How many computers, mobile devices, and Internet of Things (IoT) gadgets is your home network supporting? You might be surprised at the load it’s carrying, from the expected PCs and smartphones to internet-aware toasters, toothbrushes, and garage doors. The free Bitdefender Home Scanner aims to help you inventory those devices and identify any that are vulnerable to attack. It also warns when new devices connect, so you can scan them for safety and verify that they’re legit. Knowing when outsiders visit your network helps you protect your privacy, though the scanner won’t bar the intruders for you. It’s a useful, free tool.
Note that while you don’t have to pay for this app, during installation you do need to create or sign into an existing My Bitdefender account. Once the installation is complete, Bitdefender Home Scanner launches and readies itself for its first scan. To start, it asks you to confirm that it’s connected to your home network, warning that using the product on public networks is not recommended. With that housekeeping out of the way, it goes directly to scanning.
Straightforward Scan
Your home network router assigns a unique, local-only IP address to every connected device. Home Scanner communicates directly with the network to identify the local-only addresses that correspond to devices on your network. To do so, it simply sends a network query to each possible address and notes which ones respond.
Once it has that all-important list of devices, Home Scanner starts checking each of them for security vulnerabilities. On my test system, the full scan took about five minutes.
If you ever use a VPN, you may have noticed that connecting to it can cut you off from devices on the local network. To use a local device like a networked printer, you may need to temporarily disconnect from your VPN. Because Home Scanner communicates directly with the network adapter, it can still scan your local devices even when you’re using a VPN. However, the VPN might interfere with accurate analysis of each device’s security status. For best results, turn off your VPN before running this scan.
Note, too, that if you use a Wi-Fi hotspot that’s separate from the main ISP-supplied router, your wireless devices may not be on the same network as the wired ones. If you find that the scan shows only wired or only wireless devices, you probably need to run the scan twice, once over the wired connection and once over the wireless connection.
Scan Results
Once the scan finishes, it’s time to review the results. On my own network, Home Scanner initially found 12 devices. The count rose to more than 20 as more devices turned on and connected. For each device, the report lists the name that it found, along with the local IP address. For computers and similar devices, it pulled the actual device name, such as “Neil iPad Tablet” or “NewPhysTest.” Others got clear but generic names like “Synology NAS” or “Roku Streaming Device.” An icon indicates the device type, be it computer, TV, printer, or even garage-door opener. Most importantly, the list flags each device with a green label saying it found no risks, or an orange label warning of potential risks.
Clicking any item brings up a page with more detail, including the manufacturer, the device type, the IP address, and the device-specific MAC address. I found that some devices came up with an unknown name and device type. By checking the IP and MAC addresses of devices that I didn’t see in the list, I managed to pin down the identity of these unknowns. Clicking the three-dot menu icon at top right of the Device Details page let me enter a name and choose a device type.
If network sleuthing using IP addresses is outside your tech abilities, consider asking a tech-savvy friend or relative to take on the task. The scanner remembers changes on subsequent scans, so getting those unknowns squared away should be a one-time thing.
I got a kick out of paging through the choices of device type. Of course, the list included PCs, Macs, smartphones, laptops, tablets, and such common items, but there were scads of other choices. Among the more surprising entries were: Animal Tracker, Beer Brewing, Cooking Robot, Key Cutting Machine, Leak Detector, and Sewing Machine.
If you turn on Automatic Device Discovery, Home Scanner notifies you when a new device connects to the network, with an option to immediately scan the device. However, you don’t get the option to ban a device from your network the way you do with Wi-Fi protection in Panda Dome Essential. Panda’s scanner, which only works on Wi-Fi, alerts you to unsafe Wi-Fi connections, and offers advice on improving the security of your own Wi-Fi network.
Avast Free Antivirus includes a network scanner, but it doesn’t go as deep as Bitdefender’s. When I put Avast’s network scanner to the test, everything came up safe except for one PC that intentionally connects through the router’s DMZ port, thereby losing the protection of a local-only IP address. I did find that Avast’s list of device types rivals what Bitdefender offers, with almost 100 choices, among them Toothbrush, Vehicle, and Washing Machine.
Dealing With Vulnerabilities
In Home Scanner, the detail page for each device has a banner at the top. A green banner means the device doesn’t seem to be vulnerable to attack, while an orange one indicates that the scan found possible security vulnerabilities. In the latter case, you can dig in for details and recommendations. This is where the product falls down, just a bit, as I’ll explain.
The scan found two devices with security vulnerabilities. Clicking one of the vulnerabilities listed for a device gets you to the actual details and recommendations. I checked both vulnerabilities found by the scan and found the same recommendations. Testing for my previous review of this product found even more devices with vulnerabilities. And the advice on how to fix the problem always said that the provider should fix the vulnerability with an update…or you could buy the Bitdefender Box device to secure your network.
The detailed information was the same for every vulnerability I saw, but apparently that isn’t always the case. My Bitdefender contact told me that there are some differences in reporting what could happen, and that in some cases, such as weak credentials detected, the advice on how to fix the problem gets more specific.
Here’s the big gotcha. Even if you’re happy to spend $199 for the box plus a $99 yearly subscription after the first year, you can’t. The device is sold out, and there’s no indication when, or whether, it will become available again.
At least the Box’s fate is uncertain; a couple of similar products are thoroughly dead. Norton discontinued its Core Security router in early 2019, and F-Secure Sense met its demise even earlier. Bitdefender’s strongest presence in the home router market currently comes through its presence as Netgear Armor in certain of Netgear’s high-end home routers.
Well Worth a Try
Since it won’t cost you anything, Bitdefender Home Scanner is certainly worth a try. You may be surprised to learn how many devices are exchanging data on your home network, securely or otherwise. Pay attention when it notifies you that a new device has connected—if your neighbor is stealing your Wi-Fi you’ll want to know about it. It’s true that the scanner is better at identifying vulnerable devices than at explaining how to fix those problems. And you should just ignore any advice to buy the Bitdefender Box, since that’s not something you can do right now.