Question: AiProtect, is it adding anything of value security-wise?

torstein

Regular Contributor
I know, yet another post about AiProtect. But I couldn't find a very clear answer to my question. I searched both this forum and google.

Does AiProtect add anything meaningful security-wise? I think not, here's why:

Intrusion prevention system:
  • If the Router is set up properly with disabled upnp, disabled port forwarding and port triggering, disabled web acccess from wan, disabled DMZ, disabled WPS, disabled Ping from WAN, disabled anonymous login to FTP share etc, the router is already as safe as can be, right?
  • The firewall is blocking everything that my devices haven't requested anyways, and thus prevents intrusions. It is after all a SPI firewall.

Malicious site blocking:
  • We already get that through Google safebrowsing built into our browsers and
  • Ad-blockers such uBlock and Adguard for Chrome and FF, and Wipr for Safari etc
  • ISP DNS or
  • custom DNS such as NextDNS / Quad9 / OpenDNS / 1.1.1.1 etc

Two way IPS:
  • Bitcoin mining is blocked by adblockers such as uBlock, AdGuard and DNS filters such as NextDNS and Quad9 for instance.
  • Heartbleed and Shellshocked was patched in macOS / Windows / Linux and Asus firmware.
  • DDoS attacks is taken care of by the router firewall and OS firewall (I think)
  • Spam is taken care of by email services.
  • The only thing of value would be blocking an infected device from calling home and being part of a botnet, but most likely you don't have an infected device, and with security patches and common sense when browsing, downloading and installing software etc macOS / Windows / Linux already takes care of that with OS updates and their own security measures.

Infected device prevention:
  • Same as above.
  • As long as your OS is updated, router is updated and you dont install suspicious or pirated software, use keygens or look up shady sites / dark web or whatever, this is unecessary.

So is AiProtect adding anything of value? Or is it just redundant? Is the router already protecting you well enough? Is AiProtect like installing antivirus on Linux / macOS, i.e. technically increases the security, but completely pointless?
 
Last edited:

bbunge

Part of the Furniture
AiProtect does provide an extra layer of protection. I ran AiProtect at a small business office on an AC68U for several years. It caught a lot of employees browsing mistakes and while in use the malware on PC's was zero. The router was replaced after I retired and they have had a bunch of browsing related malware infections.
Here at home I tried a Pi-hole with Unbound. Within a day AiProtect blocked seven malware sites. I quickly went back to Quad9 via DoT.
 

ColinTaylor

Part of the Furniture
I think you've answered your own question. The supposed advantage of AiProtection is that is a single device providing all those forms of protection to all the devices on your network. Your average user barely knows how to turn on their PC. Are they really going to do all the custom configurations you describe, for every device they own, including IoT. It may not have value to you but it could do for the average user which is who it's aimed at.

Disclaimer: I don't use AiProtection.
 

torstein

Regular Contributor
ColinTaylor said:
I think you've answered your own question. The supposed advantage of AiProtection is that is a single device providing all those forms of protection to all the devices on your network. Your average user barely knows how to turn on their PC. Are they really going to do all the custom configurations you describe, for every device they own, including IoT. It may not have value to you but it could do for the average user which is who it's aimed at.

Disclaimer: I don't use AiProtection.
Click to expand...
I understand! So it is basically like installing antivirus, then? Tehcnically it increases your security, but at the cost of performance, and is meant for the average user who is uncritical and naive on the internet?

If you have good internet practices, keep all your software up-to-date, inlcuding OS and router firmware, use ad and tracker blockers, security focused DNS-provider such as quad9 or nextdns and stay away from obvious malware sites and the like, AiProtect adds nothing?


AiProtect does provide an extra layer of protection. I ran AiProtect at a small business office on an AC68U for several years. It caught a lot of employees browsing mistakes and while in use the malware on PC's was zero. The router was replaced after I retired and they have had a bunch of browsing related malware infections.
Here at home I tried a Pi-hole with Unbound. Within a day AiProtect blocked seven malware sites. I quickly went back to Quad9 via DoT.
1. Do you know if the new router have any of the settings I listed with all those featuers disabled? Did they use DNS-filtering and ad blockers on their computers protecting them? Did they use MS Windows? Did they download apps with malware and torjans? I mean if one tries really hard. Once you factor in strangers / employees, then obviously malware can happen no matter how secure your system is, since most people aren't very careful on the internet. I guess that's why one also isntall antiviruses.

My question relates to me, and like-minded such as most people on this forum, with good internet practices and focused on network and computer security, do we get anything out of AiProtect? Or is AiProtect meant to be for people who are uncritical to weblinks sent in spam-mails and what webpages they surf on the internet?

2. I have no experience win pihole and unbound, but with quad9, did you still have to have aiprotect on, or did quad9 do the trick? Quad9 should stop malware very efficiently.
 
Last edited:

Paliv

Regular Contributor
It catches a lot of mobile browsing items in our house. Sometimes it catches the occasional PC browsing click, but as you said with google and extensions that's more rare. Most of the items it catches are labeled scams, but a few have been more serious.
 

torstein

Regular Contributor
Last edited:

Tech9

Part of the Furniture
Yes, Asus routers only, delivered by Trend Micro.

TP-Link as well for some models, called HomeCare:


I have one C2300 with Trend Micro engine in firmware.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top