Excellent, but Missing Advanced Features – Bitdefender Central Review

The Bitdefender Box 2 and this accompanying app make high-grade network security accessible to almost everyone with a quick and intuitive setup and easy-to-use dashboards. In a fashion not dissimilar to enterprise grade security, the Box detects new devices, scans them for vulnerabilities, and then performs anomaly detection on a given device’s traffic patterns to alert on anomalous traffic. Or at least it claims to. It doesn’t really offer any visibility into the behavioral patterns associated with a device -essentially no assurances of the claims it makes in this regard. This isn’t such a big deal (assuming it works as expected), it would just go a long way towards convincing me that the box is worth the money. Perhaps more importantly, I had previously built out my home network with protected and DMZ segmentations that required maintaining nested subnets and static routing tables. The Bitdefender Box 2 doesn’t support static routes, so I would have to NAT traffic on egress from my protected segment, which decreases the visibility and effectiveness of the box. To add on to this, VLAN support would be neat too. In addition to the lack of static route support, the vulnerability scans that are conducted on device discovery do not offer the ability to view the CVE details of the reported vulnerability and instead offer vague allusions to what the vulnerabilities are. Being able to view these details would be super useful for those of us that maintain a home lab. Along with increased visibility into alerts in general, it would also be neat to have the option to copy suspect URLs to clipboard for those of us who want to cross check it against a public security service such as Talos Intelligence. Lastly, I’d personally love to see support for WPA2-Enterprise as I rely on the mutual authentication that EAP-TLS offers with a RADIUS server to help prevent client connections to any potential rogue APs. I realize that this kind of feature is probably outside the scope of the target audience though. It can also be accomplished with a separate AP, but again the lack of static routing hurts security here by flattening the network. I’m sure that future iterations of the box could benefit from EAP-TLS by also including support for SSL decryption (which necessitates the need for a local CA anyway). The new guest network feature goes a long way towards helping security. Though, I’d love to know if this is isolating devices or not as that provides a pretty big boon to security for the surprising amount of guest devices I have on my network. Overall, I love this product and what it reaches to do for home security and, by extension, network security at large. The target market for this setup is very clearly aimed at inexperienced to moderately experienced users who are security minded and just want to protect their network without jumping through hoops and this product absolutely nails that, if only leaving those of us who work in the industry a little too hungry for more. Coming from somebody who does enterprise-grade network security for a living, I definitely recommend this product.
Review by mr twinkle on Bitdefender Central.