Need Advice Gryphon - the worlds most powerful AI Router.

[blackice]

Manual DNS is still broken This is so frustrating.

 

[Vitali Ortzi]

Some of the earlier posts here seem to indicate people think Gryphon is an antivirus. It is not. The ESET aspect is sourcing the corporate web filtration databases from ESET. It's not going to scan files/malware/archives, etc. Nor should it be expected to, and neither will solutions like Fortinet - which still require a local root certificate on each device to do this.

The AI aspect examines port use and activity of IoT devices and protects from anomalies. Every other device that claims to do this really just uses a set of known ports, and doesn't actually utilize machine learning to study how a device normally operators, and to flag activity outside of that. I believe only Gryphon in the home market does this.

ASUS and AiProtection is not very good, and more importantly is a significant privacy invasion. Anyone stating it is better than Gryphon doesn't really understand the technology, and likely doesn't value privacy as part of a product effectiveness.

Adblocking on Gryphon uses Easylist. Nothing more, nothing less. If you don't think it is effective, then you aren't a fan of easylist, or you augment easylist with other databases/lists in uBlock which most people do. But for safety and to not have it be overtly blocking too many good things, it's best - I feel - that they stick with Easylist.

QOS, the device priority is 'maximum priority', and only 1 can be selected. However there is a slight workaround for this.. Any device you want absolute priority on outside of Gryphon is to set the device as unmanaged. For example switches in your home should be set to unmanaged. Which means they run without any monitoring or restrictions, and utilize the full available bandwidth. QOS Device priority within Gryphon is just there for managed, controlled, monitored devices and selecting one you want to have maximum throughput on while still having all of the protection. But honestly, for things like switches and stuff within a network, you don't want (or need) protection on them, nor will your network perfect as well as it should with it it.

The Gryphon can do some pretty remarkable things with tweaking of users, settings, and management. For example one can protect an internet server from external attack, while still allowing windows updates. Easy - just make a user called 'Server', set the permissions to Toddler, then approve exactly what you want the server to access. Full lockdown, no malware in the world is going to bypass that because only exactly the URL's you need that server to access, will be accessible. You can get exceedingly granular using this method.

Another tip - you can turn on full block WITH URL capture on.. Observe a devices function and URL hits only necessary for device function. Then create a user for that device, lock it down entirely, only permitting exactly the domains it needs to function. Presto. Full lockdown of that device.. For example my thermostat can only talk to the AWS server to allow my app to communicate with it, but it blocks every other website, telemetry, company URL's related to it - and it works just like it's supposed to but is blocking extraneous nonsense.

PS: Gryphon is giving everyone free premium protection from now until June - everyone is basically working at home across the world, so this is a very nice gesture on the part of Gryphon - I think! Also, Gryphon and it's ability to control internet use is extremely valuable right now with most people (and kids) at home. Having powerful features like this, it's hardening from hackers, and very nice protection will protect homes throughout the world.

How good is the "AI?
decent enough to replace all the manual labor with zeek and suricata ?

 

[Stu M]

I have FIOS and just switched out my router. I am using it as internet only, since even though I have a tv package, I rarely watch (and if I do, I use the apps/web). Working mostly smooth, although with the Gig plan I am getting 250 down/650 up through speedtest.net and 650 down/250 up on my iPhone 11 through the app. More testing to be done (have set the dns on my computer and in the app to Cloudflare for both IPv4 and IPv6). Have cleared ip/flushed dns/reset ont

the gryphon is only good to about 400 mbs per their claims. realistically i am getting about 340ish/50 go to the support at the bottom of the page and type in slow internet....
3-4 options down.....
What internet speeds are achievable using Gryphon?
Your actual internet speeds depend on two factors:

a) ISP and subscribed Internet speed. If you subscribe upto 400 Mbps, that is the maximum speed you will get.

b) Client's capability - 802.11 b/g/n works at 2.4 GHz and supports up to 80Mbps. Whereas 802.11 ac 80 MHz bandwidth works at 5GHz and can support 1GBPS+ speed. Lesser channel bandwidth like 20 or 40 MHz will give you lesser speed.

