Products & Services
-option to delete obsolete devices from the status view
-option to set the time period sense discovers the device obsolete/not disconnected
-status view of all in/outcoming connections and possible portforwardings(ipv4/ipv6),e.g. status-view url
+DNS list of what host does request
+My own block list, I can whitelist but not block domain(s)
- Website blacklisting as in opposite of whitelisting
- PPTP VPN passthrough! A must feature for me to use it at all.
- Disable DHCP in Sense
- Assign static IP per device
- Remove old devices
- Statistics per device/Sense on used data, active time, connection speed statistics, blocked threats, tracking attempts etc.
- Speed limit per device (not just block all access as currently).
- Ability to change Wifi bandwidth 20/40/80
- Ability to disable Wifi radio (i would prefer using only 5GHz and disable 2.4GHz)
TLS Everywhere, with best-effort option, of course.
- Unified SSID: 2.4 GHz and 5GHz using the same network-name
1.) Option to clear /delete the blocked threats page events.-----
Priority = Moderate. While this isn't a Top 10 feature need, it would be very helpful from a product usability POV.
SummaryMore specifically, this feature should allow us to delete individual events or all of them at once.The issue with not having this functionality is that the only way to "delete" events is to wipe the Sense device and then start over. It's just really easy to get lots of threat events right now (AKA All it takes is one HTTP page that is is a false positive for malware and that your device(s) are making lots of calls to). Once this happens, the logs then get really noisy which in turn completely defeats their usefulness.
2.) Nex Gen Sense Hardware should support Gigabit Speed Support (w/all Security Features enabled)
Priority = Low for now (see my subequent post explaining more of the reasoning), but a very high priority to ensure that this makes it into the Sense v2 hardware product whenever the right time is for that to happen down the road. The Sense v2 needs to have a future-proof-ed CPU that can support the packet and inspection rates that would be needed. That way, the Sense Team could light up full gigabit support on launch of a v2 product (or alternatively, gradually light up higher bandwidth over time via future software updates that serve to unlock more and more of the underlying CPU horsepower). I'm not sure how much longevity F-Secure is looking to get on each hardware SKU they release (best guess would be 1-2 years each), but given that, I don't think that F-Secure would want to be headed into 2019/2020 without underlying Gigabit compatible hardware given where the market already is (and where it's likely to go).
The Sense is currently CPU limited to about 350 <-> 650 Mbps of upload/download bandwidth depending on your exact network patterns as laid out here:https://community.f-secure.com/t5/F-Secure-SENSE/What-is-the-routing-and-WiFi/ta-p/93695
This is very challenging for anyone paying their ISP for 400 Mbps+ worth of bandwidth. We are all essentially being capped by our Sense devices vs. our actual ISPs and thus throwing $$$ and precious bits and bytes down the drain every month
Also to be clear, Gigabit speed means Gigabit speed with all of the normal security features that we'd use being fully enabled. Don't give us Gigabit speed only if we strip down our security by disabling a bunch of important security settings. Otherwise, what's the point of buying a Sense vs. picking up one of the many Consumer WIFI routers that is capable of running at Gigabit speeds?
To be more specific, there are at least 13 or so Consumer Routers that can more or less fill a Gigabit link (let's say 930-ish Mb/s) as shown via Small Net Builder's LAN <-> WAN benchmarks.
Now to be fair, these routers don’t fit in what we might call the emerging “Consumer Security Router” product category, which I would loosely define as the:
And that category matters of course, because a Security Router is always going to be doing much more packet / flow intensive work than a regular router would.
That said, Asus is already doing a solid job of blending IOT security features (via their bundled AI Protection from Trend Micro) with the normal benefits that you can get from what I might call a tradtional WIFI router (these devices have lots more features even if they may be lacking in security compared to the Sense). Net, net there is real competition here in this space for Sense (even if the Norton Core team has been busy dealing with product quality issues as of late. For more details, scan the history of the Norton Core's slowly, yet gradually improving Amazon ratings over the last 6 months. Also to be clear, I mean no disrespect to the Norton Team here. My point simply is that Norton will eventually release a v2 and the F-Secure needs to be both ready and to not underestimate it when they do.
Why should this be Addressed?
Here are some key stats to help show the size and growth of how this problem will grow if it is not addressed in F-Secure's next hardware platform
- Analysis of deployments indicates that 219 million people globally now have gigabit Internet available to them (as of 5/2017)
- There are currently 603 (I'm assuming they mean ISPs here) gigabit Internet implementations, up 72% from last June (as of 6/2017)
- The United States has the highest number of people with access to gigabit Internet at 56.4 million (as of 5/2017)
3.) MAC Filtering
Priority = Very, very High. IMHO, this should be high on the Product Management and Engineering Team's short list (along with other key table stakes type features still missing like Guest WIFI, etc.)
Hopefully, MAC Filtering needs little introduction, explanation, nor justification for it to be included towards the top of the list as it's a bread and butter type feature. Without MAC Filtering, we have a a much more limited ability to implement standard Layer 2 security best practices using "Default Deny" type techniques.
