All News | Boards | Chips | Devices | Software | Archive | About | Contact | Subscribe
Follow LinuxGizmos:
Twitter Facebook Pinterest RSS feed
*   get email updates   *

$149 networking security gizmo runs Snort on OpenWRT

Aug 4, 2014 — by Eric Brown 9,271 views

[Updated Aug 7] — Itus Networks has launched a $149 “iGuardian” network security appliance on Kickstarter that runs OpenWRT Linux and the Snort IPS stack on a MIPS64 SoC.

Few vendors have targeted the consumer network security appliance market, and even fewer have done so with pricing under $500. A San Jose, Calif.-based startup called Itus Networks, however, plans to protect your home WiFi router with a $149, open source Linux iGuardian device that offers both a network intrusion prevention system (NIPS) and a network intrusion detection system (NIDS). The device blocks cyber attacks while also filtering out malware “and other undesirable content,” says the company. Like other network security appliances, it sits between your Internet source and your WiFi router, acting as a security firewall.

iGuardian prototype; the final version will add a more powerful Cavium processor and a third GbE port
(click image to enlarge)

Itus Networks launched the iGuardian on Kickstarter on Aug. 7. Early-bird pricing for the Kickstarter round advances through $99, $109, $119, and $129 prices before settling in at $149, which is still a discount compared to the eventual $179 price. The iGuardian is expected to ship in Feb. 2015.

The iGuardian protects against threats including viruses, phishing scams, malicious websites, as well as Java, browser, and file exploits. It also claims to block drive-by-downloads, watering-hole attacks, botnets, data-theft, remote access Trojans, and key-loggers, says Itus Networks. The appliance is designed to protect devices including smartphones, laptops, desktops, tablets, TVs, cable boxes, security camera systems, smoke detectors, thermostats, and smart refrigerators, says the company.

Final design for the iGuardian
(click image to enlarge)

Network security a growing concern


Consumer network security is growing in importance as more and more WiFi connected devices enter the home, including desktops, mobile devices, printers, smart TVs, and home automation devices. Anti-malware software can usually protect your PC, especially if you’re not running Windows, but mobile devices tend to have less robust security, and most Internet of Things gizmos offer little or no protection. The ability to hack into multiple computing devices, as well as home security systems, gives the bad guys a unique set of tools with which to operate, as well as multiple entry points into the network.

Home WiFi routers such as the Linksys systems have increasingly shown their vulnerabilities to modern hacking techniques. The limited security capabilities on home routers has led Google, Samsung, Freescale, ARM, and others to recently form a Thread Group to develop a more secure 6LoWPAN-based “Thread” wireless networking standard for home automation.

Diagrams: iGuardian role (left) and security architecture
(click images to enlarge)

Unlike most competing products such as the $595 Intel Atom-based Sophos UTM110, the iGuardian ships with lifetime access to free community security updates instead of paying for yearly subscriptions. Itus Networks also mentions the similarly named, $495 Netgear UTM110 as competition, although the device has reached end of life, and Netgear does not currently offer a system to replace it.

Like the Sophos and Netgear products, and many, if not most, enterprise and small business network security appliances, the iGuardian runs on Linux. To compare the iGuardian with a recent, Linux-based enterprise device with more advanced Unified Threat Management (UTM) services, check out last year’s Freescale QorIQ-based Nexcom NSA 5640.

Inside the iGuardian

“We developed the iGuardian on an openWRT platform running Snort on an Octeon processor,” Itus Networks co-founder Jock Breitwieser told us in an email exchange. “So we made a choice to include an enterprise grade security processor.” This choice enables the device to “minimize any impact to performance” over the user’s network, states the company on its website.

iGuardian prototype images grabbed from its project video
(click images to enlarge)

The iGuardian runs the router-oriented OpenWRT Linux and the open source Snort security stack on Cavium’s MIPS64-based, 28nm-fabricated Octeon III system-on-chip. Specifically, it runs on one of the lower-end models, a dual-core, Octeon III 7020 clocked to 1GHz. Nevertheless, this is a relatively high-end, 64-bit chip that is rarely seen on sub-$500 devices.

