Homeshield Security (XE75 Pro) feels unsafe

Homeshield Security (XE75 Pro) feels unsafe

Homeshield Security (XE75 Pro) feels unsafe
Homeshield Security (XE75 Pro) feels unsafe
2024-06-11 06:54:44
Model: Deco XE75 Pro  
Hardware Version: V3
Firmware Version: 1.2.9 Build 20231225 Rel. 57598

I recently (May 31st) upgraded a Deco M9 Plus mesh to Deco XE75 Pro. Reluctantly because I anticipated having to pay for security features that were previously free, but I wanted an upgraded network in the house and saw benefit in the ability to use the M9s as additional access points to reach the far corners of the house with better wifi (that is also not without problems it turns out, but may be related to device rather than the Deco's). I also wanted more LAN ports to be able to ditch a small switch I had to use previously.

 

My concern is as follows: After activating one of the XE75 Pro's as main Deco and upgrading Homecare to HomeShield as expected, and signing up for the paid security package ("Advanced"?), I did not feel safe at all.

 

I run a NAS with some ports open for external communication and in the Homecare version of the Deco app I could frequently see various attacks being blocked. On average every 1-4 hours the log showed an attack attempt in the form of "WEB Remote Command Execution via Shell Script -1.h",  "WEB PHPUnit CVE-2017-9841 Arbitrary Code Execution Vulnerability" etc. believe I run my NAS fairly tight and generally don't have any problems except the occational brute force login attempts from a specific IP-range which I then block manually, but it's nice to see Homecare picking out some of the most obvious attacks right away.

On the contrary with HomeShield over the course of 7 days I got a total of 3 notifications of threats, 2 of them being listed as being portscanning attempts from my own devices internally on my locan network. Nothing about blocked vulnerabilities etc.

 

Now it's possible these blocks of external attacks were still taking place with HomeShield, but I don't know, they were not even showing up in the reports. I just know that as soon as I switched back to running one of the M9 Plus as main Deco with Homecare, the warnings kept popping up again, so it's not like the attacks had magically stopped. It's also worth noting that the worst brute force attack I have seen so far happened in this week, with HomeShield not detecting anything. I had to manually discover it on my NAS, determine the IP range it originated from, and block it on the NAS because Deco does not allow blocking external IP's only internal devices.

  3      
  3      
#1
Options
4 Reply
Re:Homeshield Security (XE75 Pro) feels unsafe
2024-06-18 08:46:58 - last edited 2024-06-18 08:47:23

  @fywq 

Hi, Thank you very much for the feedback.

I believe that the antivirus detection rules are different between HomeCare and HomeShield. They are,after all supported by diffrent securiy providers. However, the protection records under HomeShield's Security section can be somewhat vague and confusing at times. There are plans to enhance this by providing more detailed information in future updates.

Thanks again for your understanding and support.

Best regards.

 

  0  
  0  
#2
Options
Re:Homeshield Security (XE75 Pro) feels unsafe
2024-07-16 14:57:47

  @David-TP Thanks for the response.

 

I will keep an eye out for further updates on this, but currently it is hard to justify paying for being left in the dark about threats. I realise it is different security providers, but it is hard to understand how a service which feels insecure and with fewer settings and features should be a subscription (and parental care part is the same really) compared to the previous free service, so the features and information level really needs to be stepped up for it to be a worthwhile proposition. Right now my XE75 Pro's are just really expensive second violins in my setup, which, after spending a considerable amount of money on them, feels.... not good... And at the moment I am going from recommending Deco products to friends and family due to the M9-Plus/Homecare package to not being able to recommend Decos to anyone. That seems like a bad business deal for your guys as well long term.

  3  
  3  
#3
Options
Re:Homeshield Security (XE75 Pro) feels unsafe
2024-09-25 08:59:10 - last edited 2024-09-25 09:00:04

    @David-TP @fywq 

I have upgraded from M5 which was perfect and felt safe with the free included HomeCare.  I run a NAS with some ports open and was reassured by the homecare of all the attacks that it stopped.  

However upgraded to XE75 mesh and was disappointed to see that I have to pay for Homeshield for basic protection.  This in my view is ridiculous, to have to pay such a large upfront cost and then to expect customers to pay a subscription to get basic protection on your router.  

I will be selling all my Decos which I was very happy with for a number of years and getting a ZenWifi mesh since they included protection and parental controls for free for life.  This is what I expected when I bought my M5s and I cannot recommend TP-links and Decos to anyone anymore.  

Bad business choice.  

  1  
  1  
#4
Options
Re:Homeshield Security (XE75 Pro) feels unsafe
a week ago
I know that feeling. I decided to go down the rabbit hole and set up an opnsense router on a dedicated mini-pc and then get a managed switch and (ironically?) two TP-Link Omada access points. Total price is about the same as the Deco XE75 Pro 3-pack it is replacing and now I have absolute control of everything (maybe even too much - I often feel like the available settings imply one to have a degree in network engineering)
  0  
  0  
#5
Options