Jump to content
BANGKOK 22 March 2019 16:54
KhunHeineken

New cyber attack protection hardware product by Trend Micro.

Recommended Posts

I've been getting into  bit of home automation, with a lot of these devices that are connected to the internet, being unable to run any anti-virus software. 

 

I am using ethernet cable for as many devices as I can, but some are also connected via Wifi.

 

Trend Micro have a new hardware product that covers the whole network. 

 

I was just wondering what the members that know a lot more about computers and the internet than me may think of it. 

 

Is it a gimmick, or worth the money?

 

This is a link to the product.

 

https://www.trendmicro.com/en_us/forHome/products/homenetworksecurity.html

 

This is a Youtube explanation.

 

 

Any thoughts?

 

Share this post


Link to post
Share on other sites

Trendmicro Security is installed in AsusWRT routers. I would have to research some more to see if there are any feature differences. Most OpenSource router firmware has additional packages for security that are free at no additional cost. These include ad blockers and firewall add ons that also block sites that track you, malware and bad sites.  AsusWRT Merlin and pfSense firmware are excellent for this. Have not looked specifically for this topic at some of the other firmware forums lately to know what is going on there, such as DD-WRT.  There are two active projects on AsusWRT Merlin for blocking ads, bad sites and malware and an enhanced firewall functionality program. The project names are Skynet (enhanced firewall) and Diversion (malware and ad blocking).  Since the Asus router has TrendMicro built in, your network will be well protected.

Edited by Xentrk

Share this post


Link to post
Share on other sites
17 hours ago, Xentrk said:

Trendmicro Security is installed in AsusWRT routers. I would have to research some more to see if there are any feature differences. Most OpenSource router firmware has additional packages for security that are free at no additional cost. These include ad blockers and firewall add ons that also block sites that track you, malware and bad sites.  AsusWRT Merlin and pfSense firmware are excellent for this. Have not looked specifically for this topic at some of the other firmware forums lately to know what is going on there, such as DD-WRT.  There are two active projects on AsusWRT Merlin for blocking ads, bad sites and malware and an enhanced firewall functionality program. The project names are Skynet (enhanced firewall) and Diversion (malware and ad blocking).  Since the Asus router has TrendMicro built in, your network will be well protected.

I didn't know that about Asus routers, but this is not a router.  It plugs into your existing router.  Any make, any model of router.  (no offence intended if you knew this) 

 

Just wondering what the IT gurus on TV thought about it. 

Share this post


Link to post
Share on other sites

Without looking into details my 30 years computer experience tells me that device will protect you against some issues but it will fail with many other problems.

From time to time I configures professional firewalls which cost a lot more than that thing. They have thousands of settings and options how they protect your network, what they allow and what they don't allow. It's complicated to configure them and it's always a compromise between security and usability.

 

The only real secure network is a network which is not connected to anything else, especially to the internet.

When you connect your home network to the internet you have to allow lots of traffic to make it usable. One of the things you will allow (normally) is HTTPS which is secure HTTP. The allows secure transfer of data and i.e. passwords so that the router or any man in the middle can't "see" the details. That's obviously good. That is until HTTPS is used to transfer things which you don't want. And the router and any other device in the middle won't be able to block it.

 

Summary: Buy this thing if you don't care about the money. Probably it will help at least a little and probably it will make you feel better. But don't expect high security. You won't get it.

  • Like 1

Share this post


Link to post
Share on other sites
On 2/17/2019 at 9:51 PM, OneMoreFarang said:

Without looking into details my 30 years computer experience tells me that device will protect you against some issues but it will fail with many other problems.

From time to time I configures professional firewalls which cost a lot more than that thing. They have thousands of settings and options how they protect your network, what they allow and what they don't allow. It's complicated to configure them and it's always a compromise between security and usability.

 

The only real secure network is a network which is not connected to anything else, especially to the internet.

When you connect your home network to the internet you have to allow lots of traffic to make it usable. One of the things you will allow (normally) is HTTPS which is secure HTTP. The allows secure transfer of data and i.e. passwords so that the router or any man in the middle can't "see" the details. That's obviously good. That is until HTTPS is used to transfer things which you don't want. And the router and any other device in the middle won't be able to block it.

 

Summary: Buy this thing if you don't care about the money. Probably it will help at least a little and probably it will make you feel better. But don't expect high security. You won't get it.

I can get one for cheap, with some subscription.  I run antivirus on my devices that have operating systems, but with things like the CCTV NVR and the like, you can't run any antivirus on them.  I thought this is where this thing would come in, or so it advertises.

