With Gryphon – Advance security & parental control mesh WiFi router, stream content, play games online, download files, browse the web, all simultaneously with 6 high powered antennas, 4×4 MU-MIMO, Antenna Beamforming, 3Gbps fast throughput, 802.11bgn & AC3000, 2.4GHz & 5GHz (x2), Tri-Band Radio. Take advantage of Mesh Wifi with additional units. Each Gryphon covers up to 3000 sqft of wall to wall coverage using the latest Wireless Mesh Technology. Find details in Gryphon – Advance security & parental control mesh WiFi router review.
Pros & Cons : Gryphon – Advance security & parental control mesh WiFi router
PROS
- Good throughput performance in testing.
- Easy to install.
- MU-MIMO enabled.
- Excellent parental controls.
- Built-in anti-malware protection.
- User-friendly app.
CONS
- Expensive.
Specifications – Gryphon – Advance security & parental control mesh WiFi router
Key Specs
- Wi-Fi Mesh System: Yes
- Number of Wi-Fi Satellites Included: 0
- Number Of LAN Ports: 3
- Wi-Fi Speed: 3000 megabits per second
General
- Product Name: Wireless-AC3000 Tri-Band Mesh Wi-Fi System
- Brand: Gryphon
- Model Number: GRYPCH18
- Color: White
- Color Category: White
Security
- Firewall Type: None
- Parental Controls: Yes
Network
- Quality Of Service (QoS) Traffic Prioritization: Yes
- Band Technology: Tri
- Ethernet Standard: 0/100/1000
- Number of Antennas: 6
- Frequency Band: 2.4 GHz, 5.0 GHz
- Wireless Standard: AC, N
- Wi-Fi Mesh System: Yes
- Number of Wi-Fi Satellites Included: 0
- Number of Wi-Fi Satellites Supported: 3
Features
- App-Controlled: Yes
- Beamforming: Yes
- Wireless: Yes
Ports
- Number Of WAN Ports: 1
- Port Type(s): RJ-45
- Number Of LAN Ports: 3
Speed
- Wired Speed: 1000 megabits per second
- Wi-Fi Speed: 3000 megabits per second
- Gigabit Ethernet Speed: Yes
Dimension
- Product Height: 9.3 inches
- Product Length: 4.3 inches
- Product Width: 4.3 inches
- Product Weight: 1.8 pounds
Price and avilability
The $430 Mesh Double Pack includes a pair of identical white devices, power adapters and a Cat-6 networking jumper cable. An individual Gryphon device, which can be used as a router or as an extension, costs $230. A Gryphon-based network can have as many as six extensions, rather than the unlimited number of extensions that Samsung’s SmartThings supports.
What is good in Gryphon – Advance security & parental control mesh WiFi router?
Advanced Network Protection*
- Malware and Ransomware Protection: Powered by ESET Technologies, Gryphon protects every single device in the home from a central location.
- 24/7 Intelligent Intrusion Detection: Gryphon uses machine learning to monitor all in-home devices – including smart home devices – to guard from potential hackers.
- Block Phishing Links : Gryphon automatically blocks phishing scams to ensure you’ll never accidentally click on a malicious link again.*
- Gryphon Plus 18 comes with free 18-months of Advanced Network Protection that can be extended for $7.99 per month or $79 per year.
Advanced WiFi Technology
- Tri-band 2.4GHz and 2x 5GHz bands AC3000 : Three simultaneous Wi-Fi radios for more bandwidth to every device on the network.
- 4×4 MU-MIMO : Advanced WiFi with multiple streams of data for optimal throughput performance, eliminating bandwidth bottlenecking during concurrent device usage.
- WiFi Mesh Whole-Home Coverage: 2 Gryphon mesh routers cover up to 6000 sq. ft. to eliminate dead spots in the home.*
- Optimize Network Health: Qualcomm’s WiFi-SON technology that self-configures and self-organizes your WiFi to enhance overall performance of the network.
- Prioritize Device Bandwidth : Bandwidth priority to a select device as needed for improved quality of service (QoS).
Parental Control System
- Control Content : Enable or disable access to popular apps like YouTube, Facebook and Snapchat and execute real-time requests for website approvals instantly.
