Bitdefender's Box security appliance is a win-win for homes with lots of online devices, especially smart-home devices that wouldn't otherwise be secured. Its unique hardware provides an extra layer of protection against the internet's seamier side, and scans for vulnerabilities on your home network. In addition, the bundle includes virtual private network (VPN) service and Bitdefender's excellent antivirus software for all of your computers, smartphones and tablets.
We gave the Box a poor review when it came out last year. But firmware updates that improved the Box's features and compatibility, a drastic price reduction and the addition of the Bitdefender antivirus software and VPN service make it a bargain at $130 per year. That's despite the Box's potentially difficult setup process, outdated networking capabilities and incompatibility with some routers.
[Editor's Note: At CES 2017, Bitdefender announced a second-generation Box that should work well as a stand-alone router. It will also have a much faster central processor, more RAM and more storage space. The new Box should be available for the 2017 year-end holidays, and Tom's Guide will have a full review before then.]
If the small, square, white Bitdefender Box looks familiar, it's the same hardware that was introduced in early 2015 to mixed reviews, including one from Tom's Guide. Back then, it cost twice as much, worked with far fewer devices and didn't include antivirus software. Now, the Box is back with new software designed to solve its compatibility and operational problems.
We recommend reading through the online Bitdefender Box User's Guide before setting up the Box.
The 3.5 x 3.5 x 1.1-inch Bit Box is easy to hide near your router and broadband modem. Inside the Box is a tiny Linux computer with a 400-MHz MIPS-based processor, 64MB of RAM and 16MB of flash memory to hold its settings and firmware.
Credit: Jeremy Lips / Tom's GuideIn the back are two RJ-45 networking ports for connecting to your router, a microUSB port for power and a recessed reset button. It comes with an AC adapter, a flat LAN cable, a USB cord and a small booklet of setup instructions. We recommend reading through the online Bitdefender Box User's Guide before setting up the Box.
The Box's underside LEDs glow bluish green when everything is OK and you're protected, and turn white when the Box is downloading new firmware. If there's a problem, the LEDs turn red. There's no way to turn the lights off.
Credit: Jeremy Lips / Tom's GuideThe Box's 802.11b/g/n networking hardware shows its age with a 100-megabit-per-second (Mbps) throughput limit, rather than the 1-gigabit-per-second (Gbps) limit common on most new home-networking devices. That might have been acceptable a year or two ago, but could become a network bottleneck today.
Nor can the Box protect the guest Wi-Fi networks, intended for visitors, that many modern home routers support. Coincidentally, putting Internet of Things devices on a guest network solves many of the same security problems the Box itself is meant to address. We'd like to see guest-network support in a future Box firmware update.
Ports: 2 LAN/100Mbps
Power: Micro USB with Adapter
Processor: MIPS single-core 400MHz
Management apps: iOS and Android
Size: 3.5 x 3.5 x 1.1-inches
The closest analog to the Bitdefender Box would be a business network-security appliance made by the likes of SonicWALL or Tofino, except that the Box doesn't do the deep-packet traffic inspection that might reveal malicious code.
Instead, the Bitdefender Box works at four levels. First, it monitors the URLs to which every internet-ready device in a home — computers, smartphones, tablets, gaming consoles, webcams and home-automation devices — tries to connect, and blocks connections to known malicious sites.
This feature depends on Bitdefender's constantly updated URL blacklist. Unfortunately, you can't remove sites from the blacklist, but you can add sites using Bitdefender's antivirus software.
Second, the Box runs vulnerability scans on every device on the home network every three days. It checks for password strength, firmware version and any weakness that can be used as a backdoor attack vector. On the downside, there's no way for you to manually run a scan.
Next, the Box lets you install Bitdefender Total Security on an unlimited number of Windows, Mac, Android and iOS systems. That's equivalent to Bitdefender's $120 Family Pack, although that antivirus bundle is frequently discounted to $60 per year. This makes the $130 yearly Box subscription a bargain. (On the downside, iPhones and iPads don't get malware protection, as Apple doesn't allow it.)
Finally, all the mobile devices in the user's home — smartphones, laptops or tablets — are enrolled in Bitdefender's Private Line virtual-private-network (VPN) service, which creates a secure, encrypted internet connection when you're using Wi-Fi networks outside the home.
To see how well the Box protected my home network, I put it up against online repositories of real and fake malware. I tried the Power Line VPN client at a Starbucks Wi-Fi hotspot in Manhattan. To test broadband speeds, I used the Speedtest website and mobile app.
The Box was fairly good at blocking malicious websites on my home network. It stopped all four domains I randomly picked from the constantly updated Malware Domains List, and all five I picked from the similar Phishtank site.
The Box was virtually invisible to web browsing.
It also stopped all 12 of the real malware files hosted on the WICAR site. However, the box let through a compressed (fake) malware file from the EICAR test site.
On the Starbucks Wi-Fi network, I saw very little network slowdown from the Power Line VPN client on my iPad. Without Power Line on, I got 58.43 Mbps down and 5.74 Mbps down. With it on, those were 58.13 Mbps down and 5.31 Mbps up.
At home, there likewise was no material difference between internet download speeds with and without the Box. The Box was virtually invisible to web browsing.
