The Bitdefender Box 2 – a month or so in
A couple of months back I was given a Bitdefender Box 2 to test. If you’re not familiar with it, the problem this device attempts to solve is this: You’ve got all of these IoT things sitting on your network, half of them will never receive a security update in their lifetime, most of them provide access into your network. One of these devices is going to be hacked at some point.
The Box 2 provides some real time scanning, vulnerability assessments on known IoT issues, protections from brute force attacks, and probably a bunch more features I haven’t even covered yet. That’s not what I’m writing about. You want a review before I write mine, Tom’s Guide has a decent one.
Paul’s life so far with the Bitdefender Box 2
Setup was easy. The Bitdefender Box 2 cloned my AT&T router settings and walked me through disabling the AT&T WiFi. I had a couple of IoT things that had to be manually reset but it seemed pretty easy to get a cloned WiFi network up and running. Seriously, two things had to be unplugged and plugged back in.
What wasn’t easy was getting my network setup ported to it. It doesn’t work in bridge mode that I could tell so this segregated my wired devices (also a few IoT things,) from my wireless. This became a bit of an issue as I use my computer with my Chromecasts and did not want to double-NAT my computer, which is what appeared to be required in order to have everything on the same shebang. I very much doubt this is an issue for most, however it became a bit of a pain for me. Especially with wired IoT things.
So I decided to just make the Bitdefender Box 2 its own IoT access point and move things over there. Things seemed fine at first, then I tried moving a crapton of data while on the Bitdefender Box 2 and noticed it was only running about 175mbit (I usually get 400+). I did several tests and while connected to WiFi I never got above 200mbit. I plugged in a laptop to the thing and got 400+ once again.
Right off the bat the Bitdefender Box 2 was significantly slower than my WiFi. I asked the people who sent it about it and they had me do some tests, but no.
Now, in general this is not a huge thing – most IoT devices are looking for a 2.4ghz wall-penetrating connection and a very low bandwidth. Even 4K video is generally only streaming at around 20 mbit from Netflix and Amazon. I may the special use case butterfly that walks in my house with 30 gigs of data that need offloaded, but that’s what I am – 22 minutes vs 11 minutes was a use case failure for me.
That’s me, I don’t assume the average household is going to require this.
Are you still there?
The next part about this device is it’s a large tube that really feels like it should be in the game Portal.
There is no way to mount this, it appears it’s 90%+ empty, so there’s a device almost the size of a two liter bottle with a glowing ring you now have sitting wherever you managed to find space for it. It really feels like it could have been about the size of a wallet with an antenna or something and marketing got a hold of it and said “nahhhh… visible antennas are so 2015.” Really, it’s mostly empty space.
While it’s not easily mountable, it’s pretty if you’re into white electronic products.
There is no way I can tell to turn off the light. This annoys me. I’ve got enough light pollution with all these blinking lights as it stands. The thing is working or it isn’t. Lemme turn the light off, or at least turn it red and slap some legs on this thing.
I get this message that threats against my protected devices were blocked. I’m pretty sure the wording should be “would have been blocked if they came in” as with how the thing is double NATted I don’t think there’s any chance something busted NAT 1, installed, and attempted to hit NAT 2. Could be wrong, but if it did I’d like to know what threat and what device.
Blocking odd behavior
I’ve SSHed, Telnetted from my phone, no alarms. I posted my social security number and a credit card out of my network. No alarms. I’m going to have to run through what this should block but I was under the impression that it would filter odd behavior out.
I asked if they had any issues calling their product the Box 2 while the Gavin Belson Signature Edition Box 3 was pretty much dominating HBO, but got no response. With hardware naming lead times, sometimes you’re too far out to see you’re going to be associated with a TV show.
There will be more…
I’m not done with the Bitdefender Box 2 review yet. I really just have not managed to prove the thing’s good or bad in anything except speed tests, which it’s considerably worse at that my ISP’s modem or my old Portal router. (yes, I tested locally as well)
There’s the smart assistant integration they just rolled out, some parental controls, I’ve got a friend who wants to take a whack at hacking a couple of devices in-network. We’ll see how things go and give a follow up review later on.
Currently the Bitdefender Box 2 comes in at $199 for the device, includes one year of security, after which I believe the subsequent years are $60 or so. There’s also a security+AV for your devices that travel out of network we’ll cover later.