Network Security, Evolved
It’s easy to be lulled into a false sense of security when your home is safe, your body is healthy, and your car is running. When everything is breaking your way the ongoing expense of insurance (home, health, car etc.) can feel like a waste of money. But when things inevitably go sideways you will be glad to have it. Cybersecurity is not so different. You know online threats exist and bad things can and do happen, but their “virtual” nature makes them feel less tangible, and therefore less real and immediate. In other words, easy to ignore. Well, cybersecurity expert Bitdefender has a few things to say on the matter.
They started the home security hub market in 2015 with the BOX. It was an interesting and generally well-received device that gave birth to a new product category. But are such devices necessary? I kept asking myself: Why do I need a security hub when my router has a firewall? Turns out there’s good reason (several, actually) to have one.
Yes, every router has a firewall. Yes, it’s always “on”. But typical router security is passive, meaning it’s not actively monitoring the network and assessing the behavior of connected devices. What good is a firewall, or any security, if it can’t alert you to a problem? It’s the equivalent of a smoke detector with no alarm. Online threats are continually evolving yet home network security has until recently been stagnant. But things are changing for the better, and in a big way.
Enter, the BOX
The BOX is first and foremost a security hub which is how Bitdefender markets it even though it’s often referred to as a “router” elsewhere. Its router section is a secondary feature that can be disabled depending on the type of configuration you choose. That being said let’s get this out of the way up front: If all you want is a router and you don’t care about advanced security features there are plenty of better performing and less expensive options.
The original BOX was a small “puck”, similar in size to the older Apple TV or Roku with decent but not impressive hardware specs. Based on reviews it performed well as a security device but the router section lacked strength and speed and was generally underwhelming. Plus it had a miniscule 64 Mb of storage capacity.
Now in its second generation (released Dec. 2017) the new Bitdefender BOX has upped the ante both in terms of its award-winning security software and considerably more robust hardware. In short the BOX 2 has more of, well, everything.
Watch and Learn
One of the more useful features of the Bitdefender BOX is its ability to employ machine learning, or what Bitdfender calls Anomaly Detection. The BOX “learns” how each connected device behaves under normal operating conditions so any deviation, e.g. someone hacking a “smart” security camera — something which might otherwise go unnoticed — triggers a block. It will even protect you from inadvertently sending sensitive personal or financial information over an unencrypted connection. In short, the BOX goes far beyond the passive security of a typical router.
Finally, to tie it together all devices and alerts are centrally managed from Bitdefender Central (mobile app and Web-based) which might also be one of the more important and overlooked selling points. So with all of that in mind let’s get started.
The Other Players
As of this writing there are only a handful of similar products currently available that I’m aware of, but not all offer the same level or type of security features, nor do they all function as a router. Here are a few, though there will certainly be more.
I haven’t tried any of these so I can’t say how they compare to the BOX but here’s a feature comparison table for the BOX, Cujo, Norton Core and F-Secure from the Bitdefender website.
UnBOXing First Impressions
The BOX comes in a sturdy and very nice-looking, uh... box. I've bought some high-end stereo gear that wasn’t packaged this nicely so I was pleasantly surprised to see such consideration given to the packaging of a network device. It looks like something Apple would have designed.
The first thing you notice when you remove the BOX from its packaging is how light it is given its size. You would be forgiven for thinking it was empty but a look through the top grate reveals a single circuit board. Given its impressive feature-set I expected it to be stuffed to the gills with hardware. I admit I’m someone who (perhaps foolishly) equates solid and heavy with quality but make no mistake, the BOX is all business. The A9 processor runs slightly warm so I assume(?) the empty space is necessary for cooling in the absence of a fan and is not the byproduct of an aesthetic choice. In any case it’s dead quiet.
