What's new

How does the Trend Micro Two Way IPS work in AsusWRT while Snort would melt desktop computers?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

rkk2025

Occasional Visitor
Hi,

Since I enabled the Trend Micro Two Way IPS on my AsusWRT and seen how well it performs (In terms of Network Speed and detected attacks), I would not change it back to how it was before. At some point I needed to change to another router with an OpenWRT, and I've seen that Snort/Suracata does pretty much the same (Without having to accept any third party to log your usage as in AsusWRT). But it seems that Snort/Suricata and similar use huge amounts of RAM and require a quite powerful CPU to reach to 500Mbit. How does it work in AsusWRT and why my dual core 800Mhz Asus router with barely 256MB of RAM can run the IPS without any visible RAM/CPU requirements? Is there any info on this? Is there any way to replicate the setup on a non-Asus router/pc?
 
It uses a much simpler ruleset than what is typically used by IPS such as Snort or Suricata. It also benefits from being implemented as a kernel module instead of capturing network traffic in userspace.
 
It uses a much simpler ruleset than what is typically used by IPS such as Snort or Suricata. It also benefits from being implemented as a kernel module instead of capturing network traffic in userspace.

It uses a much simpler ruleset than what is typically used by IPS such as Snort or Suricata. It also benefits from being implemented as a kernel module instead of capturing network traffic in userspace.
Do you know if there is any similar software like the AsusWRT implementation that can be used on non Asus hardware?
 
Do you know if there is any similar software like the AsusWRT implementation that can be used on non Asus hardware?

Not that I'm aware of. My recommendation would be to use Suricata, but carefully choosing which rulesets to enable.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top