Raiden

Level 13
Verified
Content Creator
@Slyguy This looks like a very interesting product! I have always been thinking of trying something like this. Just out of curiosity, how would you compare the Gryphon vs something like Sophos XG Firewall Home? I have been thinking for a while now about putting together a XG Firewall together, but this product has caught my eye.
 

Slyguy

Level 42
Verified
Gryphon isn't nearly as configurable as a corporate/enterprise firewall. That's really not it's purpose. They're adding new options and more configurability with each firmware patch. If you can get around no policy based routing and dozens of SSID's then this will suit most people fine looking for a strong UTM for the home.

That aside, protective wise, it's probably as good as a Fortinet or Sophos appliance in most areas, and better in some areas. ESET+Zvelo and the Machine Learning IPS are quite awesome to be honest. No corporate UTM I am aware of offers machine learning IPS yet, so Gryphon is the first in this area. I actually feel this ML/AI IPS could be a bit more powerful than traditional IPS because traditional IPS can't adapt and has to wait for signature generation (manually). By then it could be too late.

I'm running a beta firmware on mine that has some nice options coming very shortly to the main channels. ;-)
 

motox781

Level 8
Verified
@Slyguy

Hows the range on one unit? I know there are many variables involved in that, but in general if someone wanted to purchase one unit, how does it compare to the competing Bestbuy standard routers?
 
  • Like
Reactions: AtlBo and Slyguy

justme12

Level 1
Gryphon isn't nearly as configurable as a corporate/enterprise firewall. That's really not it's purpose. They're adding new options and more configurability with each firmware patch. If you can get around no policy based routing and dozens of SSID's then this will suit most people fine looking for a strong UTM for the home.

That aside, protective wise, it's probably as good as a Fortinet or Sophos appliance in most areas, and better in some areas. ESET+Zvelo and the Machine Learning IPS are quite awesome to be honest. No corporate UTM I am aware of offers machine learning IPS yet, so Gryphon is the first in this area. I actually feel this ML/AI IPS could be a bit more powerful than traditional IPS because traditional IPS can't adapt and has to wait for signature generation (manually). By then it could be too late.

I'm running a beta firmware on mine that has some nice options coming very shortly to the main channels. ;-)
Very interested from the security aspects.

1. How does Gryphon compare security wise to Asuswrt-Merlin /AI protection-TrendMicro? ( using AsusRT-AC3100)
2. Does it work with a VPN connection?
3. Will Gryphon servers have a log of my activity?
 

Slyguy

Level 42
Verified
Very interested from the security aspects.

1. How does Gryphon compare security wise to Asuswrt-Merlin /AI protection-TrendMicro? ( using AsusRT-AC3100)
2. Does it work with a VPN connection?
3. Will Gryphon servers have a log of my activity?
1) The URL/Traffic scanner is similar. One uses Trend Micro, the other ESET w/Zvelo. Most people agree Zvelo is superior in this category but they all perform sufficiently. ASUS tends to pack in low powered CPU's in their devices which can spike on traffic scanning. Gryphon has 2 more cores and 300Mhz more speed on it's ARMs.
2) No UTM scans VPN traffic, it's encrypted. Can you use a VPN with it? Sure. You can also block VPN's. But you'll not be using the traffic/URL scanning when on a VPN, but the IPS on the network will still function.
3) Gryphon does not log web activity. It does however log basic operation of the device and stores the log locally. The only way to get the logs off the device are for you to click 'Send logs to Gryphon support'. The logs are then encrypted and sent directly from the router to Gryphon support.

As for Netgear, if you trust Netgear with security, well.. Go for it. Be advised, the Netgear offering is filled with caveats. For one to get the parental controls and granular features, you'll also be signing up and paying for Disney Circle (and the spying that entails). Netgear doesn't have AI, it's basically a generic open port scanner, nothing more in that area. As for privacy policy and logging, well - have a look for yourself.

But virtually every single router manufacturer either is offering a home UTM, or will be in the next 12 months. Many partnering with major manufacturers. So it really comes down to how good the device is, how secure they made it, and what information they rip off and steal for telemetry.
 

Kubla

Level 7
Verified
Very interested from the security aspects.

1. How does Gryphon compare security wise to Asuswrt-Merlin /AI protection-TrendMicro? ( using AsusRT-AC3100)
2. Does it work with a VPN connection?
3. Will Gryphon servers have a log of my activity?
You won't beable to connect to a VPN and have the Gryphon still protecting your device but depending on your VPN you could probably use your VPNs secure DNS on the Gryphon thus be able to use the VPNs secure DNS for all your devices connected to it.

@ Slyguy what kind of tests are you tossing at it?

I have not been able to find any kind of review/testing of these kind of devices to see how they stack up to each other in the real world.
 

Slyguy

Level 42
Verified
@ Slyguy what kind of tests are you tossing at it?

I have not been able to find any kind of review/testing of these kind of devices to see how they stack up to each other in the real world.
Unfortunately it appears nobody is testing them. If I had the time I would setup a testing house for just such a thing. But unfortunately I have too much on my plate right now.