The BOX has a clean aesthetic as a 7.5" x 4" x 4" rounded triangle with three shiny cream-colored panels attached to a matte dark gray central structure. There’s a bright bluish-green “ring” status light that glows from behind the front panel, cooling perforations running down the triangle’s “points” and top and bottom plates, and three rubber feet. Though not small or discrete it is to my eye a reasonably attractive piece of kit, more so than the Norton Core’s geodesic design. I like having it in plain view but there are a couple things I might change. Keep in mind I’m nitpicking, none of them are deal-breakers.
I prefer it were smaller and/or shorter. At nearly 8" tall with a smallish footprint and featherlight weight I’ve found the weight of two ethernet cables hanging off the back — which probably weigh more than the BOX — can sometimes create a bit of instability if placed near the rear edge of a table, console etc. where the cable weight, if unsupported, can pull on it. For example, Cat7 cables are heavier and stiffer which doesn’t help the situation. The status light can be dimmed to 75%, 50%, 25% and 10%. It’s a nice touch but I would also like the option to turn it off completely and have it only turn on if/when an issue arises or for firmware updates.
The BOX includes a one-year subscription to the Bitdefender Total Security software suite. There are desktop and mobile apps for macOS, Windows, iOS and Android which complement and extend the BOX’s security features to provide virus and malware protection (and much more) on individual computers and mobile devices whether you’re at home or out in the world and no longer connected to the BOX network. Even better, the apps can be installed on an unlimited number of devices.
After the first year Total Security costs $99US per year. Strictly speaking you don’t need to buy the security software to use the BOX as a router only but it’s kind of pointless if you don’t. When you consider the quality of protection and the unlimited devices it covers the cost is extremely reasonable at ~$1.90/week.
The BOX maintains an encrypted connection to the Bitdefender servers which allows you to conveniently manage your connected devices via Bitdefender Central. Since the service requires the use of Bitdefender’s mobile app(s) or website to manage devices you might wonder how much access, if any, Bitdefender has to the devices connected to the BOX network. I contacted Support with that very question and here’s their response:
Bitdefender does not have access to the devices that you will connect to the BOX network. In fact, our department uses Team Viewer to remotely connect to customers in order to troubleshoot, therefore, we ask for consent and we have limited access. We do see in our database a list of the names of the devices in your network and if the BOX is active or not, the same information that is displayed on your end.
The only device that we can virtually access, is the Bitdefender BOX itself, but that is only in certain circumstances and under one form:
- We only connect to the BOX when troubleshooting is necessary and we ask for permission from the customer to gather the latest logs from the BOX itself.
- We can only access the Bitdefender BOX from our end with your consent, and the only visible information on our end regarding the BOX would be the logs, in form of text.
Configuration Options / Setup Requirements
Setup instructions and videos can be found on the Bitdefender website. Only the Central mobile apps can be used for the initial setup. There are 3 configuration options available depending on whether you use:
- The all-in-one modem/router provided by your ISP.
- Your personal modem and router (which is what I use).
- The BOX as a standalone router.
- Setup Requirements
- Broadband Internet Connection (Cable/DSL/UTP)
- Bitdefender Central Mobile App (iOS and Android)
- A mobile device with:
- 4G/3G data connection
- iOS 9 or higher
- Android 4.4 or higher
Once setup you can use the Central mobile app, or to a lesser extent the Web interface, to (partial list):
- Add new users
- Assign a specific device to a specific user
- View bandwidth usage by the hour
- View threats for the past 7 days
- Manage parental controls
- Manage detected threats per device (block/unblock)
- Manually run a Protection and/or Vulnerability scan on a device-by-device basis
- Edit the device name and icon
- Configure the parental controls
- Pause Internet on a device-by-device basis
- Port-forwarding for individual devices
The Bitdefender Central Web interface (above) was a little buggy for me initially but it’s working nicely now and offers basic management features, though the mobile apps provide more settings. The Web interface lacks any router configuration, and the mobile apps offer limited network options. The following settings are only available when using the BOX as a standalone router (except where noted *), otherwise they are disabled. Presumably your existing router would have all these settings and many more.
