Bitdefender Box (2018) Review: Flexible Protection

Bitdefender's second-generation Box can protect all the devices on a home network and, if needs be, provide them with Wi-Fi connections. It's easy to set up and leads even dedicated wireless routers in Wi-Fi throughput at longer distances.

Yet the small tower's main job is not to provide Wi-Fi connections, but to work with an existing stand-alone router. The Box works behind the scenes to monitor internet traffic, inspect all data entering your network, prevent sensitive information from leaving your devices and stop brute-force attacks on your passwords.

Credit: BitdefenderCredit: BitdefenderThere is a small trade-off, though: The Box slowed down our network performance slightly when used with an existing high-end router. But if you have a house full of smart home devices, the Box will add protection where there is none. The second-generation Bitdefender Box is a vast improvement over the first-generation Box and, at $250, is a true networking value — no matter how you want to use it.

How It Works

The Box can work with your existing stand-alone Wi-Fi router, with an ISP-supplied "gateway" or as a Wi-Fi router on its own. The first configuration is the preferred one: If you bought your current Wi-Fi router from a store, Bitdefender recommends that you keep the router and plug the Box into it. We'll explain further in the Installation and Support section.

However, if you're currently using an ISP-supplied gateway device — a combination modem-and-Wi-Fi router — then you'll have to set the gateway to act as only a modem, and the Box will become the router.

The third option is to just replace your existing wireless router with the Box, in which case you would set it up like any other router. However, Bitdefender admits that the Box can't compete with high-end stand-alone routers, and the company isn't marketing the device as one.

Costs and What's Covered

The Box costs $249.99, and its annual $99 subscription fee is waived for the first year. The fee includes Bitdefender Total Security antivirus software for an unlimited number of PCs, Macs, smartphones and tablets. (By itself, the software is worth $120 per year.)

The Box competes with the $250 Norton Core and the $200 F-Secure Sense, two other combination security appliances/Wi-Fi routers from well-known antivirus companies. Like the Box, the Core and the Sense both include antivirus software for client devices.

Credit: BitdefenderCredit: BitdefenderBut while Norton and F-Secure want to outright replace your existing Wi-Fi router with their devices, Bitdefender would prefer that you keep your router (provided that it's a good one, and not one supplied by your ISP) and add the Box as a network bodyguard.

The Box also goes head-to-head with the $200 BullGuard Dojo and the $250 Cujo, two network security appliances that don't have Wi-Fi capabilities and don't come with antivirus software. We're in the process of testing those products.

In an upcoming update to its Total Security antivirus software, Bitdefender plans to add a virtual private network (VPN) client and service that will include 200 MB of data per day for free. As Total Security subscribers, Box owners will receive this as well. You'll have to pay for unlimited VPN data. The client software will work on PCs, Macs, and Android and iOS devices, and the service will have servers in 25 countries.


Wi-Fi Spec: AC1900
Ports: 1 WAN/1 LAN gigabit per second
Number of Antennas/Removable: 6/No

Processor/Memory/Storage: Dual-core 1.2GHz/1GB/4GB
Wi-Fi chip:
MediaTek MT7615
Peak 802.11ac performance: 488.5 Mbps (at 15 feet)
90 feet

Size: 7.0 x 4.5 x 4.5 inches


The second-generation Bitdefender Box is a black-and-white tower with a roughly triangular cross section. It's not as impressive-looking as the gray geodesic dome of the Norton Core, but at 7.0 x 4.5 x 4.5 inches, the Box is attractive enough to be placed anywhere in your home. It fits on a bookshelf (and can be a bookend), but it has no provision for wall mounting.

If anomalous behavior is detected, the Box shuts down traffic, and it can keep personal information (such as Social Security and credit card numbers) from leaving the network.

Look down into the Box's circular top grille, and you'll see that most of the interior is empty space, which helps with cooling. There's no fan, but the Box never got more than merely warm while we used it.

