Business Community > Routers > 7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
< Routers

7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)

12

7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)

18 Reply
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
3 weeks ago - last edited 3 weeks ago

  @ChrissNeo 

 

i dont think you understand how bandwidth works at all

Loading web pages, video calls, 8k netflix / youtube, all at the same time, maybe 30 to 50 mbit tops.  The vast majority of internet use is pretty small data wise.  You will only even start to hit more than 50ish when you download large files or large numbers of simulatneous video streams.

 

200mbit IDS throughput is far, far more than your use case.

 

 

Also, you dont have to run IDS / IPS, there really isnt much that its going to pick up in a small business or home environment.   I run it on the work network and get maybe 1 hit a month and its usually just a false positive, and this with 3 businesses using the network, a public wifi, and various other internal systems all useing it simultanoeusly.

IF you want full speed WITH IDS on any router, you have to be prepared to pay for it!  routers that support it at high bandwidth are not the cheap ones.

 

  0  
  0  
#12
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
3 weeks ago - last edited 3 weeks ago

 @ChrissNeo 

ChrissNeo wrote

 

I see many people have issues with IDS/IPS on different models. After seeing this and how TP-Link is handling this subject just made me to cancel the order for his product. I don't want to pay a third of my salary to not be able to keep my server protected because I lose 30-70% of my ethernet speed. 

I work from home and I load at least 1 web page per minute while I'm in a meeting (where there are share screens) and I use my PC in the same time. Not mentioning the rest of the household usage. This would me unacceptable and I won't pay that much to secure the server where I can't use the security features because I can't loose that much speed either.

 

As I don't have viable alternatives for a similar price range in my region, I'll just buy a cheap unmanaged switch, get an additional network card for the server and virtualize a good software for this like Sophos or pfSense+ which will bring down the cost to about a third of this product. Better security, no dropped speed and using just 4 threads out of 12 (2 cores), not even needing 4 cores as this product that is not delivering the expected results with them.

 

Good job on not listening of the customer's issues, @TP-Link, that's how you lose them.

It seemed sketchy when I saw they are selling controllers for security gateways that make the security options unavailable and now I understand why was that. Pay more to get the security compromised without realizing, so you don't see the issues and then pay more for the ecosystem. Irony makes that even the paid controllers that are laggy while the free software runs flawless from what others say.

 

I had a different opinion about TP-Link tbh, but @Clive_A showed their real face.

smiley Choices are always yours. We never cheat you into buying or force you. Good luck on finding the proper price tag and products for your environment.

I explained how it works and someone who knows the router well, understands what I am explaining. You can also go to many other forums to see how DPI and things like this CPU work. If you can get me an example on the same hardware specs but getting better overall performance, that would be more convincing than threatening me.

 

A coin has two sides. Designing a board stuff is not a one-person job. You are trying to ignore things from your narrow perspective on the hardware. It's a joint of hardware and software. What your response shows you lack experience with the hardware routers. It explains.

And the product we sell now is more of a router instead of providing full security like a firewall. There is a clear distinction between the router and a firewall in a network.

 

I am not here to lecture or argue, but to explain things. (I was a tech trainer for the tech support team.)

You don't have to @ me and expect my attention on explained stuff and nagging your opinions.

What I am doing is to improve the general public's ability in troubleshooting and understanding how routers work and answer questions from the community from various perspectives. This is how the community works.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#13
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
3 weeks ago - last edited 3 weeks ago

  @Clive_A 

It's called "reply" and the tags goes automatically so the others know who I'm replying to. And based on the replies I saw from you it's more gaslighting to protect the company's products. As in this case, because the product page advertises it as a security gateway, not as a simple router with few more firewall rules than a regular one. And you false advertised it by handling ~500 Mbps with IDS (information expanding to Reddit) and everyone dismantled it there. So I won't even argue with what you said in this latest reply because you'd lie further to your or your company's advantage. Also, here is your example on close enough CPU: https://www.reddit.com/r/sophos/comments/18k0wbd/comment/kdoots5/?utm_source=share&utm_medium=mweb3x&utm_name=mweb3xcss&utm_term=1&utm_content=share_button