4.) Tracking URL White Listing
Priority = Moderate
Implement a list, which collects all tracking URLs that are being blocked and provide a method or setting for users to whitelist them individually in the future. This would definitely be very helpful to have. That said, from a priority POV, I would still put it below other key missing features like MAC Filtering in case it helps.
I would certainly hope that they don't release a 2nd gen device when the first one is still in the stage that it pretty much was a year ago.
But in the other hand, nothing would surprise me at this point.
Yeah, 1SK, I 100% agree with you, and so I should probably better clarify my last post there.
I agree with you that the current top priority right now should be to round out the Sense v1 product vs. throwing all of their resources at the Sense v2 product. My point there was simply to say that I feel that the team should keep the CPU in mind one they get to their v2 planning.
The key thing about Product Management and Engineering Teams is that different parts of the team are often simultaneously working on different generations of products at different times of the year. So I just want to make sure that the CPU limitations in the v1 product is something they keep in mind for their Roadmap planning whenever the time is right for them to get to it.
I bought a Siemens dishwasher which came with application control via mobile phone (Home Connect). Connecting dishwasher to wifi (yes I know) went well but when I tried to connect dishwasher to mobile phone I got errors. It turned out that Home Connect requires multicast-routing from access point.
I replaced Sense with old Apple Airport -access point and Home Connect worked fine and I got dishwasher and mobile phone paired. But when I changed Sense back in duty connection broke down again.
So what we need is to Sense stop blocking multicast-traffic!
Decided to also post this info on this topic also, since a lot have been waiting for this:
Happy to inform everyone that the latest firmware and latest beta app now shows the option for the guest network in the network settings.
Firmware version is 2018-03-21_01 - p-18.104.22.168
You can force firmware update with probably just rebooting sense by unpluggin it from the power.
(or set the router updates to immediately before reboot)
It would be great if I could block IP blocks such as all of Russia or China etc.
I would really appreciate having Freedome integrated in SENSE soon. The 9,99€ monthly fee for SENSE is quite a lot money that it should cover Freedome as well. I won‘t pay for both services. Thank you!
Hmm, I got my Bosch washing machine working on Sense. Also Home Connect.
With the last Windows 10 update, Microsoft killed the HOMEGROUP feature. Since then, my hostnames on my home network are not resolved anymore. Since all my devices connect to SENSE, and it knows which device is connected on which LAN IP, perhaps it could provide a local DNS service for hostnames on the LAN?
Umm sense or any other router always provides local dns?
And for the windows issue, check this article on how adapt to the new ms style https://support.microsoft.com/en-us/help/4091368/windows-10-homegroup-removed
I don't think this is a normal function of a router, but SENSE is also more than a router, as we are told.
That Microsoft article is only partially helpful, my use case is my Raspberry to which i connect via ssh from my Windows system. As long as I had HOMEGROUP, I could use commands like ping raspy, or ssh raspy. Now, I must use the IP adress to connect.
I know, first world problems, and I am aware this is more a comfort feature than a necessity. But one can always ask - I have no idea how hard it would be to implement, or if anyone other than me would ever make use of a feature like this.
DNS seems to be a simple service, but is't very hard to implement properly due to all the extensions made over all these years it existed... Pleas consult the DNS Camel:
Please add support for 802.11k, 802.11r, 802.11v protocols and apply WiFi Alliance Easy-Mesh, so we can add multiple WiFi Access-Points and build proper roaming WiFi networks
Ability to clear(delete) and refresh(rediscover) all Sense discovered devices by rebooting sense using admin-program
Thinking of buying a SENSE router but I miss some features that I find important.Viruses do not only spread from the internet, some IOT devices are even shipped with malware. A scenario that would leave your other devices on LAN exploited with this router, right?It would be nice to able to isolate for example IOT devices on a different subnet than your other devices such as PCs, storage aswell.Maybe this is already in place? But I find it impossible to find a complete list of features or roadmap for this promising router.Wishlist:-IEEE 801.1Q (VLAN) on lan/wifi for segmentation or some other feature for microsegmentaion.Nice to have:-IEEE 802.3ad (LACP) Link aggregationThanks!/Ahrmat - "The 'S' in IOT stands for security"
I suggest publish desktop Sense app on Mac AppStore and Windows Store. I also suggest publish Safari security extension for macOS on MAS, due new Safari version does not support dangerous extension from outside MAS. I also suggest translate Sense app for iOS to Polish language
> I got my Bosch washing machine working on Sense.
I wonder if F-Secure Sense supports securing Tesla battery-electric automobiles, e.g. model 3 / S / X / Roadster / Semi?
(Note: Teslas receive frequent firmware updates through Wifi / 3G, including such critical areas as anti-skid braking control logic, so they should be well-protecte when connecting to the net.)
Thanks in advance, BR: Tamas Feher, Hungary.