What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Bitdefender Box?

Wutikorn said:
I think Trend Micro in Asus router would work better. It uses DPI engine and also has malicious website blocking. I'm not sure about Bitdefender Box. I don't think it is as good as the one in Asus router as Bitdefender Box does not perform deep packet inspection(DPI) from https://www.security.nl/posting/409886/Anti-virusbedrijf+onthult+router+die+netwerkverkeer+scant (you can use google translate) while Asus router does, but I'm not sure whether Asus router perform this(https://www.asus.com/support/faq/1012070/) DPI engine on router while use online database or someway else. There is a function on Bitdefender Box that allow your phone to be protected even you are not in local network. Nonetheless, you can do that in Asus router as well, but u need to set up OpenVPN on your phone to connect to Asus router OpenVPN server which make it performs the same way as Bitdefender Box does. In addition, you can set OpenVPN on your laptop and other devices. All of Asus router's functions I mentioned above are all free when u have their products(Asus AC56U, AC68U, AC88U). If it works the same way as Bitdefender Box and u don't need to pay yearly for it, I think Asus Trend Micro is a better choice. Trend Micro and Bitdefender perform at pretty much the same protection performance based on AVTest results. https://www.av-test.org/en/award/2014/ DPI is like what u prefer: IDS/IPS
Click to expand...

With all due respect, my experience with Asus' products is that this is nowhere near sufficient. They are extremely powerful and capable devices for consumer products, but they are woefully unprepared to handle a symmetric 75/75 connection. WAN-WAN throughput is under 7Mbps in a best case scenario - single device, wireline connection, no wifi, no dhcp, no other services running. With my usual complement of devices connected, with WAN redundancy, the DDNS daemon and the OpenVPN server running, throughput is under 2Mbps. Moreover, there is no DPI protection, and IDS/IPS is limited to reporting port scans. In addition, it's pretty clear that AIProtect is unable to cope with the non-standard firmware - this is what it reports, for instance, on my Merlin-running router. I've never had WPS enabled, there's a strong, decidedly non-default password, and frankly some of the settings choices leave me confused.
 

Attachments

  • Screenshot 2015-11-19 23.09.25.png
    Screenshot 2015-11-19 23.09.25.png
    121.8 KB · Views: 624
vnangia said:
With all due respect, my experience with Asus' products is that this is nowhere near sufficient. They are extremely powerful and capable devices for consumer products, but they are woefully unprepared to handle a symmetric 75/75 connection. WAN-WAN throughput is under 7Mbps in a best case scenario - single device, wireline connection, no wifi, no dhcp, no other services running. With my usual complement of devices connected, with WAN redundancy, the DDNS daemon and the OpenVPN server running, throughput is under 2Mbps. Moreover, there is no DPI protection, and IDS/IPS is limited to reporting port scans. In addition, it's pretty clear that AIProtect is unable to cope with the non-standard firmware - this is what it reports, for instance, on my Merlin-running router. I've never had WPS enabled, there's a strong, decidedly non-default password, and frankly some of the settings choices leave me confused.
Click to expand...
Which router did u have that experience on? Where did u get information that it does not have DPI protection from? And how did u know that IDS/IPS is limited to reporting port scans? Which router do you have now? I have Asus AC68U, and it performs pretty good up to at least 30Mbps/10Mbps. Asus AC88U is advertised that it could handle up to 1800Mbps WAN-LAN speed which I do not really believe, but I should be okay with 75/75
 
Last edited:
Wutikorn said:
Which router did u have that experience on? Where did u get information that it does not have DPI protection from? And how did u know that IDS/IPS is limited to reporting port scans? Which router do you have now? I have Asus AC68U, and it performs pretty good up to at least 30Mbps/10Mbps. Asus AC88U is advertised that it could handle up to 1800Mbps WAN-LAN speed which I do not really believe, but I should be okay with 75/75
Click to expand...

