plume router security review

Plume Router Security Review: Inadequacies of Domain Classification & Parental Controls on Mesh Router Systems Part 2

Threat Analysis

Webshrinker periodically performs threat detection tests on hardware devices and other security products to analyze threat protection capabilities.

Domain Analysis Testing Process

  1. Generate a 48-hour lookback list of the top 1,000 most dangerous threat domains in the categories of: Botnet, Malware, and Phishing & Deception
  2. Generate another 48-hour lookback list of the top 1,000 domains in the categories of: Adult Content, Drugs, Gambling, P2P & Illegal, Terrorism & Hate, and Weapons
  3. Configure policy on test subject to block against specified categories
  4. Verify traffic capture is actively routing through the test subject
  5. Perform dnslookup on domains to simulate traffic while safeguarding our internal networks
  6. Eliminate domains containing any error code from the analysis
  7. Check domains for signs of a block on the test subject
  8. Cross-check malware domains with VirusTotal
  9. View and record blocked domains from the test subject

The domain list is considered a snapshot in time because threat domains are quickly de-platformed once discovered. This test took place on September 27, 2021.

Results for Plume Guard

Plume’s security feature, called “Guard” identified only 16.62% of Webshrinker’s known threat domains.

(The blue area represents domains that were blocked)

Guard allowed 83.38% of known threats during our traffic simulation test and performed best in the botnet category, identifying roughly 80% of DNSFilter’s known botnet hosting sites, but well below standard for sites hosting malware - identifying only 14.6% of malware sites. Of phishing and deception sites, Plume Guard recognized just 17% of the known sites DNSFilter tested.

It’s unclear if Plume Guard is built in-house at the Palo Alto, CA based company or sourced from trusted third parties. There are hints the security service is backed by Fortinet when compared to VirusTotal responses, but we can’t make a solid determination. It’s no knock on Plume to utilize third party lists or providers, just an unknown. We supplement our AI threat discovery engine with third party feeds as well here at Webshrinker. 

What is clear is that Plume’s DNS protection is inadequate.

Plume’s Guard threat protection allowed 83.4% of known threats during our traffic simulation test. Plume performed best in the botnet category, identifying roughly 80% of DNSFilter’s known botnet hosting sites, but well below standard for sites hosting malware—identifying only 14.6% of malware sites. It’s true that Webshrinker’s AI is one of the best categorizers of phishing and deception sites in the industry, but Plume’s Guard (maybe relying on Fortinet) recognized just 17% of the known phishing sites we tested.

Parental Controls

As an on-premise router Plume also takes advantage of local network control with internet access scheduling but stops short of specified time limits. There is per device content filtering but as we see with DNS security, DNS content filtering is also lacking. 

We additionally test all competitors against 6 content categories; adult, drugs, gambling, p2p & illegal, terrorism & hate, and weapons. These categories represent the most commonly blocked “bad” content. With our Plume filter set to “Kid appropriate” our test reveals more inadequacies. The graphs speak for themselves.

(The blue area represents domains that were blocked)


Reporting

Plume’s Homepass mobile app provides basic reports on security events with a query list. Domains can be approved from the list on a per device level which is great. Approving and denying individual domains that are not already listed is possible from the security events screens but requires tedious manual entry which brings me to the last point. There is no bulk management of block and allow lists, no way to export or import data, and only security events are recorded.

At-A-Glance

Threat Categories Tested: Botnet, Malware, Phishing & Deception

Content Categories Tested: Adult, Drugs, Gambling, P2P & Illegal, Terrorism & Hate, Weapons
Total Blocked: 50.5%

Botnet Blocked: 80%

Malware Blocked: 14.6%

Phishing & Deception Blocked: 17%

Content Filtering Site Blocking User Specific Control Threat Blocking Internet Pause Scheduled Policy Time Limit Reporting
Yes (limited to kid/teen/no adult content) Yes Yes Yes, only 16.6% Yes No No Minimal, no export

Below is a quick list to jump around our review of mesh router security features.

Part 2 - Plume (you are here)

Part 3 - Netgear Orbi

Ready to put Webshrinker's security to the test? Get 100 free credits.

Mikey Pruitt
September 28, 2021
SHARE THIS ARTICLE
Most Popular
New Webshrinker Categories: Hate, Government, and Trackers
March 24, 2021
By
Peter Lowe

We curate our sets of categories very carefully, and only update them after thorough consideration. Here are the newest Webshrinker categories.

read more
This is some text inside of a div block.
September 13, 2021
Inadequacies of Domain Classification & Parental Controls on Mesh Router Systems: Part 1
January 21, 2021
How To Identify Fake Websites

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.
web
WhitePapers
Webinars
Case Studies
Product Literature

Secure Your Organization Without Slowing Down

Content filtering for end-user protection. Block security threats and inappropriate content with DNSFilter.
Products
Domain APIsTech DemoData FeedAPI PricingData Feed PricingDocumentation
Company
HomeBlogContact UsSystem StatusPolicies
Follow Us
Contact
© 2024 DNSFilter Inc. All rights reserved.
Privacy Policy
Compliance Policy
Terms of Service