Cavium Octeon III CN7XXX block diagram
(click image to enlarge)

The iGuardian is further equipped with 1GB of DDR3 RAM, 64MB flash, and an SD card slot. The device integrates three gigabit Ethernet ports, plus a separate RJ45 serial console.

A beta-tester Kickstarter package going for $750 offers an iGuardian prototype, available in September of this year. Although it similarly runs on a Cavium chip, it’s a lower-powered Cavium Econa CNS3420 SoC. The dual-core ARM11 processor runs at 600MHz, and is joined here by 512MB of RAM, 32MB flash, and an 8GB microSD card. While the final version has three GbE ports, the prototype is limited to two ports plus the console port.

One major challenge that has slowed the consumer networking security appliance market is the complexity of setting up security technology. Itus Networks, however, claims the iGuardian can be set up in five minutes, and requires “zero configuration or technical knowledge.”

There’s no need to enter the WebUI or CLI console, says the company. The device includes a hardware switch for setting one of one of three possible modes, one of which loads a configuration that enables layer-2 bridge mode with Snort running in-line.

Snort is an open source project from Cisco’s Sourcefire, billed as an IPS with real-time traffic analysis and packet logging. The Linux-ready stack has been downloaded four million times, and boasts almost a half million registered users, making it the world’s most popular IPS, according to the project. (Here is a Snort Cheat Sheet frpm Comparitech to get you up to speed.)

The company will provide Kickstarter backers with a default configuration that will automatically download and install open source and community rule sets. Breitwieser says Itus Networks “intends to keep the iGuardian software platform open source, but the company may release a future commercial version that may not be.” The hardware, on the other hand, is closed source. “Open hardware would mean we would publish data on how to build our board and at this point, we we don’t intend to do that,” adds Breitwieser.

“We intend to leave the iGuardian Kickstarter Edition open or ‘unlocked’ so that anyone wishing to add their own rule subscriptions may do so,” explains the Kickstarter page. “Future versions of the iGuardian may not include this capability.”

Summary of iGuardian specs

Target specifications listed for the iGuardian final version include:

  • Processor — Cavium Octeon III 7020 (2x MIPS64 cores @ 1.0GHz)
  • Memory:
    • 1GB DDR3 RAM
    • 64MB flash
    • SD card slot
  • Networking:
    • 3x gigabit Ethernet ports
    • RJ45 serial console
  • Dimensions (prototype) — 5.25 x 1.75 x 1.5 inches
  • Operating system — OpenWRT Linux (Barrier Breaker r40561) with Snort v2.9.6.1

Rhino Labs Beetle 1

To develop the iGuardian, Itus Networks partnered with Rhino Labs, which appears to be the manufacturer of the device. Rhino Labs sells a line of Linux-based networking appliances, including the relatively low end Beetle 1, which offers five GbE ports and runs on the same Econa SoC used by the iGuardian prototype.

The higher end, 4-8 port RLNA6X8GE incorporates an Octeon II SoC with up to 10 cores. While both products integrate some crypto co-processors, these are straight-ahead networking appliances and make no special claims regarding IPS or other security features.

iGuardian Kickstarter video

Further information

More details are available on the iGuardian Kickstarter page, which forecasts first shipments to be in Feb. 2015. Early-bird pricing for the Kickstarter round advances through $99, $109, $119, and $129 packages, followed by the standard $149 package. Additional information about iGuardian may be found at the Itus Networks website. Itus Networks will showcase the iGuardian device at the Defcon Hacking Conference Aug. 7-10 in Las Vegas.

(advertise here)

Print Friendly, PDF & Email

One response to “$149 networking security gizmo runs Snort on OpenWRT”

  1. Nick says:

    This was a great idea. Does anybody know what happened with the project?

Please comment here...