Wutikorn, there is a huge difference between manufacturer speed and IMIX speed. The manufacturer speed can be pretty much anything a manufacturer wants to rate, and those are usually raw packets from one port to another with fixed routing. In fact, very often, this is a single 1500-byte or larger packet. IMIX is a combination of other commonly found packet sizes, including 40-byte, 576-byte and 1500-byte. Real-world tests, done by sites like this, show what is actually possible; go look at the router ranker to see what is the fastest device and read up on the methodology - you'll see that it's analysis in just pure routing mode, nothing more. Moreover, there is something known as line speed, which is the physical limit of how fast data can be transferred over the cable; 1800Mbps is not physically possible with a single 1000Mbps port.

Finally, all of these numbers are without any sort of inspection of the packet beyond (maybe) looking at the IP header. Packet inspection is enormously computationally and memory expensive: you have to in a tiny fraction of a second, look at a packet's TCP/UDP header and content inasmuch as is possible, compare it against millions of known badware, hundreds of thousands of heuristic patterns, hundreds of unusual communications between devices, and tens of rules specified by the user - all without causing the packet undue delay. There is no way that our little AC68U has that kind of computation capability compared to its unimpeded flow. That's why I'm telling you, my experience with my AC68U shows that it is capable of 2-3Mbps of inspected IMIX traffic, no matter what it says on the box. It's simply not possible that you're getting 30/10 with AIProtection on, unless you've switched AIProtection into SPI only mode, in which case, you have no IDS/IPS other than port scan reporting.

Want to see what a real 75/75 IMIX DPI-capable router looks like and prices like? Go see the Sonicwall TZ300 or a Cisco ASA5506.
 
vnangia said:
Wutikorn, there is a huge difference between manufacturer speed and IMIX speed. The manufacturer speed can be pretty much anything a manufacturer wants to rate, and those are usually raw packets from one port to another with fixed routing. In fact, very often, this is a single 1500-byte or larger packet. IMIX is a combination of other commonly found packet sizes, including 40-byte, 576-byte and 1500-byte. Real-world tests, done by sites like this, show what is actually possible; go look at the router ranker to see what is the fastest device and read up on the methodology - you'll see that it's analysis in just pure routing mode, nothing more. Moreover, there is something known as line speed, which is the physical limit of how fast data can be transferred over the cable; 1800Mbps is not physically possible with a single 1000Mbps port.

Finally, all of these numbers are without any sort of inspection of the packet beyond (maybe) looking at the IP header. Packet inspection is enormously computationally and memory expensive: you have to in a tiny fraction of a second, look at a packet's TCP/UDP header and content inasmuch as is possible, compare it against millions of known badware, hundreds of thousands of heuristic patterns, hundreds of unusual communications between devices, and tens of rules specified by the user - all without causing the packet undue delay. There is no way that our little AC68U has that kind of computation capability compared to its unimpeded flow. That's why I'm telling you, my experience with my AC68U shows that it is capable of 2-3Mbps of inspected IMIX traffic, no matter what it says on the box. It's simply not possible that you're getting 30/10 with AIProtection on, unless you've switched AIProtection into SPI only mode, in which case, you have no IDS/IPS other than port scan reporting.

Want to see what a real 75/75 IMIX DPI-capable router looks like and prices like? Go see the Sonicwall TZ300 or a Cisco ASA5506.
Click to expand...
So how do we test IMIX speed?
 
You must log in or register to reply here.

Similar threads

C
ZenWiFi XT9 blocks weather.gov
Replies
11
Views
404
bennor
B
P
Can’t forward new ports (just old ones)
Replies
4
Views
609
ColinTaylor
C
F
Looking for Wifi7 6Ghz option for specific VR use case..
Replies
1
Views
222
tgl
T
B
FYI: AM 386.12 on AC86u - how to decrease # of random reboots
Replies
4
Views
1K
Tech9
Tech9
bengalih
Bug with corrupted passwords in OpenVPN Server
Replies
14
Views
1K
gk802
G

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 686 (members: 24, guests: 662)
Back
Top