 

[blackice]

the gryphon is only good to about 400 mbs per their claims. realistically i am getting about 340ish/50 go to the support at the bottom of the page and type in slow internet....
3-4 options down.....
What internet speeds are achievable using Gryphon?
Your actual internet speeds depend on two factors:

a) ISP and subscribed Internet speed. If you subscribe upto 400 Mbps, that is the maximum speed you will get.

b) Client's capability - 802.11 b/g/n works at 2.4 GHz and supports up to 80Mbps. Whereas 802.11 ac 80 MHz bandwidth works at 5GHz and can support 1GBPS+ speed. Lesser channel bandwidth like 20 or 40 MHz will give you lesser speed.

Your quote from their support just says they can’t give you speed faster than what your ISP provides. The 400Mbps is an example of a situation where someone subscribed to a speed tier that provides no more than 400Mbps. The router is completely capable of 1Gbps if you have service that fast.

 

[Vitali Ortzi]

Some of the earlier posts here seem to indicate people think Gryphon is an antivirus. It is not. The ESET aspect is sourcing the corporate web filtration databases from ESET. It's not going to scan files/malware/archives, etc. Nor should it be expected to, and neither will solutions like Fortinet - which still require a local root certificate on each device to do this.

The AI aspect examines port use and activity of IoT devices and protects from anomalies. Every other device that claims to do this really just uses a set of known ports, and doesn't actually utilize machine learning to study how a device normally operators, and to flag activity outside of that. I believe only Gryphon in the home market does this.

ASUS and AiProtection is not very good, and more importantly is a significant privacy invasion. Anyone stating it is better than Gryphon doesn't really understand the technology, and likely doesn't value privacy as part of a product effectiveness.

Adblocking on Gryphon uses Easylist. Nothing more, nothing less. If you don't think it is effective, then you aren't a fan of easylist, or you augment easylist with other databases/lists in uBlock which most people do. But for safety and to not have it be overtly blocking too many good things, it's best - I feel - that they stick with Easylist.

QOS, the device priority is 'maximum priority', and only 1 can be selected. However there is a slight workaround for this.. Any device you want absolute priority on outside of Gryphon is to set the device as unmanaged. For example switches in your home should be set to unmanaged. Which means they run without any monitoring or restrictions, and utilize the full available bandwidth. QOS Device priority within Gryphon is just there for managed, controlled, monitored devices and selecting one you want to have maximum throughput on while still having all of the protection. But honestly, for things like switches and stuff within a network, you don't want (or need) protection on them, nor will your network perfect as well as it should with it it.

The Gryphon can do some pretty remarkable things with tweaking of users, settings, and management. For example one can protect an internet server from external attack, while still allowing windows updates. Easy - just make a user called 'Server', set the permissions to Toddler, then approve exactly what you want the server to access. Full lockdown, no malware in the world is going to bypass that because only exactly the URL's you need that server to access, will be accessible. You can get exceedingly granular using this method.

Another tip - you can turn on full block WITH URL capture on.. Observe a devices function and URL hits only necessary for device function. Then create a user for that device, lock it down entirely, only permitting exactly the domains it needs to function. Presto. Full lockdown of that device.. For example my thermostat can only talk to the AWS server to allow my app to communicate with it, but it blocks every other website, telemetry, company URL's related to it - and it works just like it's supposed to but is blocking extraneous nonsense.

PS: Gryphon is giving everyone free premium protection from now until June - everyone is basically working at home across the world, so this is a very nice gesture on the part of Gryphon - I think! Also, Gryphon and it's ability to control internet use is extremely valuable right now with most people (and kids) at home. Having powerful features like this, it's hardening from hackers, and very nice protection will protect homes throughout the world.

@Slyguy i would like to pm you if possible ?

 

[TurdFerguson]

Does anyone else have issues with their connection dropping on their smart devices after a day or two? Been an issue since the January firmware update. I've reached out to tech support several times now and haven't really gotten anywhere. More specifically, the issue is with 2 of my 3 ecoBee thermostats and two Eufy Smart Plugs. It's infuriating beyond belief! Have to basically restart my router every day.