- Regulate Usage Time: Schedule homework time, bedtime, or simply pause the internet at any moment with a single click.
- Filter Content Automatically: Gryphon automatically blocks inappropriate websites using our CrowdRanking™ algorithm.
Subscription
The Guardian comes with a 60-day free trial of Advanced Network Protection powered by ESET Technology, which uses active scanning and intrusion detection technology to protect your network and all your clients from hackers, unwanted ads, and malware infections. Once the trial period expires, you can pay $79 for a one-year subscription, $149 for three years, or $199 for three years with an additional two-year hardware warranty. (The system comes with a one-year warranty.) You also get a 90-day free trial of Gryphon’s HomeBound mobile app which gives you all the parental controls and network protection that you get when connected to the Guardian network even when you’re out and about using cellular data or a public hotspot. Once that trial expires, HomeBound coverage will cost you $4.99 per month for up to five mobile devices.
Gryphon – Advance security & parental control mesh WiFi router Review
Design
Easily one of the most interesting-looking networking devices, the Gryphon Secure Mesh System’s large white rectangular tower has a quarter-turn vertical twist to them. At 4.5 x 4.5 x 9.5 inches, each Gryphon Secure Mesh System (SMS) device is big and chunky, but 30 percent smaller than Netgear’s Orbi Voice RBS40V speaker extension; Gryphon lacks the audio abilities of the Orbi Voice extension.
Ports
Each Gryphon tower has LEDs on the underside of the unit that blinks white when it’s ready to be setup and solid white when everything’s done. Unfortunately, they continue to be white as if nothing is wrong even during an Internet outage, but the app shows the disruption.
Underneath each Gryphon device is an Ethernet port for your broadband modem as well as three downstream networking ports; all can move gigabit per second data. There’s a power connection and a recessed reset button, but Gryphon lacks a USB port for adding USB-connected devices, though Ethernet will still work for most networked printers or data drives. Happily, the back is open to route the cables through.
Unlike Orbi, the devices are identical and during the setup procedure you decide which will be the base router and the extension. Under its twisted skin is a triband 802.11AC router that can move up to 400Mbps over a single 2.4GHz channel, as well as 1.7Gbps over its primary 5GHz channel and 866MHz over its secondary 5GHz channel. Like the Orbi Voice RBK50V, Gryphon has a dedicated 5GHz backhaul channel and the device tops out at about 3Gbps.
Parental Control setup
The Guardian kit offers excellent parental controls that allow you to create user profiles for each family member, assign age-appropriate web filters, and have those filters apply to all of the user’s devices. Age groups include Toddler, Elementary, Middle School, High School, Adult (18+), and Unfiltered (unrestricted):
Additionally, you can set Screen Time Management parameters to schedule each user’s internet access and suspend it during bedtime and homework time, and you can use the Apps Control to specify which apps can be accessed and when. Enable the Safe Search feature to filter out search results that contain adult content and the Store Browsing History feature to view your child’s viewing history.
Gryphon – Advance security & parental control mesh WiFi router performance review
According to the company, a single Gryphon router can fill a 3,000-square-foot home with Wi-Fi. A pair of Gryphons should be enough for a 6,000-square-foot mansion.
Based on Qualcomm’s IQP4019 Wi-Fi chip, 512MB of RAM and 4GB of flash chips, Gryphon is rated at AC3000. It sets up a 4X4 streams and includes MU-MIMO for connecting several clients at once, beamforming to tailor the transmissions to the receiving system and Qualcomm’s Wi-Fi SON (Self-Organizing Network) system for sending the data on the most efficient route.
The device continued to excel with 587.5Mbps available at 15 feet and 607.1Mbps at 50 feet, outpacing the Orbi Voice (563.9Mbps and 543.6Mbps) and the Linksys Velop (527.1Mbps and 459.4Mbps) at the same distances. It fell short with 432.5Mbps of throughput at 100 feet, 15 percent off the Orbi Voice’s 498.9Mbps, but at 150 feet, Gryphon delivered 387.4Mbps, just ahead of the Orbi Voice (359.9Mbps).Advertisement
Using Ixia’s IxChariot network benchmarking software, Gryphon SMS performed exceptionally well, both close-up and at a distance. The system peaked at 682.8Mbps of throughput 5 feet from the router, 11 percent higher than the Orbi Voice RBK50V.
