Slyguy

Level 40
Thanks @Slyguy. In for one. I should buy two because my house is pretty big (3800 sq ft), but my house is open are concept, so I'm hoping to set it up in an open area and it will suffice.

Funny the "support" guy that emailed me, is also one of the founders. I'm going to try to meet up with him and maybe the CEO at ESET offices in a couple weeks.
I just got back from my Inlaws for Thanksgiving, they have a Gryphon deployed - I was shocked to see it in the living room when we arrived today. My father inlaw got owned by malware, then compromised by some Russians so he's really ramped up his security in the home and on devices. I mentioned Gryphon to him 6-7 months ago figuring he wasn't paying attention, now I see he was. It felt really good to see his new improved security profile at his home, before everything was wide open and his crap router was on ancient firmware.
 

notabot

Level 7
This looks like a good product, I wonder how it compares to Sophos’ XG home or Sophos UTM.

Can someone who’s used both comment ?
 
Reactions: DeepWeb

Slyguy

Level 40
This looks like a good product, I wonder how it compares to Sophos’ XG home or Sophos UTM.

Can someone who’s used both comment ?
Sophos X and Sophos 9 are SOHO/SMB devices. No comparison in terms of configuration and such. Gryphon is a UTM for average joes, with enough of a security punch to titillate prosumers but a lack of configurability to satiate IT Engineers. However an IT dude will be satisified if he doesn't have a home lab and just wants security that works.
 

notabot

Level 7
Sophos X and Sophos 9 are SOHO/SMB devices. No comparison in terms of configuration and such. Gryphon is a UTM for average joes, with enough of a security punch to titillate prosumers but a lack of configurability to satiate IT Engineers. However an IT dude will be satisified if he doesn't have a home lab and just wants security that works.
If the engineering team is a good one ( and for this product I can’t see anything that suggests otherwise), I’d take a preconfigured one anytime.
 

Slyguy

Level 40
If the engineering team is a good one ( and for this product I can’t see anything that suggests otherwise), I’d take a preconfigured one anytime.
Same. I no longer take work home (it's not legal for me to anymore to bring or take anything, even the tiniest thing). So the Gryphon works nicely for me and is way less headaches than dealing with a stack of enterprise grade gear. Also my power bill dropped 40% or so.
 

notabot

Level 7
Same. I no longer take work home (it's not legal for me to anymore to bring or take anything, even the tiniest thing). So the Gryphon works nicely for me and is way less headaches than dealing with a stack of enterprise grade gear. Also my power bill dropped 40% or so.
I don’t work in security so I don’t have compliance restrictions but tbh every piece of tinkering in configurations needs maintainance and I’d much rather go out for dinner than maintain configure files if there’s a good preconfigured product out there by a strong engineering team.
 
Reactions: TerrakionSmash

DeepWeb

Level 21
Verified
Gryphon is on my wishlist but I do have one question. As safe as Gryphon is, your modem/gateway that it connects to would still be the weak link in your setup and if it gets compromised, nothing Gryphon does would really help right? If so what is the most secure modem you would recommend along with Gryphon? I'm using At&t btw.
 
Reactions: simmerskool

Slyguy

Level 40
Generally speaking there isn't any user space permissions within a modem to execute code. This is why it's generally fairly rare to find exploits for modems. It's certainly possible, but not common. Also, DOCSIS hardware itself doesn't lend itself to intrusion/spying because it's functioning at the basic SIGNAL level and usually without any logging. It's largely focused on things like signal strength and error correction. Since the modem isn't handling local DHCP, DNS and ARP it's really basic at the most basic level.

Where cable modems can be a problem is external MAC broadcast on the ISP DHCP pairing exposing the device identifier to external actors. Which would basically allow a malicious actor/state or otherwise to 'follow' you around the internet. So if you take that modem to a new home, they'd know. If you pop your ISP DHCP onto a new scope, they'd know. Some paranoid people (and me) have been known to cycle out modems/models or spoof addresses to avoid such activities but the regular joe has no major concern there.
 

SHvFl

Level 35
Content Creator
Trusted
Verified
Any idea on how this compares to bitdefender box 2 if i don't have a gigabit connection? Any advantages on features that maybe gryphon is missing or the other way around?
 
Last edited:

Kubla

Level 6
bitdefender box 2
Some of the differences I noticed;
Gryphon has AC3000 giving wireless connection speeds to a maximum of 3.0 Gbps (3000Mbps)

Bitdefender box 2 has AC1900 giving it wireless connection speeds to a maximum of 1.9 Gbps (1900Mbps).