 

I have a question for you.  If I was to plug one of these into a router in a condo, that gets its internet from a main hub downstairs, will it just scan my condo's router / network, or scan the whole condo block's network?  Maybe a question I need to ask Trend Micro. 

Share this post


Link to post
Share on other sites
42 minutes ago, KhunHeineken said:

I have a question for you.  If I was to plug one of these into a router in a condo, that gets its internet from a main hub downstairs, will it just scan my condo's router / network, or scan the whole condo block's network?  Maybe a question I need to ask Trend Micro

The way I read their website  it seems like you need to install software on all the appliances that need protecting ??

can't see how they would redirect all requests via the add on box  instead of the normal route via the existing router  without first having the "interception" software redirect traffic.

Share this post


Link to post
Share on other sites
1 hour ago, KhunHeineken said:

I have a question for you.  If I was to plug one of these into a router in a condo, that gets its internet from a main hub downstairs, will it just scan my condo's router / network, or scan the whole condo block's network?  Maybe a question I need to ask Trend Micro. 

I guess this device is in between like this:

Before: cable from building, your router, your devices

After: cable from building, this device, your router, your devices

Everything from this device to the right (above) is protected.

Share this post


Link to post
Share on other sites
1 hour ago, johng said:

The way I read their website  it seems like you need to install software on all the appliances that need protecting ??

can't see how they would redirect all requests via the add on box  instead of the normal route via the existing router  without first having the "interception" software redirect traffic.

I don't think so.  It plugs into a port on your router and you are good to go. 

Share this post


Link to post
Share on other sites
1 hour ago, OneMoreFarang said:

I guess this device is in between like this:

Before: cable from building, your router, your devices

After: cable from building, this device, your router, your devices

Everything from this device to the right (above) is protected.

This is the part I don't get.  Say there's a wall plate with with an LAN port on the wall in a condo.  I would have expected that you plug this product into that wall plate, and then coming out of this product is a LAN port that you plug your computer or a router into.  That's not the case.  This just plus into your router.  It's not in between the internet feed and the router or computer.  It probably has software inside directing all traffic through it, but I would have expected it be a pass through type device.   

Share this post


Link to post
Share on other sites

Yes but how do they make the traffic (internet) "route" through the new device instead of the normal route which is through the existing router....I could understand it workings if this new device connected directly to a modem or fiber converter doing the traffic inspection/blocking before then sending traffic on to the existing router to do its routing...but just plugged into an Ethernet port isnt it just listening ??....there is probably something I don't understand.

Share this post


Link to post
Share on other sites

It's possible to have a firewall with just one LAN interface and two different IP addresses. One for the connection to the internet and one for the internal devices.

And this might work if all devices are configured correctly.

But I wouldn't call such a setup high security.

 

Share this post


Link to post
Share on other sites
On 2/20/2019 at 9:44 PM, johng said:

Yes but how do they make the traffic (internet) "route" through the new device instead of the normal route which is through the existing router....I could understand it workings if this new device connected directly to a modem or fiber converter doing the traffic inspection/blocking before then sending traffic on to the existing router to do its routing...but just plugged into an Ethernet port isnt it just listening ??....there is probably something I don't understand.

I'd also like to know the answer to this. 

Share this post


Link to post
Share on other sites
On 2/20/2019 at 10:03 PM, OneMoreFarang said:

It's possible to have a firewall with just one LAN interface and two different IP addresses. One for the connection to the internet and one for the internal devices.

And this might work if all devices are configured correctly.

But I wouldn't call such a setup high security.

 

Ok, but this thing is plug and play, so I don't know what it would do to the building's internal IP addresses, as in, other tenants and their devices.

Share this post


Link to post
Share on other sites
5 minutes ago, KhunHeineken said:

Ok, but this thing is plug and play, so I don't know what it would do to the building's internal IP addresses, as in, other tenants and their devices.

 

In general without knowing that thing in detail:

If you plug it in it will do nothing to any other devices if nobody reconfigures these devices. They work just like before.

 

Likely that box has an outgoing IP range.

Let's say your "normal" IP range is 192.168.0.x

Sample the outgoing IP range is 192.168.10.x

 

Anything with was not configured will work on 192.168.0.x

If a device was configured to use 192.168.10.x then the traffic goes like this:

Internet into box with normal IP address 192.168.0.x . Then that box filters the traffic and makes it available for the 192.168.10.x range.

If a device is configures to use the 192.168.10.x range then it receives only filtered internet traffic.

 

That's in principle how it works.

 

 

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...