The age of the connected appliance is upon us. All sorts of items are becoming smart and jumping on your network. Just like the rise of dial-up internet gave birth to anti-virus software the rush to market with home automation and smart gadgets with almost no thought towards security has given rise to a class of product that used to be solely a high end enterprise product, Intrusion Detection and Intrusion Prevention appliances.
Today we are looking at one of the more interesting options in that space, RATtrap. A product focused on border security, browsing privacy, and ad-blocking.
Unlike Cujo, Dojo, Keezel, Akita, Bitdefender Box, or Norton Core, RATtrap is the only solution that does not sit inside your network, but just outside of it, like a border guard. I like this aspect of the product a lot actually. It is unique in the industry, unfortunately. Just like all the other options in this product category though, RATtrap doesn’t have the exact same offering as competitors. They make three major benefit claims, Real time threat detection, ad-blocking, and browsing privacy.
Outside the Network
Because RATtrap is designed to sit in between your modem and router, logically speaking, it is outside your network. This simplifies many aspects about how it is configured, and is basically plug and play out of the box. You don’t need to change anything about your network setup, and you gain the benefits. Because it is outside the network playing border guard, it relieves your router of that duty. Routers, especially consumer grade routers, are traditionally one of the favorite target of hackers because they get a lot of access for not a lot of effort.
In order to attack your router, exploits have to go through RATtrap first before they even attempt against the router itself. It is also in a position to stop any malware from leaving your connection as well, preventing you from unintentionally spreading an infection to friends, family, and business contacts, should someone bring an infected device home.
Real Time Threat Detection
RATtrap offers fairly standard network intrusion offerings, at least from the point of view of the business world. It’s simply offered in a package meant for home networking use. Technically speaking, RATtrap provides IP and DNS protection based on multiple sources of attack threat intelligence data. It performs behavioral monitoring of common Internet connected devices, uses machine learning to detect anomalies and blocks all malicious communications it discovers on your connection.
Using the border guard analogy, all RATtrap does is look at traffic coming in and going out at the border, looking for suspicious packages or devices behaving out of the ordinary.
Because of the filtering methods used by RATtrap used to block bad websites and malware payloads, it’s trivial to add in the capability to block online advertisements in the same way. Having a RATtrap before your network is like having an ad-blocker installed on every device on the network. Aside from the quality of life aspect, many malicious downloads are the result of malware served up from ad servers, so it’s a layer of security in that respect. Oddly enough, most people I set it up for appreciate this aspect most, not the security.
Because all the traffic gets handled by RATtrap on the way out of the network, many of the standard methods companies use to track your movements around the web simply do not work. Services like Google can only profile you if you are signed in to there services and they track you that way. Again, this applies to anything on the network.
RATtrap is a smartly designed device that does everything it promises, and the only thing I wish was different was I would like the option of a little more horsepower in the hardware. It can only filter connections up to 250-270mbps, so for people with faster connections it means giving up some performance. I would love a model that can handle a full 1 gbps connection. It’s a layer of protection most homes don’t have, and it doesn’t take any configuration to work.