The Box stops you from getting to a malicious site by inspecting outbound traffic. All outbound connections are checked against the Bitdefender cloud. If the URL you're trying to reach is detected as malicious, the outgoing request will be dropped and the App will present a message like the phishing protection message I received while browsing the Internet from a PC behind the Bitdefender Box.
Bitdefender Browsing Protection
The Box also continuously scans your network for possible security holes. According to the User Guide, the Box "scans your network and identifies all vulnerabilities present on the connected devices and network equipment that can lead (to) remote, unauthorized access, data theft or malicious attacks" by doing a Vulnerability Assessment. You are then notified of detected vulnerabilities via the Bitdefender Box App. The Box didn't detect any vulnerabilities on my network.
To test if the Box protects against Denial of Service (DoS) attacks, I used Nmap's packet generator, nping. As a baseline test, I sent 1000 TCP SYN packets at 1000 pps from a test PC to a second PC running the Bitdefender Agent (which I'll cover shortly), with both PCs on a network outside the Bitdefender Box network. My PC with the Bitdefender Agent saw and replied to all 1000 packets, meaning the Agent didn't detect a possible DoS attack. Below is the nping command I ran from my test PC.
nping -tcp -p 5000 --flags SYN -c 1000 --rate 1000 172.24.2.100
I then ran the same nping test, this time with my test PC outside the Bitdefender Box network and the PC running the Bitdefender Agent inside the Bitdefender Box network. I got the same result. My PC with the Bitdefender Agent saw and replied to all 1000 packets, telling me the Box didn't detect a possible DoS attack. To be fair, I didn't expect the Box to detect this traffic, as it would have to inspect incoming traffic to do so.
I also used the nping command to detect if the Box detects a high volume of outgoing traffic, such as might be generated by a zombie device participating in a DDOS attack. With my test PC behind the Box, I used the same command as above and targeted my router outside the Box network. My test PC successfully sent 1000 TCP SYN packets in 1.83 seconds to my router outside the Box network without triggering a warning or block from the Bitdefender Box. The end result of these simple tests is it appears the Bitdefender Box does not detect potential DoS attacks, either incoming or outgoing.
Parental controls are not part of the Bitdefender Box solution, either via the Box or the Agent. However, with your Bitdefender Box subscription, you can install Bitdefender Total Security for Windows, Bitdefender Antivirus for Mac and Bitdefender Mobile Security for Android devices. Only Bitdefender Total Security for Windows software includes Parental Controls. These three software solutions are outside the scope of this review.
To test Bitdefender's Anti-Malware protection, I used the malware test site http://www.wicar.org/test-malware.html.
First, I used a PC without the Bitdefender Agent but with Microsoft Defender to see what would happen. When I tried to download the test malware with the Google Chrome browser, I got the warning shown below, meaning Chrome blocked the test malware.
Google Chrome Anti-Malware Protection
Second, on the same PC without the Bitdefender Agent but with MS Defender, I tried to download the test malware with the MS Edge browser and got th warning shown below. As you see, MS Defender detected the test malware.
Microsoft Anti-Malware Protection
Third, I took a second PC running Bitdefender Agent and connected it behind Bitdefender Box. When I tried downloading the test malware, I got the below warning.
Bitdefender Anti-Malware Protection?
As you can see in the lower right, it says "Found some malware. Windows Defender is removing it". I found this result interesting, as I had disabled MS Defender on this PC when I installed Bitdefender Agent. This made me wonder if Bitdefender Agent works with MS Defender to block malware.
So, for my fourth test, Idisabled MS Defender on my second PC. Doing so gave me the message you see in the bottom right that says"Windows Defender and Box Local Protection are both turned off".
Disable Defender = Disable Bitdefender Agent
Fifth, and last,I tried to download the test malware with my PCprotected by the Bitdefender Box but with MS Defender and Bitdefender Agent disabled. As you can see, I was able to download the test malware.
No Defender + No Agent = No Malware Protection
These results led me to some interesting conclusions. MS Defender and Google Chrome, as shown in my first and second tests, detected the test malware, without Bitdefender Box. In addition, as shown in my third and fourth tests, it appears the Bitdefender Agent works with MS Defender to block malware. Last, with MS Defender disabled and subsequently the Bitdefender Agent disabled, I was able to download the test malware leading me to conclude the Bitdefender Box does not detect malware.