 

[blackice]

It could be interference on the channel it’s picking. I was having no end of trouble with a printer and came to discover a non-WiFi baby monitor that used 2.4 was interfering with it. One of my gripes with them is that they don’t let you pick the channel the radio uses. I know this is to make it more user friendly for non-tech folks, but I miss power user setting sometimes. But I also have discovered a firmware bug that multiple people here have reproduced where a manually entered DNS constantly just uses the ISP anyway, and they insist they have zero DNS leaks when they test.

 

[TurdFerguson]

It could be interference on the channel it’s picking. I was having no end of trouble with a printer and came to discover a non-WiFi baby monitor that used 2.4 was interfering with it. One of my gripes with them is that they don’t let you pick the channel the radio uses. I know this is to make it more user friendly for non-tech folks, but I miss power user setting sometimes. But I also have discovered a firmware bug that multiple people here have reproduced where a manually entered DNS constantly just uses the ISP anyway, and they insist they have zero DNS leaks when they test.

Yeah, I've reproduced that leak too! Still waiting for them to fix that as well. Tech support isn't very speedy to say the least.

 

[blackice]

Yeah, I've reproduced that leak too! Still waiting for them to fix that as well. Tech support isn't very speedy to say the least.

They are very polite and used to be fast to respond. I can’t believe they haven’t reproduced the dns leak. You’re now the 4th person I know who has it. I think they just aren’t testing it enough for the leak to start. But, now that I have it I basically only see my ISP when I test for a DNS leak. It’ll show one or two of a third party server and about 10 from my ISP.

 

[bayasdev]

Does this have advanced QoS options or just the regular consumer router with limited options + malware protection?

 

[blackice]

Does this have advanced QoS options or just the regular consumer router with limited options + malware protection?

It has very limited options. If you are a power user you will want something different. But, it is extremely secure. The limitations come from it being designed for average joes so they don’t screw up their own network or security. It’s made to be simple and safe. I believe they only allow you to prioritize one device at a time on demand. The rest is DNS filtering and parental time controls. I could be wrong about the QoS/device prioritization , I’ve never used that on any router. But last time I looked at it that is how it seemed to work.

 

[bayasdev]

It has very limited options. If you are a power user you will want something different. But, it is extremely secure. The limitations come from it being designed for average joes so they don’t screw up their own network or security. It’s made to be simple and safe. I believe they only allow you to prioritize one device at a time on demand. The rest is DNS filtering and parental time controls. I could be wrong about the QoS/device prioritization , I’ve never used that on any router. But last time I looked at it that is how it seemed to work.

I'm currently using some kind of QoS on my Mikrotik router to mantain ping spikes (bufferbloat) between 20-60ms when the network is saturated, it has lots of features for power users but lacks the integrated malware protection.

 

[blackice]

I'm currently using some kind of QoS on my Mikrotik router to mantain ping spikes (bufferbloat) between 20-60ms when the network is saturated, it has lots of features for power users but lacks the integrated malware protection.

The Gryphon has a lot of positives. it's powerful, very secure, incredibly stable, and has great parental controls. It is missing a lot of power user features, but it isn't really designed for that, and avoids the security pitfalls that come with that.

 

[Slim706]

It's called market based pricing. It's the same with anything. Grey Market Game Key Sellers just by from low priced markets, then re-sell them. Russia, Asia, some parts of Europe, keys (and everything else is cheap). However broadly painting the USA as a place of higher costs is not only silly, but it shows a lack of understanding of the size and variation of this country. For example I can go to the ghetto and buy gas for 25% less. I can go buy a pack of smokes in TN for 70% less than where I live. The market varies by city/county/state in some cases.

Also, as a rule, American's have more expendable income, in many cases, a lot more. This also drives up prices. When the minimum wage around here is $16.00US an hour, and the average person makes $60,000.00US a year, you might spend a couple bucks more for a tank of gas.

