CUJO review: A hardware firewall with access control which protects all your connected devices

Hardware Reviews / Reviews / Security / Tech
Cujo Smart Firewall

CUJO does a great job of blocking sites and hacking attempts across all your connected devices to help keep your network safe from malware and hacking.

TA-ratings-94It seems like every time you turn around, there’s another story about a hack, malware, or ransomware. While most businesses have IT departments that should be handling protection against this stuff, the average consumer is usually relegated to relying on anti-virus software. The main issue with anti-virus software is that while it will detect and stop most viruses, it won’t detect or prevent hacks or other attempts on your computer systems or smart home products. Our CUJO review takes a look at a hardware firewall with parental controls that anonymously analyzes your network traffic and helps to prevent malware and hack attempts for all your internet connected devices.

Specifications

CUJO has the following features and specifications:

  • Internet security for all devices
  • Parental Controls
  • VPN (coming soon)
  • Bridge or DHCP server mode
    Customizable DHCP settings (Subnet, IP range, Lease time, Static IP, DNS)
  • Live Video Customer Service support
  • Security Features
    • Safe Browsing (IP/DNS)
    • Command & Control blocking
    • Unauthorized access blocking
    • Antivirus and Antimalware
    • Behavior Analysis
    • Local+Cloud security layers
    • DoS attack protection
    • Protection of all devices on the network (like PC, Phone, TV, Camera and etc.)
  • Management Features: CUJO App for iOS (8.4.1+) and Android (4.1.1+)
  • Processor: Dual Core 1GHz
  • Flash Memory: 4GB
  • SDRAM Memory: 1GB DDR SRAM
  • Acceleration: Cryptographic Hardware Acceleration
  • Ports: 2x 1Gbps Ethernet Ports
  • External Power Supply
    • Input: 100-240V ~ 0.3A 50-60Hz
    • Output: 5V DC 2.0A Max
    • Plugs: US/CA, EU, AU/NZ, UK, Other countries
  • Dimensions (W x H x D): 4.875” x 4.875” x 5.75” (124mm x 124mm x 146mm)
  • Weight: 377g (0.831lbs)

What’s in the box

  • CUJO
  • Power adapter
  • Ethernet cable
  • Quick Start Guide
CUJO-review-01

What’s in the box…

Design

The CUJO hardware firewall has a pretty nondescript, if not cute, design. In some ways, it really looks like a fancy candle holder. CUJO has a rounded cup-like shape with two “eyes” on the front that change to indicate certain functions. Around back you’ll found the power and two Ethernet ports, as well as a reset pinhole. The top of CUJO is capped off with small vents inset underneath for ventilation and the CUJO logo centered on top in white as well. The bottom has a circular ring for setting on a desk or other flat surface. Around this ring is more ventilation. It’d be nice if it had some sort of padding on the bottom ring for extra grip or to protect whatever surface you’re setting it on from potential scratches.

CUJO-review-04

CUJO with “eyes” on.

Overall, the CUJO is simply designed but that’s not necessarily a bad thing as given the design it should fit into any setting without drawing attention to itself and blending in nicely.

Installation

Setup of the CUJO firewall is pretty easy. First, you’ll need to download and install the CUJO iOS or Android app and sign up for an account. Next, connect your CUJO to your router. CUJO can be connected in Direct or Bridge mode. If you only have a single router or modem + router, you’ll be using Direct mode. If you have a secondary router or switch connected to your ISP provided modem + router, you’ll use the CUJO in Bridge mode between the two to protect all your devices.

CUJO-review-03

There are two Ethernet ports to connect to your router or between your router and a switch or second router.

Once you have connected the CUJO to your external router and/or internal router or switch, the app will guide you through the rest of the setup process. While the app walks you through the process, if you have any issues you can email or call a 1-800 number and the CUJO support staff will help you with your setup. In fact, shortly after I connected my CUJO and it was in standby mode I received a phone call from CUJO support almost immediately asking if I needed help. I’m not quite sure how I felt about that as it’s something I’ve never experienced quick “reaching out” customer support like that before.  During this call, we quickly figured out that I had to set my router to 10.0.0.1 before being able to set CUJO to administer DHCP and static IPs through another network like 192.168.x.x.

