Question Asus router AiProtection and firewall- are they any good?

Please provide comments and solutions that are helpful to the author of this topic.

jetman

jetman

Level 10
Thread author
Verified
Well-known
Jun 6, 2017
476
I‘ve just bought a new Asus router. It has something which Asus call “AiProtection” and is apparently powered by Trend Micro. Among the list of features is an Intrusion Prevention System plus cloud based scanning of URL’s etc. According to Asus this will help to make my home network more secure. However, I am always cynical of marketing hype!

Does anyone know if this AiProtection is any good? Will it really make my home network more secure?

And how might the firewall built into the router compare to a dedicated hardware firewall such as Firewalla or Pfsense?

ASUS Network Security - AIProtection and Router Security | ASUS UK

ASUS Network Security / AIProtection offers free privacy protection, safe browsing, parental controls, built-in VPN & IoT security to secure your home network, devices and router. Included with every router.
www.asus.com www.asus.com
 
  • Like
Reactions: MindaugasJ, Nevi, Dave Russo and 3 others
I Walk MY Way

I Walk MY Way

Level 6
Verified
Well-known
May 27, 2013
284
Yes, they are good. I used to have one But after a couple of years of service, it pretty much died.
So I went looking for something with better protection And I discovered netgear. Asus routers are OK in general and the AiProtection Does offer a reasonably good protection However, it is not foolproof. You might want to consider Using Custom firmware On your router, It adds to the stability of the device And the protection. You can cheque this out Home | Asuswrt-Merlin But only if you are technically enabled.
 
  • Like
Reactions: Nevi, vtqhtr413, Dave Russo and 6 others
SumTingWong

SumTingWong

Level 28
Verified
Top Poster
Well-known
Apr 2, 2018
1,721
I have ASUS AX RT-55 WIFI 6 in mesh routers, and I turn off ASUS AI Protection and only use router's built in firewall. I simply don't trust trend micro privacy policy, AI protection slow down my internet speed from 500 to 430ish, and I find it doesn't protect me as much as software-based security and 3rd party DNS like NextDNS and Quad9. ASUS have no control over Trend Micro's privacy policy.

You can test it if you like it or not. Some people like it and some people don't.

"what can be seen by Trend Micro:

• Product information, such as MAC address, device ID
• Public IP address of the user’s gateway to the internet
• Mobile/PC environment
• Metadata from suspicious executable files
URLs, Domains and IP addresses of websites visited (which answers the question in the title of this article)
• Metadata of user/device managed by gateway Product
• Application behaviours
Personal information contained within email content or files to which Trend Micro is provided access
Behaviours of Product users
Information from suspicious email, including sender and receiver email address, and attachments
• Detected malicious file information
• Detected malicious network connection information
• Debug logs
• Network Architecture/Topology
• Screen capture of errors"
 
  • Like
Reactions: Nevi, vtqhtr413, Dave Russo and 3 others
P

poopdookie

Level 2
Feb 11, 2021
90
The protection is good, signature based. It has stopped log4j. It is good for notifying you of intrusions and blocking them. Phishing...it will block some of them. They will use your datapoints for their systems so take a look at their privacy policy. For free, it is great considering the notifications and trendmicros signatures/blocking is very good.
 
  • Like
Reactions: Nevi, Trident, vtqhtr413 and 5 others
jetman

jetman

Level 10
Thread author
Verified
Well-known
Jun 6, 2017
476
SumTingWong said:
I simply don't trust trend micro privacy policy,
Click to expand...

If you have a VPN installed locally on your PC / devices then presumably Trend Micro can't see the URL's you visit ?

IF I am correct about this, then privacy would be less of a concern. However, maybe it would also stop AiProtect from working?
 
  • Like
Reactions: vtqhtr413 and Dave Russo
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
From 2023:

malwaretips.com

Asus Router Access, information disclosure, Denial of Service Vulnerabilities discovered

Cisco Talos recently discovered three vulnerabilities in Asus router software. The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also supports mesh networking with other Asus routers. Like other routers, it is configurable via an HTTP server running on the...
malwaretips.com malwaretips.com

malwaretips.com

ASUS routers knocked offline worldwide by bad security update

ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity. The problem has been extensively reported on social media and discussion platforms since May 16, 2023, with people appearing...
malwaretips.com malwaretips.com

malwaretips.com

ASUS urges customers to patch critical router vulnerabilities

ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured. As the company explains, the newly released firmware contains fixes for...
malwaretips.com malwaretips.com

malwaretips.com

ASUS routers vulnerable to critical remote code execution flaws (patched)

Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed. These three WiFi routers are popular high-end models within the consumer networking...
malwaretips.com malwaretips.com

When patched no problem, but personal I would rather use another brand.
 