Credit: BitdefenderCredit: BitdefenderAlong its back, the new Box has just a pair of input and output Ethernet ports. (The Core, designed to be a router, has four downstream Ethernet ports and a pair of USB connectors.) The Box has a proprietary power port and a recessed reset button, and comes with an AC adapter and a Category 6 Ethernet jumper cable.

The new Box has an LED ring up front that can telegraph the network's status, but that pales next to the F-Secure Sense's display, which doubles as a clock. When the Box's light ring is greenish-blue, everything is OK, but that turns red if the Box loses contact with Bitdefender's servers.

Security Features and Parental Controls

The second-generation Box combines the functions of a midrange Wi-Fi router with those of a network security appliance. It's a big step up from the first-generation Box, which didn't do much besides block connections to known malicious URLs. The new Box is the home equivalent of a heavy-duty enterprise security device.

Most smart home devices can't protect themselves with antivirus software or automatic security patches. The Box's network security features shield such devices from attack.

The new Box adds anomaly detection, as well as protections against brute-force password guessing and the theft of sensitive personal data. It also acts as a firewall to protect every device on a home network. Its advanced exploit protection can protect against attacks like SQL injection, path traversal and local file inclusion.

If it detects anomalous behavior, the Box shuts down traffic, and its data-exfiltration detector can keep personal information (such as Social Security, credit card and bank account numbers) from leaving the network. When a new device enters the network, the Box alerts you.

The Box can also conduct a network-wide device-vulnerability assessment. All Box firmware updates are encrypted and signed by Bitdefender to prevent malicious updates from loading.

These functions matter because most smart home devices can't protect themselves with antivirus software or automatic security patches. The Box's network security features are designed to shield such devices from attack by preventing them from linking to known malicious sites, blocking malware from entering the network and stopping theft of sensitive data.

Parents can use the Box's parental controls to set online time limits for children, or for spouses for that matter. It can also filter sites by age, or "pause" the internet for all users. The included Total Security software adds the ability to lock out key topics, such as gaming or weapons, and also add your own.

The included Bitdefender Total Security software is one of our best-reviewed antivirus products, with a full suite of extra tools, including a password manager, a secure browser and file encryption. In the past six rounds of bimonthly antivirus tests on Windows 7 and Windows 10 conducted by independent German lab AV-TEST, Bitdefender antivirus software performed excellently, scoring faultless 100 percent results across the board and catching every piece of malware.

Screenshot: Brian NadelScreenshot: Brian Nadel

Security Protection Performance

The Box is a new type of home networking device, and we had to come up with new ways to test its performance. But we're happy to report that it seems to do a pretty good job of protecting all the devices on a home wireless network.

First, we tried to connect to the top 10 dangerous sites on the Malware Domain List ( using the Safari browser on an Apple MacBook Air that had no antivirus software installed. (We made sure Fraudulent Site Protection was turned off in Safari's settings.)

Before the Box was added to the existing Wi-Fi network (supplied by a Linksys WRT1900ACS router), only five of the top 10 dangerous sites were blocked in the browser. After we added the Box, all of the malicious sites were blocked.

We had similarly good results with the EICAR test file, which is a piece of fake malware designed to test antivirus protections. Without the Box installed, our MacBook Air downloaded the file, and we were able to open it. With the Box, the file was blocked.

Can the Box really stop data from leaving a device? Our tests indicated it could.

We created a dummy text file on the MacBook Air's desktop containing personally identifiable information: Social Security numbers, telephone numbers, valid credit card account numbers and a date of birth. We then accessed the MacBook Air remotely from a Microsoft Surface 3 using TeamViewer remote desktop software.

Without the Box on the network, we were able to copy and paste each piece of sensitive information to another text file on the Surface 3. After we added the Box, we could copy only the first credit card number. The rest of the data was blocked.

The Box's password-protection feature also worked well. To test that, we created a password-locked LibreOffice document on the Mac's desktop and then remotely accessed the Mac from the Surface 3 using TeamViewer.

