Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

New cyber attack protection hardware product by Trend Micro.

KhunHeineken

By KhunHeineken
in IT and Computers

 Share

Recommended Posts

KhunHeineken Platinum Member

KhunHeineken

Posted
Posted

I've been getting into  bit of home automation, with a lot of these devices that are connected to the internet, being unable to run any anti-virus software. 

 

I am using ethernet cable for as many devices as I can, but some are also connected via Wifi.

 

Trend Micro have a new hardware product that covers the whole network. 

 

I was just wondering what the members that know a lot more about computers and the internet than me may think of it. 

 

Is it a gimmick, or worth the money?

 

This is a link to the product.

 

https://www.trendmicro.com/en_us/forHome/products/homenetworksecurity.html

 

This is a Youtube explanation.

 

 

Any thoughts?

 

Xentrk Newbie

Xentrk

Posted
Posted (edited)

Trendmicro Security is installed in AsusWRT routers. I would have to research some more to see if there are any feature differences. Most OpenSource router firmware has additional packages for security that are free at no additional cost. These include ad blockers and firewall add ons that also block sites that track you, malware and bad sites.  AsusWRT Merlin and pfSense firmware are excellent for this. Have not looked specifically for this topic at some of the other firmware forums lately to know what is going on there, such as DD-WRT.  There are two active projects on AsusWRT Merlin for blocking ads, bad sites and malware and an enhanced firewall functionality program. The project names are Skynet (enhanced firewall) and Diversion (malware and ad blocking).  Since the Asus router has TrendMicro built in, your network will be well protected.

Edited by Xentrk
KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
17 hours ago, Xentrk said:

Trendmicro Security is installed in AsusWRT routers. I would have to research some more to see if there are any feature differences. Most OpenSource router firmware has additional packages for security that are free at no additional cost. These include ad blockers and firewall add ons that also block sites that track you, malware and bad sites.  AsusWRT Merlin and pfSense firmware are excellent for this. Have not looked specifically for this topic at some of the other firmware forums lately to know what is going on there, such as DD-WRT.  There are two active projects on AsusWRT Merlin for blocking ads, bad sites and malware and an enhanced firewall functionality program. The project names are Skynet (enhanced firewall) and Diversion (malware and ad blocking).  Since the Asus router has TrendMicro built in, your network will be well protected.

I didn't know that about Asus routers, but this is not a router.  It plugs into your existing router.  Any make, any model of router.  (no offence intended if you knew this) 

 

Just wondering what the IT gurus on TV thought about it. 

OneMoreFarang Star Member

OneMoreFarang

Posted
Posted

Without looking into details my 30 years computer experience tells me that device will protect you against some issues but it will fail with many other problems.

From time to time I configures professional firewalls which cost a lot more than that thing. They have thousands of settings and options how they protect your network, what they allow and what they don't allow. It's complicated to configure them and it's always a compromise between security and usability.

 

The only real secure network is a network which is not connected to anything else, especially to the internet.

When you connect your home network to the internet you have to allow lots of traffic to make it usable. One of the things you will allow (normally) is HTTPS which is secure HTTP. The allows secure transfer of data and i.e. passwords so that the router or any man in the middle can't "see" the details. That's obviously good. That is until HTTPS is used to transfer things which you don't want. And the router and any other device in the middle won't be able to block it.

 

Summary: Buy this thing if you don't care about the money. Probably it will help at least a little and probably it will make you feel better. But don't expect high security. You won't get it.

  • Like 1
KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
On 2/17/2019 at 9:51 PM, OneMoreFarang said:

Without looking into details my 30 years computer experience tells me that device will protect you against some issues but it will fail with many other problems.

From time to time I configures professional firewalls which cost a lot more than that thing. They have thousands of settings and options how they protect your network, what they allow and what they don't allow. It's complicated to configure them and it's always a compromise between security and usability.

 

The only real secure network is a network which is not connected to anything else, especially to the internet.