- Wi-Fi name and password
- LAN address
- WAN (DHCP, PPPoE, Static IP)
- Custom DNS servers
- Guest Network*
*The Guest Network feature was added September 2018 and is (most likely) intended for when the BOX is used as a standalone router. Surprisingly however it can also be enabled when using the BOX with your own router acting as the “primary”. Normally in such a configuration the BOX’s Wi-Fi is disabled by default since the primary is running the [router] show, but enabling the Guest option seems to override this behavior.
When using your own router keep in mind it must be physically connected to the BOX. If you also enable the BOX’s Guest Network there will be two different routers in (most likely) very close proximity, each broadcasting a signal. Not an ideal scenario.
My suggestion: If your primary router supports a Guest Network in AP/bridge mode (most do) then it’s preferable to configure it there and leave the BOX’s Guest option disabled unless you absolutely need it.
Protection and Vulnerability Scanning
A notification will appear in Bitdefender Central to let you know when a new device has connected and the result of the scan, good or bad. In the case of a problem the alert will contain a very brief description of the threat or vulnerability. Whether it’s something you can resolve from your end will depend on the type of problem detected. For example, a weak username/password is easily fixed but a software defect in a connected device is not (see below).
Threats are blocked by default though you can always override it with an “Allow” option. Devices can also be blocked and sites and urls whitelisted. My question is: How do you know when it’s safe to “Allow” a detected threat or device? That’s where the BOX alerts come into play.
The alert contains a brief explanation of the threat and how it could potentially affect your device and network so you can make a reasonably informed decision as to how to proceed. Depending on the type of threat the alert details may vary somewhat with regard to their usefulness. I've found some to be wonderfully detailed while others are a bit vague, but nevertheless still informative.
Different types and levels of manual protection and vulnerability scans can be performed on a device-by-device basis at any time. Again, depending on the type of device (computer, mobile, or non-computer/IoT) there will be different available options. Not surprisingly computers and mobile devices have the most thorough scanning options (below):
- Network Vulnerability Scan
- Quick Scan
- System Scan.
Below are two examples of actual threats the BOX caught on my personal devices.
Denial of Service: Canon
When I connected a Canon printer I was immediately alerted to a very serious Denial of Service (DoS) vulnerability in the Canon software but was assured the printer was protected while on the BOX network. Although the BOX can’t fix software issues in other products I contacted Canon support and provided a screenshot of the alert in the hope they might take action to resolve it (they haven’t). Below is a screenshot from my Bitdefender Central account Web interface.
“Dangerous URL” Blocked: Netflix
Below are screenshots from my Bitdefender Central account (Web interface). The culprit? It seems the “Dangerous URL” belongs to the Netflix channel on my Roku 2 which I had to suss out on my own since the BOX appears unable to resolve an IP to a domain name.
It’s good to know the BOX can monitor what individual Roku channels are doing, and is another example of a problem I would have never known about were it not for the BOX. I have for the time being chosen to keep the block in place.
Main Notifications list (left); details of Roku notification (right):
A Note About ‘Nest’
I have several Nest Protect smoke and CO alarms installed. By design they only connect to the home network once per day for a few seconds as part of their diagnostic tests, otherwise Nest uses its own proprietary wireless protocol to communicate with other Nest devices. Although the alarms appear in my Central account their status is “Disconnected” despite being “on” and operating normally. I was confused by this so I contacted Bitdefender support.
Bitdefender remotely ran a diagnostic test on my BOX (with my permission) and confirmed it can only detect the Nest during the very brief daily alarm tests. It seems Nest is able to “hide” its network footprint most of the time, even from the BOX. The alarms are still protected by the built-in Nest security (though I have no idea how good it is) and also checked for vulnerabilities by the BOX, albeit only once per day instead of 24/7 monitoring which is clearly less than ideal. Bitdefender has informed me that they will order a Nest Protect to test in-house so I will update this section if and/or when necessary.