I've focused on it's resistance to hacking. I've attempted ARP manipulations and MAC spoofing. Fake AP's. Pineapples and assorted other local attacks. I'm actually really impressed that it detected my fake AP but even more interesting was when I 'allowed' the fake AP, then had a device already on the network re-connect but this time to the fake AP then into the Gryphon it denied it's connection. It recognized a local device that was tricked into attacking to a MiTM device. Pentesting isn't my gig though, just to be clear.
 

justme12

Level 1
So if I understand: I utilize a VPN encrypted connection at the router level utilizing Asus Merlin with Trend Micro Protection. In addition to an AV/Firewall, OS Armor etc.software.
To Fully benefit from Gryphon with it's resistance to hacking, I would have to relinquish the Internet Provider privacy I gain from a VPN?
So a toss between advanced security and privacy?
 

Kubla

Level 7
Verified
Unfortunately it appears nobody is testing them. If I had the time I would setup a testing house for just such a thing. But unfortunately I have too much on my plate right now.

I've focused on it's resistance to hacking. I've attempted ARP manipulations and MAC spoofing. Fake AP's. Pineapples and assorted other local attacks. I'm actually really impressed that it detected my fake AP but even more interesting was when I 'allowed' the fake AP, then had a device already on the network re-connect but this time to the fake AP then into the Gryphon it denied it's connection. It recognized a local device that was tricked into attacking to a MiTM device. Pentesting isn't my gig though, just to be clear.
That gives me an idea;

Since no one is testing them I wonder what the feasibility would be to have a Malwaretips sponsored gofundme setup get enough money to buy a number of these devices like the Gryphon, Cujo, Firewalla, Dojo, Sonicwall and have one or more of our in house malware testers like Evjl's Rain, Der.Reisende, harlan4096, silversurfer or Root put them through the wringer.

Then the tester keeps the device of their choice for their work, the rest could be raffled off and proceeds given to charity and Malwaretips will get a massive amount of hits from people researching these devices since they would be the only site with viable cross the board test results.

A win-win-win!
 

Slyguy

Level 42
Verified
So if I understand: I utilize a VPN encrypted connection at the router level utilizing Asus Merlin with Trend Micro Protection. In addition to an AV/Firewall, OS Armor etc.software.
To Fully benefit from Gryphon with it's resistance to hacking, I would have to relinquish the Internet Provider privacy I gain from a VPN?
So a toss between advanced security and privacy?
Pretty much.
 

Kubla

Level 7
Verified
So if I understand: I utilize a VPN encrypted connection at the router level utilizing Asus Merlin with Trend Micro Protection. In addition to an AV/Firewall, OS Armor etc.software.
To Fully benefit from Gryphon with it's resistance to hacking, I would have to relinquish the Internet Provider privacy I gain from a VPN?
So a toss between advanced security and privacy?
But only on the device you have the VPN running on everything would still be protected.
 

Slyguy

Level 42
Verified
Confirmed today. Gryphon has been patched against the latest PMKID WPA2 Vulnerability. It's invulnerable to all 'known' WPA/WPA2 Vulnerabilities, and they're getting their certification for WPA3 wrapped up and will work on a major update to push that.
 

Kubla

Level 7
Verified
I watched a couple videos on the phone app for the Gryphon none showed anything for custom DNS.

Can you have it use your desired DNS?

I am thinking that since one will use it for an array of devices that something like Norton Connectsafe or OpenDNS Umbrella would only serve to enhance malware and phishing filtering protection for all your devices.

I watched another video on connecting devices that has led me to another question, if you connect the Gryphon to a modem/router can the modem/router or any other devices connected to it be protected by the Gryphon or does it just protect the devices connected to the Gryphon itself?
 
Last edited:

Slyguy

Level 42
Verified
I watched a couple videos on the phone app for the Gryphon none showed anything for custom DNS.

Can you have it use your desired DPS?

I am thinking that since one will use it for an array of devices that something like Norton Connectsafe or OpenDNS Umbrella would only serve to enhance malware and phishing filtering protection for all your devices.

I watched another video on connecting devices that has led me to another question, if you connect the Gryphon to a modem/router can the modem/router or any other devices connected to it be protected by the Gryphon or does it just protect the devices connected to the Gryphon itself?
You can use any DNS you want, there is a slider to set it. I'd recommend using an enhanced DNS service with it, it would only strengthen your protection.

Gryphon should be the primary router on your network. It will protect anything on the network if it is your primary router.
 

Kubla

Level 7
Verified
You can use any DNS you want, there is a slider to set it. I'd recommend using an enhanced DNS service with it, it would only strengthen your protection.

Gryphon should be the primary router on your network. It will protect anything on the network if it is your primary router.
That is a good point, it has to be the primary but not necessarily the only router in a home/office network system as long the secondary router is connected to the Gryphon.

Now this has me thinking about more elaborate networking schemes.

Thanks
 
Last edited:

Slyguy

Level 42
Verified
Thought I read something about a $9.99 per month sub on top of that?
Early business plan envisioned a $9.99 a month fee. That was largely because Kaspersky fees were pretty high. ESET wanted a footprint in the consumer UTM market and came in with a much better deal so the monthly fee was dropped. ESET can steer people to Gryphon, Gryphon can steer people to ESET. Everyone is happy.

ESET and Gryphon bring enterprise network protection to homes and small businesses

Remember, Gryphon uses ESET's enterprise technology. Not the consumer grade stuff.