  0  
  0  
#14
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
3 weeks ago
30 to 50 Mbps is 3.75 mb/s - 6.25 mb/s, so 30 Mbps wouldn't be enough to watch a 1080p video on YouTube. Anyway, who thinks 30 mb/s from 100 mb/s is enough for them can feel free to buy it. I will better go by virtualizing Sophos in this case and get away with 600 Mbps at worst for just an additional €100 on what I have as I don't think I have better options in my region without braking a bank.
  0  
  0  
#15
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
3 weeks ago

@ChrissNeo

ChrissNeo wrote

  @Clive_A 

It's called "reply" and the tags goes automatically so the others know who I'm replying to. And based on the replies I saw from you it's more gaslighting to protect the company's products. As in this case, because the product page advertises it as a security gateway, not as a simple router with few more firewall rules than a regular one. And you false advertised it by handling ~500 Mbps with IDS (information expanding to Reddit) and everyone dismantled it there. So I won't even argue with what you said in this latest reply because you'd lie further to your or your company's advantage.

Then what's wrong with it, 500Mbps? Why is it a false advertisement? The advertisement would use the highest speed we can test. Do you see a company advertise a thing with its lowest speed?

So, Intel calls its latest CPU cannot boost to X.X GHz instead it advertises its base frequency? It does not advertise its 16 P+E cores but advertises its 8 performance cores?

 

Always remember it is a router-firewall integration. It serves as a router with firewall, but not a high-security firewall like the server station or cloud computing like AWS. What do you expect it to be? High-security like a cloud compute server, which entirely blocks DDOS, for example?

 

7412-M2 IDS Specs - Business Community (tp-link.com)

 

More detailed result would be:

 

I don't have to argue. See how others respond to you.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#16
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
3 weeks ago

 @ChrissNeo 

It's absurd to read you compare virtualization to an ARM router. 

I also use the virtualized routers for testing purposes. If you really don't care about the power consumption and ease of the prebuilt router, I would really recommend you use a server from a brand like Dell or HP.

 

I tried a YouTube 8K. It asks for Connection Speed of 100,000 to 160,000 Kbps. Which is 100 to 160Mbps. NIC reports at around 50Mbps or so.

If you need a more powerful router, why not ER8411?

Every router got its orientation and advantages. Why force it?

It's like you gotta use a pro-consumer level 16-core CPU for a performance-heavy server while every other is using dual Threadripper or Xeon for the same purpose.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#17
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
2 weeks ago - last edited 2 weeks ago

I can only underwrite that entirely, back in the day 2020 I had a 100mbit connection and was able to was 8K at 60FPS, but that used exactly 100% of the connection, and 4K is like nothing until you watch 8 Videos at the same time..

In the end, since we also have TP Link at work, I just wrote from work an E-Mail to the German support, they forwarded it to the developer team.

 

But in the end, I'm personally very happy with TP-Link besides that one feature, like it is only DS-Shield would be fine for me at home.. ended up in disabling it since FritzBox'es also don't have it.. Also the router itself is totally fine, never had with any other previous router a ping of 1.78ms and such a high and stable download speed, if it is off.
Not sure what meany people mean by bad hardware/ worse support, I only made good experiences.. e.g. the Access Points I have [EAP772, EU] the best ones I ever had, so long range and so high speeds with the 6Ghz frenquency. I mean sure e.g. my PoE Switches ES205GP could at least display the static DHCP IPs I assign to the PoE devices in the controller, but also here at home I know them, at work we use bigger L2+ switches were it isn't a problem anyways.

Also I don't have any problem with Clive_A, he is always nice and friendly and I know since I work in IT a lot of people just say they are expert and know nothing, so if he is critical at first I don't see any problem at all.

   

 

  1  
  1  
#18
Options
Re:7412 worse IDS/ IPS performance (router is only using 2 CPU cores not all 4)
a week ago

I want to add my 2 cents to this discussion.

Switching from E7212PC now I use the ER7412-M2 for few weeks and play with IDS/IPS for few days.

My Internet connection is 600Mbps that I reach easily during test with no IDS/IPS.

With IDS/IPS on and set to High it is reduced to some 480Mbps with some other functions on.

Hence, from my perspective, the router performs close to the declared specs.

For home use with max 10 users it is perfectly OK.

  0  
  0  
#19
Options
12

Tags

Firewall
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.