After you’ve configured the CUJO, if there is a firmware update then CUJO will update and the “eyes” will blink fast. Once the firmware update is complete, your CUJO’s eyes should be smiling. Once they are, the device will start identifying devices on your network. It can take up to 48 hours for CUJO to correctly find and identify all the devices, but you can help the process along as we’ll talk about in the software section in a moment.

It sounds more complicated than it is, and it may be for non-techies, but CUJO has a quick setup video which walks you through the entire process as well, not to mention the excellent customer support for troubleshooting issues.

Ease of Use

Once the CUJO is correctly connected and configured, it can be as easy to use as plug and play. You can also choose to customize and arrange your devices in the app as well (more on that shortly) if you choose, but it’s not necessary. At first, I checked the notifications as soon as they popped up on my phone, now it’s down to a daily or weekly thing if there are notifications or alerts warning me of blocked attempts.

As previously mentioned, CUJO has eyes on it that indicate current modes. When the eyes are “smiling” (look like a pair of upside-down U’s), everything is functioning as normal. If the eyes are “sad,” your CUJO is disconnected or offline. If the eyes are full (both “smiling” and “sad”) then CUJO has detected a threat, and if the full eyes are blinking then the firmware is being updated and you should not disconnect the CUJO at this time.

Software

So just how exactly does CUJO work? According to the company:

CUJO creates a guarded gateway between your devices and their connection to the Internet. We analyze packets for malicious intent right there on the CUJO whether it’s coming in from the Internet, going out to the Internet, or making moves across your network. CUJO applies IP/DNS Threat Intelligence, Behavioral Analysis using machine learning, Unauthorized Remote Access detection, Command & Control detection, and other security methods. When we catch something we send packet statistics (but not full packets) to the Cujo Cloud to analyze device behavior and make sure every other CUJO is aware of this kind of attack. We guard every single connected device on your network, not just your PC.

According to recent studies linked from the CUJO website, 55% of Cyberattacks are Unnoticed by Commercial Antivirus Software (The Guardian), 70% of Connected Devices Are Vulnerable to Security Threats (HP), there is 75% Home hacker success rate of Home hackers getting into devices, and 90% of Connected Devices Store Personal Information.

The CUJO app is where you’ll administer your devices, monitor threats, and set access controls. There currently is no web interface to do this, but it is something that CUJO is working on. When CUJO detects a new device, if it doesn’t correctly identify it right away, you can manually edit it by clicking on it. You can assign a Model, Brand, Device Type, and Device Name, as well as assign it to a group if you have set those up. You can also see when it was last detected, check device information like MAC address and IP address, and see if it’s internet connected and CUJO protected. If the device isn’t listed in CUJO’s device database, you can add it and they’ll review your addition and potentially add it to the list for other users. If you have temporary devices, for example friends or kids friends over, you can swipe and hide that device from the CUJO interface after they’ve left to help keep your list of devices tidy. The next time CUJO detects that device again, it will unhide it and display it in the appropriate group you had assigned it to.

One issue with the app that would be a nice thing to have would be to merge devices. For example, most laptops come with a wired and wireless connection. Unfortunately, the CUJO app displays this as two different devices so you can end up with quite the list and interesting names like “Laptop – wired” and “Laptop – wireless.” I get that they are technically different connections, but they are the same device and aside from making a separate group of each device (which you probably don’t want to do), you’re stuck with multiple entries.

