date, Start Time, End Date and End Time of the device profile.

2.6.2 AI Threat Detection
  1. ThingzFirewall provides Artificial Intelligence based threat detection. Following facilities are provided by AI Detection. Notifications include the decisions that are pending from the user.

    • Blocked includes communication that is blocked by the user.
    • False alarm includes communication that is allowed by the user

    To turn on this feature, just tap on the AI Detection button on the main page, then swipe the AI Threat Detection button to turn it on.

2.6.3 Security Policies

ThingzFirewall app Lite allows users to set security policies for a specific device present in the home by restricting it from connecting specific domains, IP addresses and remote ports. This feature is very effective in controlling the Internet usage behavior of children or any other specific device. For each device, specific security policies can be defined which will not alter the security policies associated with other devices.  Following are the steps to set security policies.

    1. Click the security policies button under the network security bar. Then, click the red button present on the bottom right corner of the application screen for adding security policy for a specific device. It will give the options of : Block Target,  and Apply To.

2. Select Block Target and specify the domains, IP address and remote ports which should be blocked for a specific target device.

  • Domain: Specify source of malicious/unwanted domain that you want to block.
  • IP Address: Specify source of malicious/ unwanted communications IP address that you want to block.
  • Port: Specify source of unwanted port name that you want to block.

3. After setting the block targets, the user can select the specific device on which the user wants to implement these block targets. Users can also select “All devices” to apply the block target on every connected device. You will be able to view the list of network devices.

2.6.4 Open Ports
  1. Open ports are ports which are open for the world to communicate with your home devices. One should have as few as possible because of security considerations. ThingzFirewall allows us to control the opening of these ports. You can view the list of open ports for a specific device and can block the unwanted ports using the Security policies feature of ThingzFirewall.

    • Internal Ports: Internal ports are known for communication with internal home LAN requests to resources, listening to Web browsing, file browsing and outbound mail requests within the home network.
    • External Ports: External ports are known for communication between home network devices and devices outside the home network.

    Following are the steps to view external and internal ports for device communication.

    1. Click the open ports button under the network security bar.
    2. Open Ports application window will give you a list of devices present in the network for which you can view external and internal open ports.
    3. It also gives the information of Date and Time of open ports scanned for a particular device IP address.
2.6.4 Open Ports
  1. A Virtual Private Network, or VPN, is an encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely. ThingzFirewall provides the VPN facility. Following features are provided in VPN to facilitate users:

    • Public IP: Display public IP addresses used for VPN connection. User can change it by clicking the edit button.
    • Password: A random password for VPN profile is displayed in order to connect with the VPN. The password can be changed by just clicking the refresh button.
    • Configure Port Forwarding: Contains port forwarding steps so that the user can easily follow the steps and forward a port via router panel.

     

    To configure VPN, follow the following steps.

    1. Click VPN under the Network Security bar.
    2. Click the VPN Setup button for enabling VPN.
    3. For VPN Client: For Android , we use OpenVPN client which is open source and free.
    4. To install OpenVPN, click the option “Install OpenVPN Andriod App”
    5. VPN Client Setup: ThingzFirewall has provided a VPN profile to be used in OpenVPN applications. Users can download it by clicking the “Download VPN Profile” button.
2.6.4 Open Ports
  1. ThingzFirewall Antivirus support prevents and detects viruses from the devices connected to the ThingzFirewall network. It runs in the background to provide real-time protection against virus attacks. On detection ThingzFirewall notifies and blocks the virus content to get into the device.

    • To turn on this feature, just tap on the Antivirus button on the main page, then swipe the Antivirus button to turn it on
2.6.7 Anti-Phishing
  1. The ThingzFirewall also has support for phishing detection and prevention. If any connected device in the network attempts to perform a phishing attack or becomes a victim, the ThingzFirewall detects it, informs about the phishing domain and blocks it.

    • To turn on this feature, just tap on the Anti-Phishing button on the main page, then swipe the Anti-Phishing button to turn it on.