Without the Box on the network, we were able to make unlimited random ("brute-force") guesses of the Mac document's password. (We stopped after 10 tries.)

But after we added the Box to the network, we couldn't brute-force the password at all. We could still open the document with the correct password remotely from the Surface 3. That's the way it's supposed to be.

Networking Performance (When Paired with a Router)

We first tested the Box's network performance in what Bitdefender considers the optimal configuration: as the third wheel in a typical router-modem pairing, with the Box in "bridge" mode between the two. The Box takes over the local device addressing, but the router handles the rest of its functions as before.

In our case, we used the Box with the aforementioned Linksys WRT1900ACS router and an Arris TM822 cable modem provisioned by Altice, formerly known as Cablevision.

In that configuration, the Box slowed things down on our network just a bit. Before the installation, the network had an average latency of 13 milliseconds, a download speed of 158.7 Mbps and an upload speed of 36.3 Mbps, as measured three times using Speedtest on an iPad Pro tablet.

With the Box set up, only the latency — the time it takes to initially connect to a website — got noticeably worse. The latency increased by about 25 percent, to 16.3 milliseconds, while the average download speed decreased by 6 percent, to 149.5 Mbps. The upload speed actually went up slightly, to 36.6 Mbps.

Networking Performance As a Router

Bitdefender doesn't market the second-generation Box as a high-performance router, but the device nevertheless proved very capable of delivering a strong Wi-Fi signal at long distances.

The Box's throughput at 5 feet was an unimpressive 470.0 Mbps, putting it behind the F-Secure Sense (at 514.8 Mbps) and the Norton Core (at 672.2 Mbps) in the security router category.

At 15 feet, the Box pushed out 488.8 Mbps of peak throughput, which is still well behind the Core's 601.4 Mbps. But readings at 50 and 100 feet showed the Box catching up, with 474.6 Mbps and 455.3 Mbps, respectively, versus the Core's 601.43 Mbps and 483.8 Mbps.

At our final data point, 150 feet, the Box had an average throughput of 402.5 Mbps, ahead of the Core's 384.1 Mbps at the same distance. (The Sense got 276.74 Mbps at 150 feet.)

That said, the Box was mediocre at pushing Wi-Fi through obstacles. It punched 473.0 Mbps through a metal wall, 471.6 Mbps through a soundboard wall and 469.2 Mbps through a ceiling. In all cases, this was at least 200 Mbps less than the Core at the same tasks. (It wasn't very different from the Sense, though.)

In an old house with lots of thick walls and masonry construction, the Box, performing as a router, sent a signal as far as 90 feet to an iPad, but it fell short of completely covering the 3,500-square-foot home. (Bitdefender doesn't sell them, but you could adda third-party range extender.)

The Box passed our informal saturation test, in which we viewed videos on an iPad Pro and a Surface Pro 3 tablet while a MacBook Air streamed internet radio stations and a Samsung TabPro S moved data back and forth from a networked storage drive. None of the audio or video lagged, froze or skipped. This was true whether the Box was in bridge mode along with the Linksys router or was operating as a router on its own.


The only way to configure or monitor the Box is through the Bitdefender Central mobile app, for which you'll need a Bitdefender account. (Be sure not to use the Box mobile app, which is for the first-generation Box only.) The Box instruction booklet has QR codes to help you install the Android and iOS apps.

The Bitdefender Central app's main activity screen shows the number of devices you have running Bitdefender software, as well as those that are not protected or need attention. It's easy to add another device directly from the app. There are also brief instructions to help you get started with the Box and a link to the company's support desk.

You can make only the most rudimentary router changes. However, the Box can perform a vulnerability assessment to look for weaknesses in the network. You can set up static IP addressing and port forwarding, but the Box can't create a guest network.

Installation and Support

Setting up the second-generation Box was a dream compared with the process for its predecessor. We installed and configured it in bridge mode in a little more than 20 minutes. That was half the time it took for the original system but still longer than the Norton Core's streamlined setup process.