In Vietnam, the average person makes $148 a month. A cell phone bill BETTER be $10 a month or they aren't going to be afford it. That would mean a $10 a month phone bill is 8% of someones monthly salary. The average monthly pay in the USA is almost $4,000.00 a month. So 8% of that would be about $320.00 a month, I assure you nobody is paying $320 a month for a cell phone in the USA. There are plenty of $35-$50 a month unlimited plans out there. So actually, it's CHEAPER in the USA because the phone is going to be under 1% of your monthly salary, not 8%.



It doesn't work that way. Also developing a modem/router combination yields a product that generally doesn't sell well and offers little in the way of enhanced security. The purpose of a router is to NAT traffic. Traffic behind a NAT isn't vulnerable to traffic in front of a modem as the modem has no capability to render visibility on the traffic as it is passing raw tables (CMTS) and (PAT) via the cable modems. Modem/Router combinations don't perform security in the modem PAT/CMTS, they perform it after it is handed off to the NAT device on the secondary board.

No router is going to protect you from a pre-modem compromise such as quantum injections (real MiTM) anyway. Even a top end Fortinet or Cisco is only going to reduce the occurrences through TCP rejection systems.

The point of the Gryphon is to make a router hardened against all assaults, and to protect the nat devices behind the router as well as to ensure traffic is clean, not to mention best in-class parental controls and other aspects. Also Gryphon works great behind Fiber. Mine sits right behind an ONT/ONU without any issue and pushes Gig through without a problem.

Hi @Slyguy and everyone else in this forum thread, I’m new to the forums and am trying to get caught on all things Gryphon. I just received one and I noticed that you mentioned your gryphon sits right behind your ONT? I also have fiber and am interested in bypassing AT&Ts gateway altogether. Could you tell me the steps in which you accomplished this? My apologies if this already posted somewhere else.

 

[Vitali Ortzi]

Slyguy is young and vibrant.

MT is starting to crumble with his reduced participation...

Yeah where is that dude Slyguy?

 

[blackice]

Yeah where is that dude Slyguy?

He seems to have retired from MT.

 

[Vitali Ortzi]

He seems to have retired from MT.

Unfortunate as he was quite valuable in MT

 

[blackice]

Unfortunate as he brought much to the discussion.

I agree, I was also hoping for his help in convincing Gryphon that their Manual DNS implementation broke. It’s driving me crazy that they broke the firmware. The only response I get is that they don’t have DNS leaks.

 

[Vitali Ortzi]

I agree, I was also hoping for his help in convincing Gryphon that their Manual DNS implementation broke. It’s driving me crazy that they broke the firmware. The only response I get is that they don’t have DNS leaks.

What the hype about Gryphon all about?
Too expansive for an average user
( Expansive router with Monthly subscription ).
And for the enthusiastic there is way cheaper alternatives with superior
Protection(as long as the AI is a marketing gimmick and not actually something special unfortunately can't test) and logging of a good IDS is way better then this .
Only good thing about it is that it's easy to set up.

 

[blackice]

What the hype about Gryphon all about?
Too expansive for an average user
( Expansive router with Monthly subscription ).
And for the enthusiastic there is way cheaper alternatives with superior
Protection(as long as the AI is a marketing gimmick and not actually something special unfortunately can't test) and logging of a good IDS is way better then this .
Only good thing about it is that it's easy to set up.

If you read back through the thread, especially @Slyguy ’s posts you’ll find it’s a very secure router. The cheaper options have comparable protection, but inferior security of the firmware. If you know how to set up a router this isn’t a problem. The AI is more about IoT devices and their uses. The main protection for devices is DNS filtering based on ESET’s web protection (which is top notch). It also has top of the line parental controls (which isn’t something everyone needs). My favorite feature is that you can block all new devices and it watches for MAC address spoofing. It also is a very powerful WiFi device and really fast and stable. I reboot it about 1/10th as many times as my old ASUS.

But, it is not very configurable because it’s made to be easy. This helps make it more secure and prevent unknowledgeable people from messing things up. I honestly miss a lot of the prosumer features from ASUS, and especially Merlin firmware. There are trade offs. I’m still happy with it, but sometimes wish I had something I could have more control over.