Setup a BitDefender Box

Joined
Aug 21, 2008
Messages
25,069
Location
ON, Canada eh?
So my parents have all sorts of smart devices and I was explaining the need for a good firewall to keep them safe and protected with these devices being more frequently targeted in IOT attacks etc. I explained the PFSense firewall/router setup I was using but that seemed to be a little too advanced for them and my mum came across the BitDefender box (version 2) online and suggested that she wanted to use this. I explained that there was no need for them to pay when they can use PFSense for free on an older PC I have kicking around but she was having none of it because she liked the fact that it would send her reports etc. on her smart phone via the app blah blah blah. even though I can have PFSense send her somewhat similar logs albeit more technical in nature without fancy graphics like BitDefender Box 2 can. smirk2 So I didn't argue much. She ordered it on sale for $139 CDN and I installed it for them yesterday. It's $99 CDN subscription per year and it comes with their Bitdefender Total Security for all your PC's and smart devices included for that fee so really it's like paying just for Anti-Virus/Anti-Malware software but getting a hardware/software fire-wall on top of that included in the subscription. First years subscription is included with the purchase of the box. Anyway, I have to say, after setting it up for them and playing around with it, it is quite a nice unit and works extremely well. I like the notifications that show up in the app regularly to let you know what it has found and protected you against and it also speaks to all the PC's and devices via the BitDefender anti-virus software and will report back to the app if they caught anything locally on the devices as well. That was a really neat feature. Even though it scans all traffic flowing in/out of the router it doesn't increase the ping time or slow the download/upload speed. Even when the network is heavily loaded with traffic. I have the app on my phone so I can monitor and make changes to the firewall for them remotely so I get the notifications as well as my mum on her smart phone. Oh and I should mention it was quite easy to open ports and setup forwards for their camera system they have as well as keep local LAN devices restricted from the internet at all times. It functions like a router as well in their case as their modem is in bridge mode and it sits between their modem and switch with the Box's wifi disabled so they can use their access point instead. The box does have strong wifi signal though in case you want to use it's wifi. I also contacted Bitdefenders support phone number to ask some advanced questions because my parents network setup isn't typical and the folks on the phone were quite knowledgeable at answering my questions and I think I waited no more than 30 seconds from calling the number to getting someone on the phone. I also suggested some features I would like to see added to the box via the App's built in feedback feature and to my surprise I got a personalized e-mail back the next day thanking me for my suggestion and that they would look into adding it. (Such as a WAN connection up-time timed monitor and scheduled firmware updates) I just thought I would post about it here in case anyone is in need of a quality out of the box firewall/router solution like this.
 
Last edited:
Joined
May 9, 2010
Messages
3,151
Location
Illinois, U.S.A
Asking for a, uhhh, friend. If you have two laptops on wi-fi, two smart phones on wi-fi, two TVs on wi-fi, two BD players on wi-fi, an Apple TV on wi-fi and a printer on w-fi; is this a smart buy? Or is this more for smart home gadgets, i.e. thermostats, security systems, lights, etc.?
 

StevieC

Thread starter
Joined
Aug 21, 2008
Messages
25,069
Location
ON, Canada eh?
Originally Posted by RamFan
Asking for a, uhhh, friend. If you have two laptops on wi-fi, two smart phones on wi-fi, two TVs on wi-fi, two BD players on wi-fi, an Apple TV on wi-fi and a printer on w-fi; is this a smart buy? Or is this more for smart home gadgets, i.e. thermostats, security systems, lights, etc.?
Any firewall solution over the standard bare basic found in typical routers / ISP modems with built in routers is going to be better and any device can be hacked not just IOT devices like smart thermostats etc. From the reviews I read this solution from them is excellent at its ability to keep unwanted traffic from intruding your network, and it's constantly being updated by Bitdefender on an ongoing basis so as new threats emerge they will keep updating it. Something your consumer grade stuff either doesn't do or is really slow to do. And you get the reporting function of it notifying you the instant something happens on your network. (New devices connecting, threats stopped etc.) Which definitely your modem/router doesn't do now. Really for the price and considering you get Anti-Virus for all your devices it's a good solution for those not capable of setting up PFSense or not wanting to monitor / update PFSense themselves. This is set it and forget it off the shelf solution. Personally I use PFSense with Squid Proxy and the ClamAV add-on in Squid to do the same thing but it's not for those that don't really understand how to setup this sort of professional grade router/firewall and could make your security worse if not setup properly. It's also free which is one of my favorite words. grin2
 