Clearly Bitdefender is on their game as they consistently score very well according to the AV-Test Institute. But threats can pop-up with little warning so it’s unrealistic to think a cybersecurity device will be 100% secure against 100% of threats 100% of the time. Perhaps what matters most is how quickly and effectively Bitdefender can identify and respond to new threats. I’m happy to say virus definition updates are a multiple-times-per-day occurrence on my laptop, and the Central mobile apps also receive regular, if less frequent updates. Even the BOX receives firmware updates every few months. Still, it requires from the customer a degree of trust (or perhaps faith) that Bitdefender knows what they’re doing.
Virtual Private Network
On April 18, 2018 Bitdefender added an optional VPN service to their Total Security subscription (included with the BOX) that is powered by Hotspot Shield. The free plan allows up to 200 Mb per day or you can pay $40/yr. for unlimited data.
Considering that privacy, security and trust is at the core of all these services I find it curious Bitdefender chose to partner with a company who in 2017 was accused of violating its own privacy policies by the Center for Democracy & Technology (CDT), a nonprofit advocacy group for consumer privacy rights. At best the optics don’t look great, especially when there are dozens of VPN services Bitdefender could have chosen. However, in fairness to Hotspot Shield — aside from the privacy issues — the service does routinely score pretty high overall. Whether that’s enough to compensate for the negatives is for you to decide. While I applaud the addition of a VPN I question the choice of provider which is why I will stay with my current VPN.
Internet of Things (IoT)
So what exactly is an IoT (Internet of Things) device? Or as Infosec (Information Security) professionals would probably call it, the Internet of Shit. That definition aside, it’s a parent term referring to any type of non-computer home appliance that communicates wirelessly to the Internet or other devices via a network. They are also commonly referred to as “smart” devices. A few examples include:
- Lightbulb; doorbell
- Smoke/CO2 alarm; thermostat
- Appliances (washer/dryer, refrigerator, oven, toaster etc.)
- Security camera
- Lifestyle hub (Apple HomePod, Amazon Echo, Google Home etc.)
- Child and adult toys
The type and number of IoT devices is enormous and growing everyday. What’s also growing are security concerns which is why it’s important to consider these devices into your broader network security strategy. Fortunately a big selling point of the BOX lies in its ability to secure IoT devices against external attacks.
However, (IoT) privacy is trickier to protect because simply by using these devices you are effectively giving the manufacturer the ability to collect your personal data. Your control over its collection and use can vary greatly but ultimately you are at the mercy of the manufacturer, and that, unfortunately, is not something the BOX (or any security hub) can protect against. As it stands these devices already exist in millions of homes across the planet with no sign of slowing down as society moves inexorably towards “smart” homes and cities. According to research firm International Data Corp the IoT market will be “surpassing the $1 trillion mark in 2020 and reaching $1.1 trillion in 2021”.
Then there’s this pearl:
IoT hardware will be the largest technology category in 2018 with $239 billion going largely toward modules and sensors along with some spending on infrastructure and security.
Did you catch that?
Some spending on security. Pretty much sums up the problem, huh?
IoT: An Inconvenient Truth
A lot of IoT devices are little more than novelty gadgets while others are practical (e.g., smoke/CO detectors). But they all suffer from the same fatal flaw to one degree or another: They have very little or no security features, nor can security software be installed on an IoT device like it can on a computer so you’re at the mercy of whatever built-in safeguards the manufacture includes, if any.
What’s more, since IoT devices are controlled with software, usually a mobile app, not only is the hardware (device) vulnerable to attack, so is the management software. Even if it were possible to install IoT security software on a device-by-device basis (which it’s not) who would do it? Who would want to? It would quickly become a management nightmare. Most people barely think of their computer’s security as it is, who would think about or bother with a “smart” toy or toaster?
According to some estimates at least 70% of IoT devices have critical vulnerabilities. Even if that number seems high it’s fair to say that as a category they are sorely, even dangerously lacking in safeguards. They present gaping holes through which someone could, with minimal effort, gain access to your entire network and every connected device. It’s like locking the doors of your home but leaving the windows wide open.
