New Internet Security Devices

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

New Internet Security Devices

breda
Hi, wanted to see has anyone tried any of these devices made by Cujo, Dojo, Keezel?

http://homealarmreport.com/cujo-dojo-vs-keezel/
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

user8446
Administrator
I haven't but it looks like those are all subscription based. You can get IPS and content filtering all from open source for free.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

breda
Thanks user8446 what about IoT The Internet of Things threats  would the shield block them from communicating?

Take care
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

Turrican
breda

Not sure if the Shield would spot any malicious botnets e.g. Mirai eminating to/from your IoT devices.  I'd be curious to know also.

Probably the only way to be 'safe' with IoT is to segment your network so that the IoT devices can only reach the Internet.  Most of these IoT devices require access to the internet to be operable or get updates.  Either way, they dont necessarily need to access your lan, hence the segmentation.  I've not found any good articles or how-to's on this topic, but I recently picked up a Ubiquiti Edge Router X as a first step to create a segmented network.  Not gotten around to configuring it yet though :)


Running Bridge Mode
v1.51 SP1 + Hotfix Mar 9
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

breda
Thank you  Turrican I will look into that
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

Turrican
I heard Cujo ws partiularly problematic.  First relying on ARP Spoofing and now (I believe ) using DNS.  Besides, as mentioned they are subsciption services.

I've been playing with the Sophos UTM v9 on a J1900 based small pc recently.  It's really good, but I'll need to take some time to configure it properly as it's anything but plug and play.  Could be worth it though, it includes IPS amongst other things.  Steep learning curve but could be worth it.  I was acheiving my full download speed of 200mpbs no problem.  Not currently in production but hope to put it in place soon.  Alas, my Shield will be redundant but for now it's still going strong!

Running Bridge Mode
v1.51 SP1 + Hotfix Mar 9
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

breda
Hi, Turrican  thank you  I have a Lenovo M700 Intel i3 http://www.woot.com/offers/lenovo-m700-intel-i3-128gb-ssd-tiny-desktop-24 the Sophos UTM v9  the IPS how often are they updated?  like the full download speed of 200mpbs that's what I would need I just would need to add RJ-45 LAN they have USB 3.0 to RJ-45

Take care
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

Turrican
You can set it to check for updates whenever you like, daily, hourly, every 15 mins.  If there are updates (antivirus, ips etc) it will pull them down and install. It definitely takes some configuration like I said, but it looks to be worth the effort and is free for 50 ip clients and 5 av endpoints.

Running Bridge Mode
v1.51 SP1 + Hotfix Mar 9
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

user8446
Administrator
To add to this, the rules on your shield do have all of the latest and known CnC signatures for the IoT exploits you mentioned. You should also filter at the DNS level, I use OpenDNS.

My shield is still working flawlessly too but here are some others if you wanted to research:

Untangle
pfSense
OpnSense
Security Onion
Sophos UTM as mentioned

All have either Snort or Suricata. Untangle is supposedly very easy to setup out of all of them, but all of these will work on your machine.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

Turrican
Nice options.  Untangle is on I've not tried, might give that a shot.

Cheers

Running Bridge Mode
v1.51 SP1 + Hotfix Mar 9
Reply | Threaded
Open this post in threaded view
|

Re: New Internet Security Devices

breda
In reply to this post by user8446
Thanks  user8446 just sent you PM