When you connect your home network to the internet you have to allow lots of traffic to make it usable. One of the things you will allow (normally) is HTTPS which is secure HTTP. The allows secure transfer of data and i.e. passwords so that the router or any man in the middle can't "see" the details. That's obviously good. That is until HTTPS is used to transfer things which you don't want. And the router and any other device in the middle won't be able to block it.

 

Summary: Buy this thing if you don't care about the money. Probably it will help at least a little and probably it will make you feel better. But don't expect high security. You won't get it.

I can get one for cheap, with some subscription.  I run antivirus on my devices that have operating systems, but with things like the CCTV NVR and the like, you can't run any antivirus on them.  I thought this is where this thing would come in, or so it advertises.

 

I have a question for you.  If I was to plug one of these into a router in a condo, that gets its internet from a main hub downstairs, will it just scan my condo's router / network, or scan the whole condo block's network?  Maybe a question I need to ask Trend Micro. 

johng Diamond Member

johng

Posted
Posted
42 minutes ago, KhunHeineken said:

I have a question for you.  If I was to plug one of these into a router in a condo, that gets its internet from a main hub downstairs, will it just scan my condo's router / network, or scan the whole condo block's network?  Maybe a question I need to ask Trend Micro

The way I read their website  it seems like you need to install software on all the appliances that need protecting ??

can't see how they would redirect all requests via the add on box  instead of the normal route via the existing router  without first having the "interception" software redirect traffic.

OneMoreFarang Star Member

OneMoreFarang

Posted
Posted
1 hour ago, KhunHeineken said:

I have a question for you.  If I was to plug one of these into a router in a condo, that gets its internet from a main hub downstairs, will it just scan my condo's router / network, or scan the whole condo block's network?  Maybe a question I need to ask Trend Micro. 

I guess this device is in between like this:

Before: cable from building, your router, your devices

After: cable from building, this device, your router, your devices

Everything from this device to the right (above) is protected.

KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
1 hour ago, johng said:

The way I read their website  it seems like you need to install software on all the appliances that need protecting ??

can't see how they would redirect all requests via the add on box  instead of the normal route via the existing router  without first having the "interception" software redirect traffic.

I don't think so.  It plugs into a port on your router and you are good to go. 

KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
1 hour ago, OneMoreFarang said:

I guess this device is in between like this:

Before: cable from building, your router, your devices

After: cable from building, this device, your router, your devices

Everything from this device to the right (above) is protected.

This is the part I don't get.  Say there's a wall plate with with an LAN port on the wall in a condo.  I would have expected that you plug this product into that wall plate, and then coming out of this product is a LAN port that you plug your computer or a router into.  That's not the case.  This just plus into your router.  It's not in between the internet feed and the router or computer.  It probably has software inside directing all traffic through it, but I would have expected it be a pass through type device.   

johng Diamond Member

johng

Posted
Posted

Yes but how do they make the traffic (internet) "route" through the new device instead of the normal route which is through the existing router....I could understand it workings if this new device connected directly to a modem or fiber converter doing the traffic inspection/blocking before then sending traffic on to the existing router to do its routing...but just plugged into an Ethernet port isnt it just listening ??....there is probably something I don't understand.

OneMoreFarang Star Member

OneMoreFarang

Posted
Posted

It's possible to have a firewall with just one LAN interface and two different IP addresses. One for the connection to the internet and one for the internal devices.

And this might work if all devices are configured correctly.

But I wouldn't call such a setup high security.

 

  • 3 weeks later...
KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
On 2/20/2019 at 9:44 PM, johng said:

Yes but how do they make the traffic (internet) "route" through the new device instead of the normal route which is through the existing router....I could understand it workings if this new device connected directly to a modem or fiber converter doing the traffic inspection/blocking before then sending traffic on to the existing router to do its routing...but just plugged into an Ethernet port isnt it just listening ??....there is probably something I don't understand.

I'd also like to know the answer to this. 

KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
On 2/20/2019 at 10:03 PM, OneMoreFarang said:

It's possible to have a firewall with just one LAN interface and two different IP addresses. One for the connection to the internet and one for the internal devices.

And this might work if all devices are configured correctly.

But I wouldn't call such a setup high security.

