Hi everyone,
As one of the guys behind the SafeThings product, I was extremely pleased to run into this thread.
I’d love to learn more about your thoughts around our product:
- what would motivate you to buy such a product?
- what is it missing in the product that would turn it into a must-have?
Thanks everyone,
Andrei
It's good to be able to talk to product folks directly and a great move you did to ask users !
my list ( may provide more points over the coming days )
1) privacy, I want the filter lists to be downloaded locally and applied locally by the UTM, no sending of domain names or their hashes to an Avira endpoint. This will be good for you as well, data fines in the EU are becoming a real thing.
2) if you do provide a web management dashboard, which would be nice, make sure it does it's the UTM that does the connect(...) call and your backend that does the listen(...), I don't want any open ports that are internet facing ( so your backend will be doing pushes ). Do not have any ports open to the internet, preferably no ports open at all and admin is done either via web dashboard and bluetooth only.
2.5) If you do that, do the authentication & certificate work right and ofc only allow strong ciphers in your TLS, a man in the middle attack compromising a UTM would be nothing short of a disaster.
3) email alerts ( for suspicious "dial-outs", portscans comming from the web etc )
4) strong filtering per device that can be used for parental controls, ie while pr0nhub may not have malware, parents should have the option to bank explicit content for underage kids.
5) Do NOT do deep packet inspection, I don't want my UTM doing MiTM to my devices.
6) Auto updates ( again good work with signing the updates, and authenticating your server to the UTM , rolling the certificates etc is very important )
7) support virtual LANs, eg one for guests, one for kids, one for parents
8) support for OpenVPN ( esp if VPN could be assigned per VLAN, that would be great )
9) geo-blocking -- if there are no legal issues with providing this ( there was talk that in the EU geoblocking may become illegal, didn't watch what happened )
10) Mesh support
11) detection of network cards in promiscuous mode
12) WPA3
14) good practices for authentication the administrator to the machine ( not plaintext like the other routers I'll leave unnamed ... ) and also authenticating the machine to the user ( no self signed certs like other routers )
15) 2FA for your web dashboard
16) out of the box ability to block Alexa, Google voice etc per device. These days sadly these come bundled with a lot of 3rd party devices and many users feel strongly about this.
If you do integrate it with local AV, eg the UTM being aware that the connection started from machine XYZ from a process forked of powershell, this would be a heavy plus but maybe too much to ask for version 1 of your product.
Hope it helps and good luck !