Allot HomeSecure is NOT Secured
Home internet users worldwide, billions of them, are exposed to attack vectors they do not fully understand and have very limited knowledge on how to protect themselves. Internet Service Providers, who sit in the right spot, are the ultimate vendor to help their subscribers be protected.
However, Internet Service Providers do not have all the tools to deploy Software Based security solutions like a next-generation firewall.
Starting to explore this space, we found that Allot are trying to penetrate this market.
In the last two months, Allot announced that they deployed a CPE-based network security solution for Homes and Small Businesses.
Exploring Allot website and reading about their HomeSecure solution created a lot of excitement as they proposed lots of features and capabilities:
1) Router Hardening — patch open vulnerabilities and close must common attack vectors in today routers.
2) Smart Home Security — fingerprinting connected devices’ identity and detect anomaly behaviors.
3) Parental Controls — filtering unwanted websites based on their category.
So far, sound good? getting “enterprise” security into your home.
Over Promise, Under Deliver
Just looking at Allot latest Press Releases turns on a red warning light about how they are refurbishing “news”:
1) January 31, 2019 — Tier 1 European Mobile Service Provider Partners With Allot To Protect Mobile Users Using Allot’s NetworkSecure Cybersecurity Solution
2) January 13, 2020 — Central and Eastern European Mobile Group Selects Allot Security-as-a-Service Solution
3) January 21, 2020 — Altice Portugal’s MEO Selects Allot Security-as-a-Service Solution to Protect Mobile Users from Cyberattacks
4) January 13, 2021 — Allot Secure Selected to Provide Cybersecurity Services to a Tier-1 European Mobile Provider with Over 10 Million Subscribers
5) January 19, 2021 — Tier-1 Telecom Service Provider in Europe Selects Allot HomeSecure and BusinessSecure to Provide Cyber-protection to Consumers and SMBs
Yes, you read it right; they published five separate press release on winning, selecting, deploying, and launching Security-as-a-Service with Tier-1 European Operator.
However, talking with the MEO call center, they answered that the service is not available yet.
It Just DNS Filtering
Working 20years in the telecom industry, I worked for Tier1 operators around the world. In January 2021, I made around ten calls to colleagues to ask about Allot HomeSecure offering.
The most common answer: “This is only DNS Filtering, it does not protect against IoT, the device fingerprint is done manually, and it is not even close the be a scalable solution”.
Rule#1 Secure Customers Identity
Remember the press release about “Allot Home Secure Winning Tier1 Teleco Company in APAC”?
Just by running a simple query in crt.sh we can clearly understand that they are talking about Jio.
Just visit https://crt.sh/?q=netonomy.com and then you can easily find all the customers Allot are working with. Including Vodafone, British Telecom, Drei, Eolo, Claro and Verizon.
Allot DPI is Huge Privacy Concern
You have already heard about the uses of Deep Packet Inspection for network optimization. But I’d like to focus on other uses of DPI technology — Cyber Security.
Allot DPI combines the functionality of an intrusion detection system (IDS) and an Intrusion prevention system (IPS) with a traditional stateful firewall. This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot catch events on their own that would be out of bounds for a particular application. DPI products are used to prevent attacks from viruses and worms at wire speeds.
So far, sounds really promising, Allot DPI enables them to prevent malicious payloads that stateful firewall is not able to see.
Unfortunately, Allot HomeSecure uses legacy technologies instead of leveraging ML/AI solutions that are already existing today in the market, which their competitors are using as a baseline like CujoAI, Plume, SAM, Akamai, and Mcafee.
Leveraging ML/AI solutions can detect malicious payload without impacting customers’ PII and analyzing encrypted traffic that DPI can not access.