It tore through our penetration tests that mimic home construction materials with a strong 768.3Mbps available on the other side of a soundboard wall, 39 percent and 44 percent higher throughput than the Eero’s 471.2Mbps or Orbi Voice’s 430.5Mbps. The Gryphon moved 573.4Mbps through a metal wall, slightly ahead of the Linksys Velop’s 560.0Mbps and pushed 622.3Mbps up a floor, blowing away the Eero (471.2Mbps) and the Orbi Voice (376.5Mbps).
The Gryphon LAN passed our informal saturation test where I listened to internet radio on a MacBook Air while playing HD and 4K videos on a Surface Pro 3 and iPad Pro tablets and I moved data around with a Samsung Tab Pro S. It ran without a problem for a week and used 6.3 watts of power. If you pay the national average of 13 cents per kilowatt-hour for electricity, a pair of Gryphon SMS devices will cost about $15 a year to operate.
It was almost enough to fill my 3,500-square foot home, with the router-extension pair leaving a couple of dead zones. Its 90-foot range was 17 percent off Orbi Voice’s 105-foot range but should be more than enough for most homes.
Gryphon – Advance security & parental control mesh WiFi router customer review
This is quite simply the greatest consumer router in the world.
As a senior network engineer and cybersecurity expert I am exposed to a lot of firewalls/routers/NGFW and UTM appliances. So when I tell you something is great, you can bet it is great! First we will run through the hardware of this device, followed by the setup/configuration of it, then the testing and result of it. Sit back and get ready for the ride!
First things first.. The packaging is great, giving off a real premium feel. The box is so nice I think I want to put it on display. Hardware wise, this is a beast. Far above the most powerful consumer routers.
Gryphon has a Quad Core Arm Cortex A7 processor with 1GB of RAM and 4GB of Flash ram
802.11bgn
802.11AC
3000Mbps throughput
3 Radios (2.4 and 2×5.0)
4×4 MU-MIMO
Beamforming and WiFi Priority
Mesh (instant)
Six Antennas
In comparison, a top of the line ASUS RT-AC3200 has a Broadcom BCM4709 dual-core 1GHz processor with 256MB of DDR 3 system memory and 128MB of flash storage. Which is absolutely ANEMIC compared to the Gryphon. Especially considering a Dual Core Broadcom will spike to 100% CPU use on anything over 500Mbps and will struggle to 900Mbps. Contrary to the Gryphon, which can run at wire-speed 1000/1000Mbps without breaking a sweat.
Software: (the basics, more later)
Gryphon runs on LuCI, which is a fork of OpenWRT – highly customized and locked down.
Intrusion Protection isn’t signature based, rather it works off traffic anomaly inspection.
Web Filtration is by ESET, and ESET uses licensed zVelo web filtration. (one of the top 5 in the world)
Speed testing of your connection along with Up/Down Status of your WAN
Anti-Spoofing (MAC/ARP), Rogue AP Detection
Vulnerability Scans
Prioritized Device
Extreme Device and Parental Control
Setup is extremely easy and amounts to installing the iOS or Android App then following the instructions. Those instructions are, you register for an account, plug in the router, scan the QR code and the router is paired with your account and app and is ready to be configured. Initial setup from unboxing to an active WiFi signal ready for connection is less than 5 minutes. It should be noted that all of this is conducted over encrypted channels. There are a few things i would like to inform you of regarding setup;
1) You should unplug and fully disconnect your existing router. (with the assumption you have a Modem+Router setup right now)
2) The Gryphon plugs into the ethernet going to your modem.
3) Gryphon defaults to a 192.168.1.1/24 network, you CAN change this now. (Gateway 192.168.9.1)
4) Gryphon defaults to DNS 8.8.8.8/8.8.8.8, you CAN change this.
5) Gryphon allows multiple SSID’s and allows you to segregate them by bands.
6) Gryphon has NO configuration via web portal. Hitting the firewall gateway of 192.169.1.1 yields a device (the one you are on) landing page with statistics, and the ability to request access to specific websites you are blocked from.