The question is, how secure is secure enough for an IoT device? There are practical considerations like cost and feasibility, and without an established standard it’s unrealistic to expect every manufacturer to view IoT security in the same light, much less invest the necessary resources. The reality is IoT devices are and will continue to be a network’s Achilles’ heel. And that’s not including privacy concerns with regard to the data the manufacturer is collecting about you through your use of their product. When we use an IoT device we are paying a dear price for the I-can’t-live-without-it convenience which we have somehow convinced ourselves to be true.
As mentioned the BOX is equipped with a router so let’s take a closer look at its specs and performance.
- Dual Core Cortex A9 @1.2 Ghz
- 1 GB of DDR3 memory
- 4 GB internal storage
- Concurrent Dual band Wireless 2.4 Ghz & 5 Ghz
- MU-MIMO 3x3 antenna configuration
- IEEE 802.11a/b/g/n/ac
- Wave-2 @ AC1900
- 1 x WAN port - 10/100/1000BASE-T Ethernet
- 1 x LAN port - 10/100/1000BASE-T Ethernet
Around back is the A/C jack, reset button and two ethernet ports. Sorry, no USB. The lack of multiple LAN ports will be a problem for some but it doesn’t have to be. High-quality plug-n-play network switches like the TP-Link 8-Port Gigabit Desktop Switch TL-SG1008D can be found for ~$20 and less. Quite frankly switches are an (almost) obligatory device for any network, so just get one and don’t worry about the lack of ports.
Based on the marketing material it seems Bitdefender prefer the BOX be integrated into an existing network rather than used as a standalone router which begs the question: Why include a modest but capable router then downplay that feature?
My guess is that it (most likely) has less to do with the hardware and more to do with the limited configuration options. Of course this has absolutely no bearing on its usefulness as a security device, but I can see how it could limit its appeal for those who expect such things. I would hope this is something Bitdefender could flesh out at some point via a firmware update.
My (non-BOX) Network
To improve speed, stability and security I recently switched from an all wireless network to a pseudo wired one. Nearly all of my devices (desktop computers and peripherals) are now wired to the network via a switch and/or powerline adapter. Wireless usage (laptop, phone and tablet) is usually within 10 ft. of an access point so signal strength is not an issue. My network kit includes:
- Two (2) Ignition Design Labs Portal routers operating as a mesh.
- Six (6) TP-Link AV2000 Powerline Adapters.
- Three (3) TP-Link Network Smart Switches.
- ARRIS Surfboard modem.
- Category 7 ethernet throughout.
BOX Configuration Options
As mentioned above there are three configuration options depending on whether you’re using:
- An ISP provided modem/router. *The BOX’s Wi-Fi will be disabled.
- Your personal modem/router. *The BOX’s Wi-Fi will be disabled.
- The BOX as a standalone router. *The BOX will broadcast its Wi-Fi.
The BOX and a Personal Router
First I used the BOX alongside my personal router (Ignition Design Labs Portal) which requires setting it in AP/Bridge mode. Frustratingly I had to run through the setup a few times, resetting the BOX after each attempt before I finally figured out what I was doing wrong.
The setup process requires the plugging, unplugging and reshuffling of modem, router and BOX cables along with changing networks. None of it is difficult but it’s very easy to get ahead of yourself and move on to the next step before the router and/or modem has had sufficient time to reestablish a connection to the network.
1) After unplugging/plugging the BOX or modem always ensure they have (re)connected to the network before proceeding to the next step.
2) When you reach the step where you need to place the router in AP/Bridge mode it's quicker and easier (but not necessary) to use a different device (laptop or mobile) to access the router settings.
This was my problem. After disconnecting/reconnecting cables I wasn’t waiting long enough for the network to become available so of course when I moved to the next step the setup failed. Once I realized my mistake the setup worked perfectly.