 

Ok, but this thing is plug and play, so I don't know what it would do to the building's internal IP addresses, as in, other tenants and their devices.

OneMoreFarang Star Member

OneMoreFarang

Posted
Posted
5 minutes ago, KhunHeineken said:

Ok, but this thing is plug and play, so I don't know what it would do to the building's internal IP addresses, as in, other tenants and their devices.

 

In general without knowing that thing in detail:

If you plug it in it will do nothing to any other devices if nobody reconfigures these devices. They work just like before.

 

Likely that box has an outgoing IP range.

Let's say your "normal" IP range is 192.168.0.x

Sample the outgoing IP range is 192.168.10.x

 

Anything with was not configured will work on 192.168.0.x

If a device was configured to use 192.168.10.x then the traffic goes like this:

Internet into box with normal IP address 192.168.0.x . Then that box filters the traffic and makes it available for the 192.168.10.x range.

If a device is configures to use the 192.168.10.x range then it receives only filtered internet traffic.

 

That's in principle how it works.

 

 

  • Like 1
  • 4 weeks later...
KhunHeineken Platinum Member

KhunHeineken

Posted
  • Author
Posted
On 3/8/2019 at 10:30 PM, OneMoreFarang said:

 

In general without knowing that thing in detail:

If you plug it in it will do nothing to any other devices if nobody reconfigures these devices. They work just like before.

 

Likely that box has an outgoing IP range.

Let's say your "normal" IP range is 192.168.0.x

Sample the outgoing IP range is 192.168.10.x

 

Anything with was not configured will work on 192.168.0.x

If a device was configured to use 192.168.10.x then the traffic goes like this:

Internet into box with normal IP address 192.168.0.x . Then that box filters the traffic and makes it available for the 192.168.10.x range.

If a device is configures to use the 192.168.10.x range then it receives only filtered internet traffic.

 

That's in principle how it works.

 

 

I'm getting out of my depth here, but if you connect your device via an ethernet cable plugged into a wall socket in a hotel for example, but it could also be more longer term accommodation with internet included, like a condo, doesn't your device automatically get an internal IP address by way of DCHP?  

 

This thing says it scans the whole network that it's connected to.  Surely that can't be all traffic to all devices in a hotel or condo block. 

OneMoreFarang Star Member

OneMoreFarang

Posted
Posted
56 minutes ago, KhunHeineken said:

I'm getting out of my depth here, but if you connect your device via an ethernet cable plugged into a wall socket in a hotel for example, but it could also be more longer term accommodation with internet included, like a condo, doesn't your device automatically get an internal IP address by way of DCHP?  

 

This thing says it scans the whole network that it's connected to.  Surely that can't be all traffic to all devices in a hotel or condo block. 

One thing is the cable and another thing are the network settings.

DHCP gives out IP addresses, correct. But that does not mean every device must ask the DHCP server for an IP address.

 

Example: The router from the internet provider has the IP address 192.168.0.1 with the subnet mask 255.255.255.0 and it's DHCP server gives out IP addresses in the range from i.e. 192.168.0.100 up to 192.168.0.200. The important part is that the first 3 numbers are the same. They are all 192.168.0.x Any device on that network does not see anything with an IP address which is not like 192.168.0.x

 

Now with the same cable there can be another network which uses maybe IP addresses like 192.168.10.x with subnet 255.255.255.0 . There might be lots of devices connected with manually assigned IP addresses like 192.168.10.5 and 192.168.10.12 and 192.168.10.178 and more. They work just fine in that network.

 

Normally the devices from the 192.168.0.x network and the 192.168.10.x network don't "see" each other. Even if the use the same cable.

 

Now coming back to the firewall. That might be connected to the ISP with the IP address 192.168.0.5. And then it does the firewall work and it has the output IP range of 192.168.10.x. That can be on a different cable but it can be the same cable.

So if someone configures one or more devices on that cable to the 192.168.10.x range then they get the filtered traffic from the firewall. And they don't see the original ISP traffic.

 

As usual there are exceptions from the rule but that is the basic concept.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...