Rich Freeman via plug on 23 Jul 2020 08:27:23 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Bad Emerging Threats IDS/IDP rules break Ubiquiti Threat Management


On Thu, Jul 23, 2020 at 10:58 AM JP Vossen via plug
<plug@lists.phillylinux.org> wrote:
>
> Arguably OT, but I know some folks on the list use Ubiquiti gear.
>

It runs linux I guess - I can shell into my USG.  :)

They mention the USG but the bigger issue there is that IDS/IDP seems
to bog down traffic on anything faster than an ISDN line on their base
model.  I understand the UDM has more CPU.

The USG can route at gigabit speeds, but not with CPU-based routing
and the IDS requires this.  I forget what IDS they're using but I
believe it is FOSS.  I think IDS was a firmware add-on after the
original product shipped so the CPU wasn't really chosen to
accommodate it.  It is nice that it is available, but I doubt many use
it in practice.

The higher-end USG products have a lot more CPU capacity and are less
dependent on ASICs for routing.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug