Posted by Turrican on Jun 13, 2020; 11:22am
URL: https://itus.accessinnov.com/FIRMWARE-Itus-Shield-v2-tp2014p2051.html

I can echo lots of whats been said here already.  I had a good router at the time (AVM Fritzbox) which I used for VOIP and other things so wanted to retain that as my main device.  At the time I was also port forwarding for games etc so wanted to avoid double nat.  As my IoT devices grew I did wonder what those little web servers might be up to and although I had most of them on a segregated wifi (via the fritzbox) I wanted more protection, that and my kids were getting into the internet so that always made me nervous, as much as you can help point them in the ways of good, easy to download something malicious that could sit on my network stealthily.

The Shield came along by chance as it was mentioned in a podcast I subscribed to and it seemed to be exactly what I'd been looking for.  I'd read about the advantages and dissadvantages of Deep Packet Inspection.  Some things which initially attracted me:

- that this used a ''special Cavium procressor  which was meant to optimise the packet inspection
- the 'set it and forget it' (more or less) apsect of this device
- the fact that it could sit between my perfectly good router and the rest of my network in bridge mode ao I could retain my current routers functionaility.

As it turned out the 'set it and forget it' was never really a thing and I had problems from day 1 which involved lots of conversations with itus techs. It only really became useful and stable once itus folded and this wonderful community took it and made it work!  I am forever grateful to all the indivuals who helped with that and the support I recevied, some are still here some have moved on, but the fact that you are taking time now Grommish is really appreciated and as stated, if you were not doing this it's doubtful anyone else would be motivated to.

I moved from the Fritzxbox/shield to a Sophos applicance + AP which took me ages to configure and get my head around but eventually I did and liked it for a while but it was high maintenance in the end due to the 50 IP limit of the free version so I went to the market again.

I now have a Synology Router with Deep Packet Inspection (add-in program called called Threat prevention) which is a signature based system which is initially quite noisy until you dial in to the right level of notifications.  It's very low maintenance now and updates are all taken care of automatically so I really like it.  I also use Pi-Hole so between these devices I'm fairly well set so difficult to know if/where the Shield could provide value for me, other than the joy of tinkering which I do enjoy when I get time and I've learned a lot over the years, that's for sure.

So, looking forward to seeing what comes of the requirements here, for me I would say Threat provention, Ad blocking and LOW maintenance are key.  Bridged if possible.  I've been racking my brains to think of what other uses a cool little 3 port, CAvium powered device could be used for, but not really come up with much yet :)

Cheers