2.7 Settings

  1. ThingzFirewall default settings should work out of the box for most of the time, but sometimes you may want to tweak the settings to meet your own needs. Following are listed in the settings section.

    • Add New Device
    • Linked Devices
    • Firewall Modes
    • Update Device
    • Reset Password
    • Reset App Data
    • Wifi Settings
2.7.1 Add New Device

The logged-in user can add some other Thingzfirewall and view its dashboard. “Add new device” feature will help the user to add a new firewall as well as authenticate the user. In such a way, only the authorized user can get the access to the ThingzFirewall dashboard. In order to add a new device to the logged-in user, you have to go to the settings and

    • Click to the “Add New Device”
    • It will ask you for the QR code of your ThingzFirewall
    • Scan the QR code placed at back of your ThingzFirewall
2.7.2 Linked Device

The firewalls that are registered with the user’s login are kept in record. This is where our feature “Add New Device” would take place. This would display the number of Thingzfirewalls registered or linked with the existing logged-in user.

  • To view the linked devices, you just have to go to the settings and click “Linked Devices”.
2.7.3 Firewall Modes

ThingzFirewall supports the following connection modes:

 

WiFi Mode: In this case you connect the ThingzFirewall with your home router provided by your ISP. The User will connect the device with ThingzFirewall WiFi.  Firewall will work as a DHCP client of your router but monitor all the traffic coming in or going out of your router. By default ThingzFirewall is in “WiFi Mode”.

If you want to switch the ThingzFirewall from “DHCP Mode” to WiFi, you have to perform the following steps.

  1. First, enable dhcp from the router panel.
  2. Then go to setting and click “Firewall Modes”
  3. Here, you will find a toggle button swipe it to “Wifi”
  4. The ThingzFirewall will restart. On your ThingzFirewall device, you will see all three lights turned On. It would ensure that you are in “WiFi Mode”.
  5. Finally you can connect your mobile device with “ThingzEye” WiFi.

 

DHCP Mode: This is the most secure connectivity mode that offers routing functionality along with the security. Your home router will become a client and its DHCP mode will be disabled to enable connectivity of all the home devices to ThingzFirewall. Home devices can connect to the Wi-Fi access point “ThingzFirewall”.

If you want to switch the ThingzFirewall from “WiFi Mode” to “DHCP Mode”, you have to perform the following steps.

    1. First, go to setting and click “Firewall Modes”
    2. Here, you will find a toggle button swipe it to “DHCP”
    3. Once swiped, the ThingzFirewall will reboot in order to set its configuration from WiFi to DHCP Mode.
    4. On your ThingzFirewall device, when you will see all two lights turned On. It would ensure that you are in “DHCP Mode”.
    5. Now, you have to disable DHCP from your router panel and connect your device with the router’s SSID
    6. To ensure that your ThingzFirewall is in DHCP mode, the IP address of your connected devices would be in “ 192.168.10.* ” range.
2.7.4 Reset Password

In case the logged-in user wants to reset the Login ID password. He/she can reset the password very easily from the ThingzFirewall application. In order to reset the password, you need to perform the following steps,

  1. First, go to setting and click “Reset Password”
  2. It would ask for the “Current Password”, enter it.
  3. You will receive an email which would contain the new password for your login ID.
2.7.5 Reset App Data

This resets all the blocked rules and features applied to your network or devices. It would reset all the data of your ThingzFirewall including all the logs.

WARNING: It will delete all the rules, policies, profiles, logs etc.

To reset application data,

  1. Navigate to the settings and click “Reset App Data”
  2. It will display a warning message for you. If you want to reset it, just click the “Reset” button.
  3. ThingzFirewall will reset and then restart the firewall.
2.7.6 Wifi Settings

If you want to change the default ThingzFirewall WiFi settings, you can change them from the application as well. You just need to follow the following steps,

  1. Navigate to the settings and click “Wifi Settings”
  2. You would view the current settings i.e., WiFi Name and WiFi Password. There is an edit button at the very top right of the screen.
  3. Click the edit button. Enter the required information and click “Save”.