It's a home router. If you need business class features such as 2FA or advanced security, you should shop for a business class product, and be prepared to pay accordingly.
I understand that RMerlin and I really appreciate the work that you and ASUS have done.
Especially the DNS over TLS feature that you have built is fantastic for a home router, even the enterprise products hardly support it yet.
In combination with Cloudflare and Quad9 malware filtered DNS traffic, I feel much safer with my home network now.
This also goes for the the option to enforce DNS over HTTPS traffic from clients to use the router set DNS options. This is great for security to rule out malware using its own DNS over HTTPS server.
Just I think it would be a good thing and not too difficult for ASUS to have a webpage that would show the most recent version for the Trend Micro signature, so we could verify easily that we are up to date with our routers and not have to guess. Now I can only come here and ask you guys if I am up to date or do I perhaps have malware also as you made other people aware of in another post.
Further something like a security analyzer is already built in in ASUS routers. So it should be a small step for them to have it scheduled and add the signature update check as part of it and be able to sent an email with issues. Also 2FA is nowadays mainstream and home products such as for instance QNAP NAS support this for some time now. So I do not think this would be unrealistic for ASUS to start implementing that as well. The infrastructure for it on the internet is freely available for a long time now with providers as Microsoft and Google Authenticator.
I am not saying in anyway that a very busy guy like you should do more.
We all are very lucky that you as an IT pro, with I guess, your demanding fulltime job and perhaps also a family, puts so much effort and time into improving the ASUS firmware in the spare time that you have.
Just I wish that a company such as ASUS, which is on the forefront of IT consumer products, could close the gap a bit more in the router / firewall business. Especially since in my eye they deliver the most advanced products and features other than the enterprise producers and are therefore the best candidate to do so in this category.
If they did, they could gain a lot from it also, by tapping into the market for SME and SOHO and IT enthusiasts such as Draytek, which I have owned in the past as well, and Ubiquiti. Their products already lack a lot of hardware specs and software features in their recent products that ASUS does provide for already. The specs that ASUS lacks in relation to that market are as far as I know mostly software related.
I think that a lot of us are waiting for features such as the ones that I have pointed out above.
But anyway I understand your point that I would have to switch to a true enterprise product if I would require true SSL inspection or MTR / SOCaas. That would certainly be unrealistic in the consumer and SME market as that would require very different hardware specs and a much bigger development team as well as a complete cybersecurity infrastructure and staff with it. It is just something that I am also looking at but am not willing to pay for, at least not yet.
This does not mean I am not so serious about Cybersecurity at home. I have done just about anything that I could do within a certain budget, but with a lot of time and effort and research.
I am very happy with the DNS part of your work for ASUS. Without you the product would be far less outstanding from its competition than it is.
It also shows that you yourself take cybersecurity very serious as well.
I hope my point is clear now.
Keep up the great work in all of your different roles.
I deeply respect people like you.
Kind regards,
Roger
www.avanet.com
routersecurity.org
