Just how many computers, mobile devices, and Internet of Things (IoT) gadgets connect to your home network? You need to answer that question before you can consider what sort of protection you might need across the network. Bitdefender Home Scanner aims to help you with that initial inventory, and it can even identify devices that are vulnerable to specific attacks. It’s a good first effort, and it’s free, but it could be even more useful with a few changes.
You don’t have to pay for this app, but during installation you do need to create a My Bitdefender account, or sign in to your existing account. Once the installation is complete, the utility launches and readies itself for its first scan. To start, it asks you to confirm that it’s connected to your home network, and warns that using the product on public networks is not recommended. With that housekeeping out of the way, it goes directly to scanning.
Your home network router assigns a unique, local-only IP address to every connected device. Home Scanner communicates directly with the network adapter to identify the possible local-only addresses that correspond to devices on your network. To do so, it simply sends a network packet to each address and notes which ones respond.
Once it has that all-important list of devices, it starts checking each of them for security vulnerabilities. On my test system, the full scan took about five minutes.
If you ever use a VPN, you may have noticed that connecting to the VPN can cut you off from devices on the local network. To use a local device like a networked printer, you may need to temporarily disconnect from the VPN. Because Home Scanner connects directly to the network adapter, it can still scan your local devices even when you’re using a VPN. However, my Bitdefender contact informs me that while such a scan will get the correct list of devices, the VPN might interfere with accurate analysis of each device’s security status. For best results, turn off your VPN before running this scan.
Note, too, that if you use a Wi-Fi hotspot that’s separate from the main iSP-supplied router, your wireless devices may not be on the same network as the wired ones. If you find that the scan shows only wired or only wireless devices, you need to repeat the scan while connected the other way.
Once the scan finishes, it’s time to review the results. On my own network, Home Scanner found between 23 and 26 devices, depending on which devices were turned on. For each device, the report lists the name that it found, along with the local IP address. For computers and similar devices, it pulled the actual device name, such as “NeilWindows10” or “Janets-iPad.” Others got clear but generic names like “HTC One phone” or “viziocastdisplay.” An icon indicates the device type, be it computer, TV, printer, or even garage-door opener. Most importantly, the list flags each device with a green label saying it found no risks, or an orange label warning of potential risks.
It’s hard to confirm that the scan found every single device. For a sanity check, I installed Avira Home Guard on the same test system as Bitdefender and scanned with both. Happily, they came up with the same list of devices, though Bitdefender did a better job of identifying device types.
Clicking any item brings up a page with more detail, including the manufacturer, the device type, the IP address, and the device-specific MAC address. I did observe that in some cases it identified the device type, but didn’t have an icon for it. That was the case for a couple network-attached storage devices and a Roku media player.
Then there were a few with a name like “unknown8C883B97EC3,” with an unknown device type. At first, I thought there was no option to change the name if I managed to identify the device, perhaps based on the manufacturer name. However, my Bitdefender contact pointed out the subtle three-dot menu indicator at top right, which includes the option to edit the device name and type. When I did change a name, the scanner remembered that name on a subsequent scan. Avira Home Guard also remembers when you edit a device’s name or type.
Here’s an interesting feature: When a new device connects to the network, Home Scanner pops up a notification and offers to scan the device. However, you don’t get to choose whether that device gets to connect, the way you do with Wi-Fi protection in Panda Antivirus Pro. Panda’s scanner, which only works on Wi-Fi, alerts you to unsafe Wi-Fi connections, and offers advice on improving the security of your own Wi-Fi network.
Avast Free Antivirus includes a network scanner, but it doesn’t go as deep as Home Scanner. When I put Avast’s network scanner to the test, everything came up safe except for one PC that intentionally connects through the router’s DMZ port, thereby losing the protection of a local-only IP address. In addition, while it reported on computers, routers, printers, and other major devices, it didn’t seem to catch the full range of IoT devices the way Home Scanner did.
Dealing With Vulnerabilities
In Home Scanner, the detail page for each device has a banner at the top. A green banner means the device doesn’t seem to be vulnerable to attack, while an orange one indicates that the scan found possible security vulnerabilities. In the latter case, you can click again for details and recommendations. And here’s where the product falls down, just a bit.
With your first click, you get a list of vulnerabilities found on the device. Clicking one of those gets you to the actual details and recommendations. I checked every single vulnerability found by the scan, and found that the recommendations never changed. The description of what attackers might do by exploiting this vulnerability was always the same. And the advice on how to fix it always said that the provider should fix the vulnerability with an update…or you could buy the Bitdefender Box to secure your whole network.
The detailed information was the same for every vulnerability I saw, but apparently that isn’t always the case. My Bitdefender contact told me that there are some differences in reporting what could happen, and that in some cases, such as weak credentials detected, the advice on how to fix the problem gets more specific.
On the plus side, Bitdefender’s messaging is better than what you get from Avira. Home Guard simply lists every open port on a device, identifying all as risks, even ones that must be open for the device to function, and it doesn’t offer any advice beyond suggesting you check your router settings.
At a list price of $ 199, plus a $ 99-per-year subscription after the first year, the Bitdefender Box is a far cry from the free Home Scanner. However, it does protect every device on the network, preventing connections to dangerous URLs and fending off potential attacks. It even functions as a VPN server, so your mobile devices remain protected even when away from home. While it can replace your home router, Bitdefender says it functions better as a supplement, working in conjunction with a powerful home router.
Wouldn’t It Be Nice If…
The repeated advice to buy Bitdefender Box, along with the colorful advertisement for Bitdefender’s products at the top of the main scan window, might suggest that Home Scanner is nothing more than an advertising ploy for the Box. However, I see it as a useful free tool, one that could be even better with a little fine-tuning.
The list of scanned devices comes up in no particular order, or perhaps in the order in which the devices responded to Home Scanner’s initial query. That makes finding one particular device quite difficult. I’d love the ability to simply sort the list by name; the option to sort by IP address might also be handy.
If you don’t find a device in the list, it surely corresponds to one of those pesky unknowns. Wouldn’t it be great if Home Scanner allowed you to export its list of found devices? You could then disconnect the problem device, scan again, and see which item vanished from the list. As it is, the only way I’ve found to identify a problem device is to power it off, run a scan, then power it back on and take note when Home Scanner reports a new device on the network.
Then there’s the always-the-same advice I encountered. In truth, different types of vulnerabilities lead to different types of exploits, and there may well be ways to fix the problem without waiting for a security update, or purchasing a Bitdefender Box. I’d like to see advice that’s specific to the vulnerability in question, where possible.
Well Worth a Try
Since it won’t cost you anything, Bitdefender Home Scanner is worth a try. You may be surprised to learn how many devices are exchanging data on your home network, securely or otherwise. You can also try Avira Home Guard, but note that in our testing it exhibited the sorts of odd behaviors you might expect from version 1.0 software.
If network security scanning inspires you to seek a whole network security solution, the Bitdefender Box is naturally one option, but it’s not the only one. Among the other possibilities are Symantec Norton Core Router and F-Secure Sense.