  • Like
  • HaHa
Reactions: Nevi, poopdookie, eonline and 5 others
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,737
The Asus routers have amazing wi-fi performance and AiProtection provides great blocking of malicious websites. The IPS also known as Tipping Point is so so, not Symantec level but does the job with common network attacks.

Trend Micro themselves run a zero day initiative.
www.zerodayinitiative.com

Home | Zero Day Initiative

www.zerodayinitiative.com www.zerodayinitiative.com

The list of signatures is here:

Network Content Inspection Rules - Threat Encyclopedia

www.trendmicro.com www.trendmicro.com
 
  • Like
  • Applause
  • +Reputation
Reactions: MindaugasJ, roger_m, Nevi and 5 others
P

poopdookie

Level 2
Feb 11, 2021
90
I forgot to add to use Merlins' firmware. Adds many features, cleans up some issues also. If you use the aiprotect with maybe a secure dns provider (like nextdns/Controld) you would have some nice coverage. It will quickly detect mining activity on the network and quarantine the device and warn you via email, webhook whatever. I have seen it notify me when someone visited with a compromised android mobile in the past. LAN performance hasn't really been slowed down (over 1gbe). WAN might be (I don't care much about this). It has blocked log4j vulnerability attacks within a day or so of that going public. I no longer use this, but was always impressed...esp for free. It got better at the end. But you know what they say, when the product is free...
 
Last edited:
  • Like
Reactions: Nevi, cryogent, simmerskool and 2 others
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,786
upnorth said:
From 2023:

malwaretips.com

Asus Router Access, information disclosure, Denial of Service Vulnerabilities discovered

Cisco Talos recently discovered three vulnerabilities in Asus router software. The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also supports mesh networking with other Asus routers. Like other routers, it is configurable via an HTTP server running on the...
malwaretips.com malwaretips.com

malwaretips.com

ASUS routers knocked offline worldwide by bad security update

ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity. The problem has been extensively reported on social media and discussion platforms since May 16, 2023, with people appearing...
malwaretips.com malwaretips.com

malwaretips.com

ASUS urges customers to patch critical router vulnerabilities

ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured. As the company explains, the newly released firmware contains fixes for...
malwaretips.com malwaretips.com

malwaretips.com

ASUS routers vulnerable to critical remote code execution flaws (patched)

Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed. These three WiFi routers are popular high-end models within the consumer networking...
malwaretips.com malwaretips.com

When patched no problem, but personal I would rather use another brand.
Click to expand...
Also I’d add most of these issue have to do with remote access features. Which, for most people, never need to be turned on. ASUS actually had a better track record than most consumer vendors for supporting their routers for extended periods. Part of that was in response to a lawsuit many many years ago. But if you look at companies like Netgear they stop patching much sooner and have vulnerabilities quite often as well.
 
  • Like
Reactions: Nevi, cryogent, simmerskool and 2 others
P

poopdookie

Level 2
Feb 11, 2021
90
blackice said:
Also I’d add most of these issue have to do with remote access features. Which, for most people, never need to be turned on. ASUS actually had a better track record than most consumer vendors for supporting their routers for extended periods. Part of that was in response to a lawsuit many many years ago. But if you look at companies like Netgear they stop patching much sooner and have vulnerabilities quite often as well.
Click to expand...
I stopped dealing with Netgear a while ago over their firmware support...plus they charge bla bla. At the time Asus routers had the best overall performance with coverage and speed. They haven't been perfect with the privacy lawsuit and bad security in the past, but I have been impressed over the last few years with their routers. Also super stable (as long as you stay away from usb3 :(
 
  • Like
Reactions: Nevi, cryogent, blackice and 2 others

Similar threads

H
    • Like
    • Wow
Netgear reveals the world’s first quad-band Wi-Fi 6E router
Replies
2
Views
1,441
Hardware Discussions
HarborFront
H
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
10,414
Other security for Windows, Mac, Linux
Warencom
W
Zorro
    • Like
    • +Reputation
Guide | How To How to protect the wi-fi router and home LAN.
Replies
26
Views
9,100
Guides - Privacy & Security Tips
HarborFront
H

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top