- NG Firewall
- Solutions by Industry
- Solutions by Issue
yes..the edgerouter and their USG series are nice products for basic security and even features DPI. It is not billed as nor functions as a UTM like UT does however. They actually have a good suite of good products. These issues you see are from their early days. their initial attitude towards security researchers was poor and it shows in these kinds of issues. Uqiquiti has drastically improved on the security front in terms of initial quality and response time in the past few years though. Ubuquiti recently brought in the project manager of PFSense to handle the Unifi security products so expect to see more improvements. Ubiquiti does not have the intention of going UTM at the moment so if you require the full UTM suite right now Untangle is a good bet.
I have a USG sitting on the table right now. It *could* be a neat device, except it isn't.
DPI misidentifies data regularly, and even when it gets it right you can't filter or block based on DPI data, can't configure a number of (what I consider) base functions without bailing out of the UI and going to JSON files. Etc. It is a beta product at best, and I wouldn't run it in my home, let alone commercially, as it stands right now.
But each to their own.
Last edited by hescominsoon; 04-15-2017 at 08:58 AM.
I tried every USG firmware release up the the last couple before ripping it back out about 2 months ago.
It identifies probably 85% right, and 15% wrong (which isn't very good at all). But my comparison is Untangle, which gets probably 99+% of traffic categorized correctly. So I just went back to using Untangle as my router, instead of inline in bridge mode in front of the USG.
Sophos is a peice of crap (my opinion from my experiences), no point even discussing the many things it does incorrectly at this point. And if you go XG, it is even worse.