Bitdefender Box review: Trying hard to be antivirus for the Internet of Things

You could also call it whole-home anti-malware, but I wouldn't call it ready for widespread deployment.

You probably have antivirus and anti-malware software protecting your Mac or PC. And you probably curse every time you're prompted to download and install the latest updates, or are reminded to scan your hard drive--especially if you have more than one computer on your network. What about your household's smartphones and tablets? Have you installed similar protection on them? What's protecting your home-security cameras from online attack? Your smart TV? Your connected thermostat?

My smart home has more than 40 devices connected to the Internet: Multiple computers, tablets, and smartphones; 10 IP security cameras; a control panel for my Vivint home-security and automation system; a satellite TV tuner with a DVR; a Roku video-streaming box; four Sonos nodes; and more. Bitdefender tells me its Box can protect all of them, and with enough confidence that I can run my PCs, tablets, and smartphones without local antivirus or anti-malware. All I need besides Box is a lightweight agent on those devices (Windows, Mac OS, Android, and iOS are all supported).

I installed Box about two weeks ago, while the device was available only to customers who pre-ordered it. It goes on sale today to anyone who wants to buy one. While I have no complaints about its ability to protect my devices, the experience hasn't been anywhere near as trouble free as I would expect a tech product ostensibly designed for non-techies to be.

Good idea

The concept of Box is very smart. It's similar to a hardware firewall in that it prevents unauthorized access to your home network without inhibiting outbound traffic to the Internet, but it also provides antivirus and anti-malware protection via the cloud for every device on your network.

Install the Box agent on your laptops, smartphones and tablets, and they will be protected even when they're out in the wild connecting to the most dubious of Wi-Fi hotspots, according to Bitdefender.

Troubled execution

My own rather complicated network setup was one Bitdefender didn't account for. I'll spare you the gory details, but I quickly realized all I needed to do was set up Box the same way I did my Wi-Fi router. Box can operate as a stand-alone 802.11n Wi-Fi router, too, but I wouldn't recommend using it that way.

The bigger problem is that Box just isn't a very good DHCP server. For starters, it won't allow you to reserve IP addresses for the devices on your network. Reaching a device from outside your network is a lot easier when you know its internal IP address, and a lot harder if you can't predict what its IP address will be if a power interruption--be it from a power outage or unplugging the device (or Box) to move or reset it--causes the DHCP server to rebuild its routing table from scratch.

The other problem I encountered was getting Box's DHCP server to reliably assign internal IP addresses in the first place. Bitdefender's tech support says the problem I encountered was due to the client devices not requesting new IP addresses, but I repeatedly encountered issues where I lost access to cameras, Wi-Fi access points, and what have you after doing something as simple as unplugging Box. They worked, and then they didn't.

Bitdefender says they're not marketing this device to network enthusiasts, but I pity their poor tech-support people helping network neophytes figure out why their networks are suddenly not working as expected.

Over-reliance on apps

The only means of interacting with Box is to install an app on your smartphone or tablet. The agent you install on Mac or PC clients has no user interface, and there is no web app or portal available (and Bitdefender says building one isn't on its immediate roadmap).

I installed the Android app on my HTC One M7 and the iOS app on an iPad. Using the Android app bugged me because my phone's display kept timing out, and the iOS version drove me crazy for a whole other reason: I use my iPad in landscape mode because it's in a keyboard dock, but the app can't rotate out of portrait mode.

When you install it, Box will scan your network and attempt to identify all the devices connected to it; unfortunately, it's pretty lousy at this task, too. It labeled the vast majority of the clients on my network as "New device," with no other information at all.

Within the app, everything gets assigned to one of two categories: Family or Guest. You can assign an Internet speed--low, normal, or high--to each device no matter which category it's in. So you might assign a Roku box high speed to ensure you have a great streaming experience, while something like a NAS box that's primarily used only your local network gets shunted down to low speed. But it's hard to decide what's appropriate if you don't know what the device is in the first place.

If you're willing to blindly assign a device to the Family category, the app will at least display that device's MAC address (that's an unchanging alpha-numeric identifier unique to that piece of gear). So if you've documented the MAC addresses for all your network clients (that's been on my personal to-do list for years now), you should be able to figure out exactly what it is and what its Internet speed should be. At that point, you can assign it a more meaningful name, too.

Back on the negative side, the app relentlessly floods you with alarms about supposedly dangerous attacks that it's prevented. The tone of the messages is guaranteed to scare the pants off less-experienced users. In the two weeks I used Box, I received almost 70 messages that read: "Dangerous website: This website was blocked to prevent a malware from reaching your device. Malware can cause your device to slow down or it can steal your private information." Those were all in relation to my company-issued laptop, so rest assured I don't routinely visit unsavory websites on that machine.

It's not all bad, but it's not worth buying--yet

On the bright side, the app enables you to perform limited management functions on the PCs where the Box agent installed. The app will exam your passwords and let you know if they're weak, strong, or missing; it will let you know when OS updates are available; and it will notify you when the machine is vulnerable due to outdated software such as Java, Flash, and Adobe Reader. That's smart. So is the ability to remotely clean up the computer's hard drive, removing clutter from temporary files and such.

Enable Box local protection and you can uninstall any other antivirus or anti-malware software you've been running, freeing up resources for other programs. It will also protect you from malicious software that might be present on USB sticks, external hard drives, or other storage media that you plug in. Local protection is available for Windows, Mac OS, and Android devices.

Price of admission: $199 for Box, plus $99 for an annual subscription (after the first year). If you're paying for antivirus and antimalware software now, that's pretty reasonable for protecting an unlimited number of devices. But if you need protection only for computers, there are plenty of free and equally effective alternatives available.

I like what Bitdefender is trying to do with Box, but I'll be disentangling it from my home network until the company irons out more of the kinks. I will revisit it in a few months to see how much progress they've made, and I'll update this review at that time.

Join the CSO newsletter!

Error: Please check your email address.

Tags home securitySonosNetworkingVivintsecurityInternet of ThingsRokuanti-malwareinternetantivirus

More about HTCNASRokuSonos

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Brown

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place