Why don't they put enough memory on a router so that can AV

[BirdDad]

It would be nice I think if we had antivirus on our routers. It could store the AV(and malware detector) on a flash disc(in case of power outage and be updateable by the admin. I imagine that it would simply cost too much and that is why no one is doing it.
What are your thoughts?

 

[VirtualLarry]

They make AV "appliances". Barracuda Networks, I believe, offers them, as do others.

The CPUs and hardware in consumer routers really still just don't have the raw horsepower to do that sort of thing (L7 inspection).

 

[heymrdj]

We had a Watchguard product that tried to do it. And I do mean tried. But it would blow the network up as it overloaded daily. According to bandwidth, it wasn't even close to its limit on its spec sheet. In reality though, packets per second killed it..

 

[IndyColtsFan]

If you're referring to home usage and have a machine capable of running virtual machines, Sophos has a free version of their UTM product for home use that is limited to 50 IP addresses accessing it internally. It has just about all the features of their commercial UTM product and does in-line AV, malware, etc. I've been running it as my internal firewall at home for months now and have been impressed.

With that being said, it isn't necessarily for the faint-of-heart -- it is harder to configure than standard commercial routers.

 

[RadiclDreamer]

Its mainly because people dont want a router that costs a few hundred to make and doesnt do any better of a job than a properly deployed AV infrastructure on a PC. The amount of cpu required is high to check a data stream for certain patterns and most people just want to pay $50 for a router.

 

[dave_the_nerd]

You could install Snort on a Raspberry Pi or something and stick it in between your router and the rest of your network. That's not anti-malware, technically, but it would probably catch a lot of stuff.