You can, of course, view threats over the last 7 or 30 days. These are split into Critical, Blocked, and Unblocked categories. Critical and Blocked threats are usually listed by IP address and, from what I’ve seen, include sites that are categorized as BotNets, Phishing attempts, or Proxies. Of course there are Unblocked threats, on the other hand, tend to be listed by URL and included sites which are categorized as Spyware, Adware, or similar. This is definitely confusing being labelled as “Unblocked” and according to CUJO support:

If it is a safe browsing threat, it appears as a unblocked after a certain amount of time, even if it was blocked previously. As for serious types of threats (DNS attacks), they will appear as blocked, unless you unblock it from the app itself. In other words: when you get the orange screen on your browser, means CUJO detected, that the site had a poor reputation and stopped you from accessing it. This is a Safe browsing threat

So the TL;DR: is that the threats listed under “Unblocked” are indeed being blocked, but are of a lesser threat level than Critical/Blocked threats. The “Unblocked” category is definitely something that needs to be re-worded.

Access Controls are a newer addition (currently in Beta access) to the CUJO app and they allow you to create users and add devices to that user. From there you can block access to blocks of sites under various categories including Streaming, News, Religion, Social, Shopping, Gaming, Rated R, Adult, Web Email, Advertising Sites, and more. You can also specify websites that are always allowed so you can further fine tune what sites are blocked. The easiest way to do this is to view blocked attempts, select the website and Unblock it which will add it to the whitelisted sites list for all the devices under that user. Unfortunately, at this time you cannot specify specific sites that you can block but the company is working on adding this functionality in the near future.

Finally, the app also allows you to toggle push notifications, require a PIN code to access the app, activate additional CUJO devices, change your password, and manage your CUJO subscription.

The CUJO engineers are constantly working on new features and updates as well. In the few months that I’ve been using it, they’ve added parental controls and are planning to add VPN functionality in the future. It’s refreshing to see a product, especially a security device, get so many updates with a focus on improving and adding more security features and options to it.

Performance

We covered potential malware and hacker risks in the previous section, and how the CUJO software is set up to handle them. So just how well does it work? To be honest, I was surprised at how many malicious or potentially malicious sites were being blocked once I had all my devices connected to the CUJO. Many seem to be related to adware — and there are definitely bad links in some ads — but occasionally I’ll get a direct IP access attempt that was blocked as well.

If you actually try to visit a malicious site, you’ll be greeted with a nice orange blocking page indicating so.

CUJO-warning-screen

CUJO safe browsing warning screen.

On the other hand, if you try to visit a site that has been denied by access controls, you’ll get a slightly different message.

CUJO-site-blocked

Site blocked message due to CUJO Access Control.

I will note, however, that we didn’t always see these messages during testing. Both potentially harmful and Access Control restricted sites were indeed prevented from being accessed but on occasion instead of the screens above we did see more generic 404, ERR_CONNECTION_RESET, or other vague internet connection issue messages.

Price/Value

(NOTE: Pricing updated 09/29/2017) CUJO used to offer monthly and yearly subscription plans but have found that more than 90% of purchases are for the device with the lifetime subscription. As a result, the company is now only offering the CUJO and a lifetime subscription for $249USD. Given how relatively easy CUJO is to setup and use, as well as the fantastic support, constant updates, and blocking capabilities for all your internet-connected devices, CUJO is definitely a decent value.

Wrap-up

While no software or hardware firewall is going to keep you 100% safe from hacking or malware, CUJO does a great job of blocking sites and hacking attempts that you probably didn’t even know existed across all your connected devices to help keep your network safe from malware and hacking.

*We were sent a sample of CUJO for the purposes of this review.

CUJO

$249 USD
CUJO
9.4

Design

10/10

    Installation

    9/10

      Ease of Use

      10/10

        Software

        9/10

          Performance

          10/10

            Price/Value

            9/10

              Nailed it

              • Great setup support
              • Fairly easy to set up
              • Constant updates
              • Parental/Access controls to block sites
              • Protects all connected devices
              • Subtle design that fits most decors
              • Can always allow specific sites

              Needs work

              • Doesn't always correctly identify devices
              • Can be a bit confusing to set up for non-techies
              • CUJO block screens not always shown even though site is being blocked
              • Some devices duplicated due to having wireless and wired networking
              • Can't block individual sites
              Comments
              To Top