Hi,
I updated my home network with Ubiquity Unif products. There is a Beta setting in the new USG called IPS (Intrusion Prevention System) which to me seems like an effort to be a Pi-Hole. Take a look at the screen grab. Can someone else chime in and opine, am I seeing this correctly? Notice the warning and bandwidth hit one takes when activated. So, I would advise anyone using Unifi USG to NOT activate this feature and let the Pi-hole do the Intrusion prevention.
Pi-holes does not do IPS
Thank you for the clarification.
-Gary
This is not an effort to be a Pi-Hole. Pi-Hole is a domain blocker, unaware of any content served to your network. It filters those domains you have requested to be blocked. Basically, an on/off switch for individual domains. Pi-Hole only handles DNS requests, and sees none of the actual network traffic that follows.
From the ubnt.com website (https://help.ubnt.com/hc/en-us/articles/360006893234-UniFi-USG-Configuring-Intrusion-Prevention-Detection-System-IPS-IDS):
"An intrusion prevention system (IPS) is an engine that identifies potentially malicious traffic based on signatures. The signatures contain known traffic patterns or instruction sequences used by malware. This type of signature-based engine can only detect anomalies based on known malicious traffic patterns."
In this manner, IPS is similar to a proxy, where the traffic is analyzed and then an administrator has the option of blocking that domain. This is why there is a speed impact - all the traffic has to be analyzed.
I see, as you said, the reason for the bandwidth hit, its busy.
Thank you for this knowledge.
-Gary