Installation and Support
The Bitdefender Box can be set up in about half an hour, but it's sometimes a tricky process. The Box is still incompatible with about a half-dozen routers; there's a full list under "Compatibility" at Bitdefender's Box support page, along with a list of compatible routers that nevertheless require special installation procedures. Check your router's status before you decide to buy the Box.
Credit: Jeremy Lips / Tom's GuideAfter installing the Box's companion Android or iOS app, you'll need to use the app to create a Box account. You can't install or configure the Box with a PC or Mac through a web-based portal, which might have made the setup process a bit easier.
If you already use Bitdefender software, the Box's yearlong antivirus-software license will be added to your present subscription. On the downside, the Box can't be set up with an existing Bitdefender online account, and signing in with one will mess up the process to the point where you'll have to call tech support. We'd like to see these two ways of interacting with Bitdefender software merged into one tool.
With Apple Routers
The first thing you'll see during installation is a screen asking whether you have an Apple AirPort router. If so, you'll need to use the AirPort utility on your Mac or PC to manually set the AirPort to Bridge mode, which will let the Box handle the routing. Using Ethernet cables, you'll have to connect the Box to both the broadband modem and the Apple AirPort router, which will handle the Wi-Fi signal.
Tom's Guide tried out this setup with a five-year-old AirPort Extreme 802.11 b/g/n router and found no effect on the throughput rate, although users of newer 802.11ac AirPort routers might see a traffic slowdown.
With Other Routers
With non-Apple routers, you'll have to enter the router's administrative password, then let the Box scan for devices on the local network, download updates and restart the router. The Box takes over your router's dynamic host control protocol (DHCP) server, which doles out local-network Internet Protocol (IP) addresses to every device connecting to the router. A recent update to the Box software allows you to manually allocate permanent IP addresses.
If the Box setup doesn't work, you may need to turn off the router's DHCP server and start again. This may raise the blood pressure of those uninitiated in network implementation, but it's not as hard a task as it sounds.
If you have a combination modem/router of the type that DSL providers frequently give to customers, you'll need to talk to your internet service provider before you start the Box setup process.
If the setup procedure fails entirely, the Box can be used as a Wi-Fi router by itself. Its built-in access point is strong enough for a small house or an apartment. Yet it lacks a firewall (ironic for a product made by a security company) and support for the latest 802.11ac protocol and 5GHz channels, so its top speed and range will be limited even compared to today's budget routers.
For me, the installation procedure initially took about 40 minutes, including a large software upgrade. Then the Box app said the installation had failed to complete, and led to a link to Bitdefender's tech-support desk. Happily for me, tech support followed up about two hours later with a phone call. It turned out that the software had loaded properly all along.
The Box scanned the network and brought in all my Wi-Fi devices, including two Windows PCs, a MacBook Air, an iPad, two Android devices, a Netgear IP camera and a Belkin WeMo light bulb and controller. The Box initially classifies all devices as Guests, but you can be reclassify them as Family devices so that they receive the Box software agents.
Software agents (separate from antivirus software) are available for Windows, Mac, iOS and Android devices, but not for devices running embedded operating systems, such as networked storage drives, IP cameras and home-automation gizmos. Once an agent is installed on a device, you can manage the Box from that device and use Bitdefender's Private Line VPN service when out of the house.
Obviously, this is a new way of thinking about home network security, and it takes some extra effort and education to fully take advantage of it.
Bitdefender includes 24/7 tech support for the Box. You can call, email or browse through the site's helpful suggestions and fixes.
The Box's Android and iOS interfaces are bright and open, with plenty of white space, and work well on tablet and phone screens. On the other hand, they're not particularly visually oriented and show rough edges that will likely be smoothed out with software updates.
Along the bottom are section heads for the main duties: Activity, Notifications and Devices. A gear-head logo sits in the upper right for settings.
The Activity screen not only shows which clients are connected, but an overall fever graph of online activity and the top clients arranged by data usage. On the downside, it only updates this data every hour, and there's no place to refresh its results. The best way to stay up-to-date is to close and reopen the app.
The Notifications section alerts you when new devices are added and shows client vulnerabilities or suspicious activity. It's also where you're alerted that a Box software is available. Unfortunately, when it's done, the screen shows both that it's "Updating Box" and "Box is up-to-date."
The Devices category shows what's connected and protected. It's divided into Guest and Family sections, with a list of devices underneath, but it lacks the network-mapping motif that many routers provide, and it doesn't show every device that Box is protecting at once. Click or tap on any item, and you'll see details of the device as well as any vulnerabilities, which category it is in and its LAN settings.
Finally, the Settings section shows the account's email address as well as how many days remain in the subscription. It also has the version of the Box's firmware and the device's app.
If something goes terribly wrong, you can attempt to recover the Box's settings. If you decide to stop using the Bitdefender Box, you'll need to reset the router back to its original settings using the mobile app, or you'll be in networking hell with a router that still thinks it's connected to the Box. Click on Remove Box to do this. It takes about 5 minutes.
By including an unlimited license for Bitdefender's antivirus software, plus a VPN service, the Box's protection comes at no additional cost and should appeal to those with lots of Wi-Fi devices. However, while it offers a unique extra layer of protection from online intruders, the Bitdefender Box is limited to 100-Mbps throughput, doesn't protect guest networks and could be complicated to set up. Overall, though, this unique device should be on guard protecting every smart-home network.