Webshrinker periodically performs threat detection tests on hardware devices and other security products to analyze threat protection capabilities.
The domain list is considered a snapshot in time because threat domains are quickly de-platformed once discovered. This test took place on September 27, 2021.
Plume’s security feature, called “Guard” identified only 16.62% of Webshrinker’s known threat domains.
(The blue area represents domains that were blocked)
Guard allowed 83.38% of known threats during our traffic simulation test and performed best in the botnet category, identifying roughly 80% of DNSFilter’s known botnet hosting sites, but well below standard for sites hosting malware - identifying only 14.6% of malware sites. Of phishing and deception sites, Plume Guard recognized just 17% of the known sites DNSFilter tested.
It’s unclear if Plume Guard is built in-house at the Palo Alto, CA based company or sourced from trusted third parties. There are hints the security service is backed by Fortinet when compared to VirusTotal responses, but we can’t make a solid determination. It’s no knock on Plume to utilize third party lists or providers, just an unknown. We supplement our AI threat discovery engine with third party feeds as well here at Webshrinker.
What is clear is that Plume’s DNS protection is inadequate.
Plume’s Guard threat protection allowed 83.4% of known threats during our traffic simulation test. Plume performed best in the botnet category, identifying roughly 80% of DNSFilter’s known botnet hosting sites, but well below standard for sites hosting malware—identifying only 14.6% of malware sites. It’s true that Webshrinker’s AI is one of the best categorizers of phishing and deception sites in the industry, but Plume’s Guard (maybe relying on Fortinet) recognized just 17% of the known phishing sites we tested.
As an on-premise router Plume also takes advantage of local network control with internet access scheduling but stops short of specified time limits. There is per device content filtering but as we see with DNS security, DNS content filtering is also lacking.
We additionally test all competitors against 6 content categories; adult, drugs, gambling, p2p & illegal, terrorism & hate, and weapons. These categories represent the most commonly blocked “bad” content. With our Plume filter set to “Kid appropriate” our test reveals more inadequacies. The graphs speak for themselves.
(The blue area represents domains that were blocked)
Plume’s Homepass mobile app provides basic reports on security events with a query list. Domains can be approved from the list on a per device level which is great. Approving and denying individual domains that are not already listed is possible from the security events screens but requires tedious manual entry which brings me to the last point. There is no bulk management of block and allow lists, no way to export or import data, and only security events are recorded.
Threat Categories Tested: Botnet, Malware, Phishing & Deception
Content Categories Tested: Adult, Drugs, Gambling, P2P & Illegal, Terrorism & Hate, Weapons
Total Blocked: 50.5%
Botnet Blocked: 80%
Malware Blocked: 14.6%
Phishing & Deception Blocked: 17%
Below is a quick list to jump around our review of mesh router security features.
Part 2 - Plume (you are here)
Part 3 - Netgear Orbi
Ready to put Webshrinker's security to the test? Get 100 free credits.
We curate our sets of categories very carefully, and only update them after thorough consideration. Here are the newest Webshrinker categories.
read more