As a Standalone Router
I took the opportunity to try the BOX on its own, the setup for which is so simple even I got it right on the first attempt. It’s worth noting that by necessity the BOX was installed in a less-than-optimal corner near a bank of windows (reflections) and a lot of electronics (interference) so I was impressed to find the BOX pumps out a better-than-expected signal, both in strength and coverage (see results below). Just to be sure it wasn’t a fluke I streamed two simultaneous 4K movies to two devices on different floors over Wi-Fi only and I’m happy to say it was free of buffering or any other issues.
As a “Filler”
You won’t find this configuration in the docs but it’s a variation of the standalone option (above) that I stumbled upon. After disconnecting the Portal routers I configured the BOX as a standalone (primary) router using the same name and password as my current network. Then I reconnected the routers, placed them in bridge mode, and moved them to other rooms on different floors, far away from the BOX.
The good: I got the added benefit of the BOX’s Wi-Fi signal on the first floor while also gaining better coverage in the troublesome dead-spots on the second floor and attic thanks to the Portal routers operating as a mesh which were also protected by the BOX. The bad: The BOX operated independently of the Portal mesh so even though they were all configured to use the same network they weren’t of “one mind”, so to speak. In short it seemed awkward and ugly. So while it worked it’s not a configuration I wanted to use.
Each setup process is nicely illustrated via screenshots, video and within the Central app, and should be relatively easy to follow for non-techies. However, I found the process not as plug-n-play as I had hoped. There isn’t much in the way of troubleshooting tips should you run into problems but Bitdefender offers free and friendly phone, live chat and email support should you get stuck.
Speed... (Not The Movie) And Strength
A total of 24 wireless speed and 24 signal strength measurements were taken at the same six locations on each floor (6 measurements x 4 floors x 1 router) with results averaged by floor and type, respectively. All measurements are specific to the BOX functioning as a standalone router, i.e., the Portal routers were completely disconnected. I also use a VPN which I disabled for testing.
About the Structure
The house is a century old and overbuilt with two stories, a full attic and basement, solid plaster walls, and a lot of signal-absorbing obstacles. In short, a challenge for 5 Ghz.
Wired measurements taken with Speedtest on a MacBook Pro connected to the BOX’s LAN port with a 7' Cat. 7 ethernet cable.
I easily exceeded 60 Mbps with the BOX on a wired connection. Speeds in the mid 70s were not uncommon with a high of 110 Mbps.
Wireless measurements taken with Speedtest on a MacBook Pro using the 5 Ghz band only. I was not able to get the MBP to connect on 2.4 Ghz.
- First Floor
- 61 Mbps
- Second Floor
- 52 Mbps
- 57 Mbps
- 41 Mbps
After reinstalling the Portal routers into the BOX network there has been no noticeable or measurable change in speed. Bitdefender claims the BOX should have very little or no impact on speed and based on my tests and daily usage this seems to be an accurate claim.
Signal Quality and Strength
Signal and strength measurements taken with WiFi Explorer which defines Quality as: Excellent, Good, Poor, Very Poor and Strength as a percentage (higher is better).
- First Floor
- 2.4 Ghz: Excellent; 93%
- 5 Ghz: Excellent; 82%
- Second Floor
- 2.4 Ghz: Good; 73%
- 5 Ghz: Poor; 54%
- 2.4 Ghz: Good; 76%
- 5 Ghz: Good; 71%
- 2.4 Ghz: Good; 83%
- 5 Ghz: Good; 69%
Quality and Strength Summary
Not surprisingly the 2.4 Ghz band had great range across the house, easily penetrating all obstacles. However, on the second floor 5 Ghz is less impressive which isn’t surprising considering it’s a perfect storm of obstructions, corners and dead-spots, yet the attic 5 Ghz is considerably better. Considering the structural hurdles overall performance, while not stellar, is better than expected.