However you configure it, the Box needs to be set up near your broadband modem and router. As mentioned earlier, it can work with an ISP-supplied combo modem-Wi-Fi router (aka, a gateway), with just a modem, or with both a modem and a Wi-Fi router.

The last configuration is the preferable one, and it's the one we used. Unlike the first-generation Box, this one gave us no trouble during the installation process.

The first step is to get the Android or iOS Bitdefender Central app. There's no way to set up the Box using a PC or a Mac.

Screenshot: Brian NadelScreenshot: Brian NadelWith the app installed on a Samsung Galaxy Note 8 smartphone, we created a Bitdefender account and followed the illustrated step-by-step instructions. After plugging the Box into the broadband modem's Ethernet port, we connected to it via a temporary Wi-Fi network; the password is printed on the back of the unit. The Box and the smartphone connected on the first try.

Next, we set up the Box in bridge mode by connecting another Ethernet cable to our Linksys WRT1900ACS router's WAN port. Then, we manually turned off the router's DHCP server; from that point on, the network's IP addresses would be assigned by the Box.

Screenshot: Brian NadelScreenshot: Brian NadelAt this point, the Box scanned the network for devices to protect. It found all of our networked gear, including PCs, Macs, printers, storage drives and smart home lighting controls. It sent emails to our various notebooks, phones and tablets so they could download the antivirus client software and join the network.

To set up a Box with an ISP-supplied gateway, you'll have to downgrade the gateway's functions so that it acts only as a modem. The Box will "clone" the existing Wi-Fi network. The instruction booklet makes this seem easy, but because some ISP gateways can't be configured by the end user, you may have to call the ISP's tech support line for assistance.

The simplest configuration is to just use the Box as the router and create a new network. (To make things even easier, give the new network the same name as your previous one, and use the same access password.)

Bitdefender offers 24/7 support for the Box, along with FAQs, videos and setup instructions. The Box comes with a one-year warranty, which is adequate but behind F-Secure's two-year warranty for the Sense.

Bottom Line

By bringing together excellent antivirus software and a variety of enterprise-tested security techniques, the $250 Bitdefender Box can protect any home network from a variety of attacks. It can slow down traffic on existing networks a bit, but we think that's worth the trade-off if you've got a household of vulnerable smart home devices.

The Box isn't a great security-oriented replacement for an aging router, and it's not aiming to be. The Norton Core may be the best all-in-one solution along those lines. But if you already have a very good router, or plan to get one, then the Box is the ideal security-minded complement.

Create a new thread in the Antivirus / Security / Privacy forum about this subject
Comment from the forums
    Your comment
  • mamoberg
    Have been quite happy with my CUJO. Have had minimal speed loss using it and with each upgrade it has become a better product.
  • Z300MZ
    1. I connected the BOX 2 between my cable modem and my existing Netgear R7000 router. I wish there had been advance warning that all my IP addresses were going to change. I have several devices that were originally set up to use static IP addresses in the 192.168.1.* range, but all the new addresses are in the 172.24.1.* range. This was fine for devices that were configured to use DHCP, but the ones that had the static addresses could no longer be reached. I had to disconnect the BOX 2 and install -- temporarily -- an old router that I could set to 192.168.1.* to access those other devices and reconfigure them to use DHCP. If I had known ahead of time, I could have reconfigured them for DHCP *before* installing the BOX 2.

    2. Before buying the BOX 2 had contacted their tech. support and had understood from the reply that I could configure the BOX 2 to provide its own WiFi access points in addition to the ones provided by the existing Netgear router, but I have not found any way to do that.
  • gruntpartystyle
    I call bullshit on this review. Teamviewer sessions are encrypted. The box won't be able to break that encryption in order to see that "sensitive" data is copy/pasted within this session. Also the brute forcing of a password within a secured session sounds cheesy.