The Gryphon has 4 ports built in, the Bitdefender only has 1, so you if you have a lot of wired connections to devices you will need to add a multi-port access point.

The Bitdefender has 3x3 MU-MIMO and the Gryphon has 4x4 MU-MIMO which basically means the Gryphon can have more devices performing demanding activities without a degradation of speed.

So the the Gryphon is more powerful on the hardware side, need to do some more research on security and protection, I did notice that they give you an unlimited license to Bitdefender Total Security with purchase of the box 2.
 

azt7

New Member
I did notice that they give you an unlimited license to Bitdefender Total Security with purchase of the box 2.
Bitdefender really uses that to their advantage. I just renewed 10 Bitdefender Total Security for 3 years at $150 and they were offering the box 2 for 1 year at the same price.

I'm a long time Bitdefender user and looking at reviews, I've never been fully convinced by the Box 2 (lots of trouble installing it). The first one had performance issues and the second one is somewhat limited compared to the Gryphon. On top of all that, Bitdefender says that it was not designed to replace a router, it can but it's not the intended purpose.

I'd rather go for an efficient multi-layer protection of Gryphon + BTS than Box v2 + BTS. It's better to have 2 seperate engines look at threats than one.
 

Slyguy

Level 40
I'd rather go for an efficient multi-layer protection of Gryphon + BTS than Box v2 + BTS. It's better to have 2 seperate engines look at threats than one.
This is a very smart move. First, a bit of history of the 'Box' from Bit Defender.. Rev.1 was underpowered, had Fast Ethernet (100Mbps) maximum and generally was an atrocious performer. Box 2 is better but not by a whole lot. Even more important is it doesn't provide a layered approach to security - you get Bit Defender on your systems and Bit Defender on your gateway. I'd MUCH prefer ESET on my Gateway and Bit Defender on my systems. Also keep in mind, Gryphon has parental controls and user management that is superior to Box, and also AI-IPS which Box 2 doesn't have, both important.
 

Music4Ever

Level 6
Quite like the Gryphon, however mentioning the cost to my other half (ruler of all money) has not gone well so far - I should have downplayed the cost! However negotiations will continue & I think I'll get one in time - I usually do :)
 

woodrowbone

Level 8
Does anyone of you know what throughput the device has WAN-LAN using cable?
With all bells and whistles on of course :)
And concurrent connections?

Is there really no way to use a web interface for admin, I am no fan of the phone only alternative.

/W
 

Slyguy

Level 40
Does anyone of you know what throughput the device has WAN-LAN using cable?
With all bells and whistles on of course :)
And concurrent connections?

Is there really no way to use a web interface for admin, I am no fan of the phone only alternative.

/W
Mine handles 1000Mbps/1000Mbps throughput WAN/LAN. My fastest wireless device is sadly 300Mbps or so, but it handles 5 of them plus additional devices all streaming at once. I've tested it with a maximum of 42 devices on the network and had no issues.

Management is done through the app for security. The reason is a lot of CVE's for routers are for 80/443 web gui compromises. HTTP/HTTPS, 22, 23 are all disabled on the Gryphon, there's nothing to hack. The App is paired with the Gryphon via scanning the QR-Code (Encryption Key) on the bottom of it, then you setup the account for the App. That adds additional layers of security into the mix because any external threat actor would need physical access to your device AND your login credentials and would have to re-pair it - none of that is really going to happen.

Finally, on the local network there aren't any ports or access to the Gryphon. Hitting the gateway IP yields only a captive portal page with THAT devices specifications and the ability to request access to a blocked web page. Again, even a local malware/bot/threat actor wouldn't have anything to communicate with in terms of the Gryphon.

You can install the app on a phone or tablet. I suspect it's possible to even run Bluestacks on a laptop, and access it through the app+your account on that device as well but I haven't tested it. All of the attack vectors are closed off. Also it has DNS Rebind attack protection built in.

I'm on the beta channel for firmware, and the next revision (testing now) allows you to block ALL new devices of every type from connecting to your network after you've connected each device initially and this also blocks spoofed MAC Addresses. Here's a snapshot of the ESET protection levels on the Gryphon as well.

02_Gryphon1.jpg 6_Gryphon.jpg
 

Similar Threads

Similar Threads