Can someone help explain to me what kind of routers or devices these are ? Are they like routers like Asus, Netgear, Linksys, etc make or something else? I can't figure it out. Are they worth the money? Also how would I go about setting it up? Would I still need my current Asus router?
Ubiquiti and Mikrotik
- Thread starter ng4ever
- Start date
Ubiquiti is a bit of a mess right now and is in the process of being re-invented since they brought in Chris B. from PfSense. Also their AP's generally suck except the UAP-AC-HD and UAP-AC-SHD series. Part of the problem with Ubiquiti is they outsourced everything but have been working to bring it inhouse. AP's up to the UAP-AC-HD series were cheap, bulk produced COMFAST junk from China, they have a high failure rate, but that's why they are cheap.
For Ubiquiti routers you can choose the EDGEROUTER line, which is just a typical policy based router capable of 1000/1000 wire speeds and high PPS. It's used by many fiber providers around the world. It won't provide much security beyond a normal router unless you know how to manage policies and even then, it's marginal in terms of protection over a normal consumer router. The USG line is a fake security gateway that just offers some basic policies and SPI firewall along with normal routing facilities and is only marginally better than a normal consumer router.
Mikrotik's I dislike and they've recently been revealed to have been backdoored by the NSA/CIA. Mikrotik played fast and loose with privs in their embedded system and allowed execution in the user space of the appliance. I see no reason to get involved with one.
For most 'slightly tech' or higher people, Untangle is probably the best bet. Easy to setup, and is a full Layer 7 UTM providing some very very nice protection. Virus Total checking on the gateway for inbound files, bit defender, clam, ZVelo web filtration, strong policy based control (called filters in Untangle). PfSense is good, but only a L3 enhanced firewall with optional protection modules. Fortinet if you can afford it and have the knowledge, they offer Layer-8 protection now, which is user cross device tracking from packet formation to packet closure. But you need to invest a bit of cash, and have the knowledge AND be prepared for the yearly fee.
As for consumer routers.. A lot of guys like ASUS for the AIProtection from Trend. But all of them are still just L3 devices at best with antiquated protections, so it relies on you properly locking it down and not expecting much more than a doorstop from it. Adding a filtering DNS resolver to it is about the best you can do in that area.
For Ubiquiti routers you can choose the EDGEROUTER line, which is just a typical policy based router capable of 1000/1000 wire speeds and high PPS. It's used by many fiber providers around the world. It won't provide much security beyond a normal router unless you know how to manage policies and even then, it's marginal in terms of protection over a normal consumer router. The USG line is a fake security gateway that just offers some basic policies and SPI firewall along with normal routing facilities and is only marginally better than a normal consumer router.
Mikrotik's I dislike and they've recently been revealed to have been backdoored by the NSA/CIA. Mikrotik played fast and loose with privs in their embedded system and allowed execution in the user space of the appliance. I see no reason to get involved with one.
For most 'slightly tech' or higher people, Untangle is probably the best bet. Easy to setup, and is a full Layer 7 UTM providing some very very nice protection. Virus Total checking on the gateway for inbound files, bit defender, clam, ZVelo web filtration, strong policy based control (called filters in Untangle). PfSense is good, but only a L3 enhanced firewall with optional protection modules. Fortinet if you can afford it and have the knowledge, they offer Layer-8 protection now, which is user cross device tracking from packet formation to packet closure. But you need to invest a bit of cash, and have the knowledge AND be prepared for the yearly fee.
As for consumer routers.. A lot of guys like ASUS for the AIProtection from Trend. But all of them are still just L3 devices at best with antiquated protections, so it relies on you properly locking it down and not expecting much more than a doorstop from it. Adding a filtering DNS resolver to it is about the best you can do in that area.
Upvote
0
Similar threads