Last edited:
Joined
Apr 15, 2017
Messages
2,906
Location
Napa, CA.
If you have good internet the Bitdefender Box is going to slow it down. I just skimmed a Bitdefender Box review on Toms Guide of it and with only 150Mbps internet it caused a noticeable performance hit and doubled the latency. If it can barely manage 150Mbps there's no way it can handle 400Mbps with no decrease in performance. I use a UniFi setup at my house, with a Unifi USG as my router. They have their own IDS/IPS (firewall) and this is what it says: "UniFi's Intrusion Prevention System will protect your network from attacks and malicious activity. It will block and shut down connections that could compromise your security. Warning: Enabling IDS/IPS will affect the device maximum throughput. USG: 85 Mbps, USG-Pro: 250 Mbps, USG-XG-8: 1 Gbps. Warning: Enabling IDS/IPS will disable hardware offload." My USG has a $140 MSRP, USG Pro has a $340 MSRP, and USG XG has a $2500 MSRP. There's no way that consume grade Bitdefender turd lump has more processing power than a $340 USG Pro that can do 250Mbps... Edit: just tried it and enable IPS on my UniFi USG made CPU usage of the USG go to 100% just running a Fast.com speed test and it barely managed 110Mbps (hey, more than the 85Mbps Ubiquiti claims but still 1/4 of what my internet is capable of)...
 
Last edited:

StevieC

Thread starter
Joined
Aug 21, 2008
Messages
25,069
Location
ON, Canada eh?
My parents have a 250mbps connection and it slowed it down exactly 0% both on ping times and download/upload rate. I checked before and after. The first version of the box did slow down the connection and that was a big gripe of folks that had it from what I read. This has since been fixed in the second revision and will do quite well at most speeds that typical home users will have including my parents 250mbps connection. I have a Gigabit internet connection (at the moment) and my PFSense router handles it quite well, I opted for an Intel NIC though to minimize what the CPU in the box had to do versus the card itself. (offloading) I'm also using a Ubiquity Unifi AC-Pro both at my house and my parents house.
 
Last edited:
Joined
Apr 15, 2017
Messages
2,906
Location
Napa, CA.
Originally Posted by StevieC
My parents have a 250mbps connection and it slowed it down exactly 0% both on ping times and download/upload rate. I checked before and after. The first version of the box did slow down the connection and that was a big gripe of folks that had it. This has since been fixed. I have a Gigabit internet connection (at the moment) and my PFSense router handles it quite well, I opted for an Intel NIC though to minimize what the CPU in the box had to do versus the card itself. (offloading) I'm also using a Ubiquity Unifi AC-Pro both at my house and my parents house.
yeah, even the cheapest Intel NUC has a better CPU than whatever they use in a Bitdefender box...
 

StevieC

Thread starter
Joined
Aug 21, 2008
Messages
25,069
Location
ON, Canada eh?
This isn't meant to be a "Professional" grade solution like PFSense or Intel hardware so it's not fair comparing the two. This is more than robust for most home users however. My parents stream in HD and it handles it just fine with all the other internet traffic.
 
Last edited:

StevieC

Thread starter
Joined
Aug 21, 2008
Messages
25,069
Location
ON, Canada eh?
Originally Posted by OVERKILL
Is there any info provided on what it runs for software? I assume Linux?
From the digging I have done it seems to be Debian based however I have no way of confirming that. It does seem to respond to the SSH port but all I get is garbage when I try to use a terminal to connect to it.
 
Last edited:

OVERKILL

$100 Site Donor 2021
Joined
Apr 28, 2008
Messages
53,070
Location
Ontario, Canada
Originally Posted by StevieC
Originally Posted by OVERKILL
Is there any info provided on what it runs for software? I assume Linux?
From the digging I have done it seems to be Debian based however I have no way of confirming that. It does seem to respond to the SSH port but all I get is garbage when I try to use a terminal to connect to it.
I wouldn't expect high-end hardware specs for the price, so I'm curious as to how much actual IDS/IPS this thing does. My MX64 has a max IDS/IPS/AMP throughput of 200Mbit, stateful is rated at 250. It apparently uses the Broadcom BCM58522, which the specs for are available here: https://www.broadcom.com/products/embedded-and-networking-processors/communications/bcm5862x
 
Joined
Aug 29, 2018
Messages
288
Location
Central US
I was running BD for several years, and looked into this box. Didn't think much of it. In years past, I had run a Sonicwall. It absolutely slowed my throughput. It got hit by lightning, and I didn't replace it. I think it's more important to have a new wifi, and set it up correctly. I'm running an Asus 86u, and have blocked my wifi security cams from phoning home. It also 'scans' traffic for threats (trend micro aiprotection), but it reports back to the vendor... From my research, that will protect your network.
 
Top