| Rich Freeman via plug on 23 Jul 2020 08:27:23 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Bad Emerging Threats IDS/IDP rules break Ubiquiti Threat Management |
On Thu, Jul 23, 2020 at 10:58 AM JP Vossen via plug <plug@lists.phillylinux.org> wrote: > > Arguably OT, but I know some folks on the list use Ubiquiti gear. > It runs linux I guess - I can shell into my USG. :) They mention the USG but the bigger issue there is that IDS/IDP seems to bog down traffic on anything faster than an ISDN line on their base model. I understand the UDM has more CPU. The USG can route at gigabit speeds, but not with CPU-based routing and the IDS requires this. I forget what IDS they're using but I believe it is FOSS. I think IDS was a firmware add-on after the original product shipped so the CPU wasn't really chosen to accommodate it. It is nice that it is available, but I doubt many use it in practice. The higher-end USG products have a lot more CPU capacity and are less dependent on ASICs for routing. -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug