Malware Scanning of traffic

Don’t know how practical this is, given the hardware Pepwave uses, but it would be nice to have Pepwave products be able to perform the same function as a Bitdefender Box of monitoring traffic for malware. ( http://www.bitdefender.com/box/ ) The Bitdefender Box has to be the DHCP server for the network.

Norton is coming out with a router that is claimed to detect & limit malware issues. https://us.norton.com/core

1 Like

At first glance this look special, but then I noticed this section, which is commonly seen in some of the enterprise firewalls.

Complete device protection with award-winning security.

Included with every Norton Core is a one-year subscription that protects your entire home network, unlimited IoT devices, and up to 20 PCs, Macs, smartphones and tablets, giving you a comprehensive solution designed to shut down malware, hackers, viruses and more.
Norton experts help keep your PCs, Macs, smartphones and tablets free from viruses.

In short, they have the ability to push down a client software (which in this case must be a Norton Antivirus or something similar) to be installed in your device, same as what you’re doing now with any AV software. From there it can centrally manage scanning, updating of database etc.

I think the unique part for this is mainly the ability to centralised manage. Costing wise should be the same as buying a router + anti-virus subscription for each device.

That may be true for Norton, but I have not talked to them, although pushing software won’t work for IoT devices.

I did talk with the Bitdefender folks. They claimed their box is monitoring the traffic. I then specifically asked them if their box could sit between the cable modem & the router. They said yes but they require their box to be the DHCP server. That is problematic if one is using one’s Pepwave to run VLANS and such. I didn’t ask them how or if they can filter https, SSL or VPN pass though traffic.

Not likely to be between modem and router I think, but rather between router and switch in something similar to our drop-in or transparent mode? Not too sure how they can still be a DHCP server in that kind of setup though.

Then again, we have to see whether it’s monitor traffic that pass through the gateway, or actively monitor traffic of each client/device that connect to it. For the former, this will be a more relevant function for us to consider I would say, but there’s always pros and cons for activating features like this. I have a few years working as pre-sales for enterprise firewalls previously, and from experience, having these form of virus/malware scanning features will take a toll on the performance, since the gateway have to scan every individual packets that pass through the device.

1 Like

So now the Bitdefender Box 2 (“BDB2”) has arrived, and I am wondering: is it compatible with the Pepwave Surf Soho router? My understanding is that the BDB2 device typically requires the ability to turn the main router into “bridge” mode /or drop-in mode as Peplink refers to it.

But am I correct in understanding that the Pepwave Surf Soho router lacks drop-in-mode capability? If so, that suggests it is not compatible with the BDB2, yes? Is there any experience with using the Bitdefender Box (either first or second generation) with any Pepwave Surf Soho routers or other Peplink routers?

Answered here Bitdefender Box 2

1 Like