Should you use the BOX as a standalone router? As a simple plug-n-play router it performed surprisingly well in my multi-level signal-absorbing home, even with multiple 4K streaming. For the average user with a smallish space to fill it should work quite nicely. Just don’t expect many configuration options. Then again, that (relative) simplicity might be a selling point for the non-technical person.
To BOX or Not
So-called “smart” technology is the future, for better (convenience) and worse (privacy and security). The static (dumb) firewall is no longer enough now that every connected device in our home makes for a target-rich environment. Still, it’s easy to dismiss products like the BOX as the domain of obsessive and paranoid “security types”.
Odds are most of us will never have an IoT device targeted by a hacker despite the apparent ease with which it could be done. The probability of a child’s smart toy, lightbulb, or security camera etc. being used to invade our home is statistically slim in my opinion. Yet it happens to someone every-single-day.
In an age where society is always online it’s fair to say most of us are guilty of the occasional lapse of online judgement, having visited a sketchy website, clicked a questionable email link, or downloaded an infected file. All of which makes computers and mobile devices more likely entry points for threats to the average person than someone hacking a smart refrigerator. Such is the reality of a “connected” life. So why risk it?
Perhaps the most important and overlooked feature is the deep integration and convenience of Bitdefender Central which makes device management easy for anyone. On the downside I suspect some may find the alerts a bit cryptic but that’s more a nit-pick than a deal-breaker. The Central app is quite simply the glue that holds everything together and is probably the one to beat in terms of usability and features.
Security and The Elephant in the Room (Part Deux)
As a security hub the BOX has what I consider the most comprehensive feature-set among the current crop (so far). Make no mistake, the BOX is a formidable, all-encompassing security package. I’m not a fan of subscription software but in this case I have no problem with the $99/yr. Total Security fee which is very reasonable for what’s offered.
If like most people your router uses a (dumb) static firewall then the BOX is easy to justify as it handily outperforms such security. No question. But if you already own or plan to upgrade to one of the newer security-centric “smart” routers then the path is less clear as there will inevitably be some overlap of features and functionality. Though it’s important to remember that not all security software is created equal and Bitdefender consistently ranks very (very) high on the list of cybersecurity companies. Not to mention those smart routers (probably) don’t offer desktop and mobile apps to protect you when away from your network, or the management capabilities of the Central app, all of which is a huge negative in my book.
The BOX as a Router
As I stated at the beginning, when viewed strictly in terms of router features and performance (not security) there are better options for less money. That’s not to say the BOX performs poorly as a router, it doesn’t. Quite the opposite. It performed well in both speed and coverage and should work nicely for those with modest needs and a small to medium space to fill that just want a set-and-forget router.
But I suspect most people will use their existing router to handle networking duties thus making the BOX’s router redundant. Fortunately Bitdefender has provided a way to disable it during the initial setup so as to not get in the way. As such perhaps it’s unfair to focus too heavily on the lack of router settings. But therein lies the rub.
I don’t know why Bitdefender included a wireless router, other than marketing (i.e., increasing the BOX’s perceived value) but they did, so it seems reasonable to expect more than a handful of settings. It’s as though a piece of the puzzle is missing. Are advanced router settings necessary on a security hub? Probably not. But neither is a router, and having one without the other seems fundamentally... wrong.
The BOX checks a lot of, uh... boxes. Bitdefender provides what is arguably some of the most effective and comprehensive cybersecurity software currently available for consumers. Period. That is the BOX’s greatest strength.
I would prefer Bitdefender drop the router. I might be mistaken but I just don’t think the typical BOX customer needs or wants it. They’re presumably buying it for the security features, not the router. Plus it might drop the price too. But that’s me, I’m sure some will find the router a nice perk while others might expect no less considering the steep $200 asking price.
No, the BOX is not inexpensive and yes, there is the ongoing expense of the $99/yr. subscription. But like anything its value is subjective and depends on your needs and priorities. For myself, as I slowly add more security compromised IoT devices to my network the added peace of mind is worth the expense. No question about it.