NETGEAR Orbi Security: Inadequacies of Domain Classification and Parental Controls on Mesh Router Systems Part 3

As a part of our ongoing series about the security features of mesh WiFi routers, today we are reviewing the results of our test on NETGEAR Orbi devices. Check out part 2’s results on Plume router security if you’re interested in getting your hands on all the data.

Webshrinker periodically performs threat detection tests on hardware devices and other security products to analyze threat protection capabilities. A quick reminder of how we run our tests is available.

Results for Orbi

The Orbi mesh router system implements NETGEAR Armor security which is powered by Bitdefender. Bitdefender via NETGEAR Armor was an interesting case to test. Unlike other subjects, the block page is self-hosted on the Orbi router. This is evident in the local IP addresses returned when Armor blocks a domain. A small number (1%) of our threat domains were black holed to the 0.0.0.0 IP address, so we gave the edge to Armor and considered them blocked.

Just as Plume demonstrated in the previous installment, the DNS protection of NETGEAR Armor powered by Bitdefender is less than adequate, allowing 60% of known threats during our traffic simulation test.

Armor performed nearly the same in the botnet and malware categories, identifying roughly 53%, but significantly below standard for phishing sites—identifying only 14.9%. Throughout our testing, we’ve seen Webshrinker dramatically outperform the competition identifying phishing sites and this holds true for the Orbi test.

Like our parent company, DNSFilter, Armor has off-network protection through Bitdefender’s roaming client software. This means users are protected even when they take their devices outside of their home or office, as Armor's protection is deployed on the device itself. Even though the security protection is inferior to Webshrinker’s, the additional roaming protection is preferred and Armor is the only test subject to provide peace of mind outside your network.

Parental Controls

NETGEAR Armor is meant as threat protection, but it can be coupled with Disney’s Circle for content filtering, scheduling, pausing, and time limits on internet usage. We did not include Circle in our evaluation and are testing only Bitdefender’s (through NETGEAR Orbi) content filtering of the most commonly blocked “questionable” content. We tested against 6 content categories: Adult, drugs, gambling, P2P & illegal, terrorism & hate, and weapons.

NETGEAR Armor performed well enough when blocking adult (84%), drugs (83.3%), and gambling (89%) content categories. However, they performed very poorly in weapons (21.5%), terrorism & hate (38.9%), and p2p & illegal (57.1%)—website classifications that are arguably far more concerning for parents looking to restrict internet access for their children.

The scale we use for effectiveness is as follows:

• 0-60% = poor
• 61-90% = warning
• 91-100% = good

Reporting

NETGEAR Orbi’s reporting is solely focused on what Bitdefender considers a threat. If you wanted to investigate other usage like social media or productivity, that would require an external tool such as a SIEM where you could ingest the logs and do the analysis yourself. It does provide a score for your network security based on regular device scans for default passwords and other vulnerabilities. Threat notifications are available and the mobile app has discoverable threat traffic charts to help uncover vulnerable web traffic. 

At-A-Glance

Threat Categories Tested: Botnet, Malware, Phishing & Deception

Content Categories Tested: Adult, Drugs, Gambling, P2P & Illegal, Terrorism & Hate, Weapons
Total Blocked: 55.5%

Botnet Blocked: 53.6%

Malware Blocked: 51.7%

Phishing & Deception Blocked: 14.9%