Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Avira
Avira SafeThings WiFi Router
Message
<blockquote data-quote="notabot" data-source="post: 830577" data-attributes="member: 75970"><p>It's good to be able to talk to product folks directly and a great move you did to ask users !</p><p></p><p>my list ( may provide more points over the coming days )</p><p></p><p>1) privacy, I want the filter lists to be downloaded locally and applied locally by the UTM, no sending of domain names or their hashes to an Avira endpoint. This will be good for you as well, data fines in the EU are becoming a real thing.</p><p></p><p>2) if you do provide a web management dashboard, which would be nice, make sure it does it's the UTM that does the connect(...) call and your backend that does the listen(...), I don't want any open ports that are internet facing ( so your backend will be doing pushes ). Do not have any ports open to the internet, preferably no ports open at all and admin is done either via web dashboard and bluetooth only.</p><p></p><p>2.5) If you do that, do the authentication & certificate work right and ofc only allow strong ciphers in your TLS, a man in the middle attack compromising a UTM would be nothing short of a disaster.</p><p></p><p> 3) email alerts ( for suspicious "dial-outs", portscans comming from the web etc )</p><p></p><p> 4) strong filtering per device that can be used for parental controls, ie while pr0nhub may not have malware, parents should have the option to bank explicit content for underage kids.</p><p></p><p> 5) Do NOT do deep packet inspection, I don't want my UTM doing MiTM to my devices.</p><p></p><p> 6) Auto updates ( again good work with signing the updates, and authenticating your server to the UTM , rolling the certificates etc is very important )</p><p></p><p> 7) support virtual LANs, eg one for guests, one for kids, one for parents</p><p></p><p> 8) support for OpenVPN ( esp if VPN could be assigned per VLAN, that would be great )</p><p></p><p> 9) geo-blocking -- if there are no legal issues with providing this ( there was talk that in the EU geoblocking may become illegal, didn't watch what happened )</p><p></p><p> 10) Mesh support</p><p></p><p> 11) detection of network cards in promiscuous mode</p><p></p><p> 12) WPA3</p><p></p><p> 14) good practices for authentication the administrator to the machine ( not plaintext like the other routers I'll leave unnamed ... ) and also authenticating the machine to the user ( no self signed certs like other routers )</p><p></p><p> 15) 2FA for your web dashboard</p><p></p><p> 16) out of the box ability to block Alexa, Google voice etc per device. These days sadly these come bundled with a lot of 3rd party devices and many users feel strongly about this.</p><p></p><p>If you do integrate it with local AV, eg the UTM being aware that the connection started from machine XYZ from a process forked of powershell, this would be a heavy plus but maybe too much to ask for version 1 of your product.</p><p></p><p>Hope it helps and good luck !</p></blockquote><p></p>
[QUOTE="notabot, post: 830577, member: 75970"] It's good to be able to talk to product folks directly and a great move you did to ask users ! my list ( may provide more points over the coming days ) 1) privacy, I want the filter lists to be downloaded locally and applied locally by the UTM, no sending of domain names or their hashes to an Avira endpoint. This will be good for you as well, data fines in the EU are becoming a real thing. 2) if you do provide a web management dashboard, which would be nice, make sure it does it's the UTM that does the connect(...) call and your backend that does the listen(...), I don't want any open ports that are internet facing ( so your backend will be doing pushes ). Do not have any ports open to the internet, preferably no ports open at all and admin is done either via web dashboard and bluetooth only. 2.5) If you do that, do the authentication & certificate work right and ofc only allow strong ciphers in your TLS, a man in the middle attack compromising a UTM would be nothing short of a disaster. 3) email alerts ( for suspicious "dial-outs", portscans comming from the web etc ) 4) strong filtering per device that can be used for parental controls, ie while pr0nhub may not have malware, parents should have the option to bank explicit content for underage kids. 5) Do NOT do deep packet inspection, I don't want my UTM doing MiTM to my devices. 6) Auto updates ( again good work with signing the updates, and authenticating your server to the UTM , rolling the certificates etc is very important ) 7) support virtual LANs, eg one for guests, one for kids, one for parents 8) support for OpenVPN ( esp if VPN could be assigned per VLAN, that would be great ) 9) geo-blocking -- if there are no legal issues with providing this ( there was talk that in the EU geoblocking may become illegal, didn't watch what happened ) 10) Mesh support 11) detection of network cards in promiscuous mode 12) WPA3 14) good practices for authentication the administrator to the machine ( not plaintext like the other routers I'll leave unnamed ... ) and also authenticating the machine to the user ( no self signed certs like other routers ) 15) 2FA for your web dashboard 16) out of the box ability to block Alexa, Google voice etc per device. These days sadly these come bundled with a lot of 3rd party devices and many users feel strongly about this. If you do integrate it with local AV, eg the UTM being aware that the connection started from machine XYZ from a process forked of powershell, this would be a heavy plus but maybe too much to ask for version 1 of your product. Hope it helps and good luck ! [/QUOTE]
Insert quotes…
Verification
Post reply
Top