After setup is completed you’ll go into the app and start examining devices connecting to the Gryphon. Each new device connects automatically to the ‘Guest’ user profile. From there, it’s up to you to select the device, label the type of device it is, then assign it to a user group for granular restrictions/control over the device. This is the meat and potatoes of the Gryphon because device assignment largely controls the type of protection a device will have. Some important information about this;
1) Some devices can’t be user assigned once you designate the type of device. This is by design. If you pause the internet for a user with 4 devices, you don’t want to pause their camera, thermostat or alarm system! So specific, critical devices are outside of the user profile area and designed as ‘Things’ by Gryphon.
2) Device designation controls the intrusion protection for the device. For example computers have a lot of random activity, so they will be ‘softened’ for IPS. While your thermostat essentially does the same thing, and the AI/Machine Learning knows what it does, so it has a hardened intrusion protection level. If you assign a computer to a thermostat category you are going to be bombarded with warnings about HTTP/HTTPS activity, open ports, etc.. Don’t do this.
3) Device categories are ‘somewhat’ limited, about 29 different types. But strangely, they are missing some basic types like DVR, Network Switch, Servers and Robotic Vacuums. I would recommend assigning DVR to ‘TV’ category and vacuums to ‘Other’ for now. I’ve notified them of my request to add additional categories for some common devices. Most folks probably won’t have an issue here, as every other device is included.
Once you assign each device to a category, and if it applies, to a user group then you can go in and configure the device access at the granular level and this is VERY powerful! Gryphon functions at the application layer, so it can determine application use on the individual device level, and control access to individual applications and when they can be used. For example if you don’t want your kids on Snapchat after 10PM at night, you can control this with a simple slider. This is a very powerful system that far outstrips any other router in the world other than SMB/Corporate UTM offerings costings many times more money. We’ll go into important points about parental control below;
1) You can control ‘Homework’ hours. Which means only homework/educational sites can be visited during X to Y hours on a specific device.
2) Actively PAUSE the internet for specific devices, anytime you wish. (and it does NOT use ARP poisoning like Fingbox and others)
3) Schedule internet time of day. On/Off, specific times, etc.
4) Enable safe-search for all search engines, and disable all youtube comments, automatically on all devices!
5) Store browsing history, with a snapshot of each page browsed.
6) Allow/Disallow VPN activity on each device.
7) Control individual application use, when you want and how you want. (No snapchat after 10pm kids!)
8) Click on the ‘i’ for age groups for more information and what is filtered. Adult 18+ will filter malware+porn only. Unfiltered will filter malware only. Unfiltered isn’t clarified on the fact it still filters malware but it does. Toddler is the equivalent of full whitelisting mode. Essentially blocking everything except what you allow. That’s a great profile age group for things like servers and limited IoT devices!
9) Blocked sites bring up a portal page, from there your users can ‘request’ access. Which then sends a screen capture of the page they want access to and the ability for you to one-click allow/deny. Impressive!
10) Users can go to the gateway IP on their device (192.168.9.1) and request a laundry list of sites for you to unblock.
Security (my favorite category)
Gryphon is an incredibly secure router/UTM. It’s running LuCI on OpenWRT, completely custom designed. All of the common ‘hacking’ ingress on it are completely closed off. No SSH, no web admin access, no HTTP/HTTPS configuration panel access. No default passwords. No WAN OR LAN facing configuration AT ALL. This in and of itself closes off many thousands of potential attacks and cannot be overstated about why it is important. Your typical home router comes out of the box with a default password and HTTP WAN/LAN access. Your typical home consumer opens it up, plugs it in and leaves all of this alone, and in the process gives even the most basic hacker complete access to their router, home network, and potentially all devices on the home network. So right out of the gate Gryphon is incredibly hacker resistant, there just isn’t anything to hack on it. I ran port scans and penetration testing. Gryphon does very well here with full stealth on all service ports right out of the box. Some highlights about security;
1) All ports automatically stealthed.
2) No SSH/Telnet/HTTP/HTTPS admin access (lan or wan) Config is only through app.
3) No default passwords/logins. You setup a strong password for your account on the app, which is paired (encrypted) to the app. Only YOU can access your device, period. End of story.
4) ESET Technology for Web Scanning (HTTP/HTTPS), which is a subset of the powerful zVelo web categorization system.
5) Machine Learning/AI system for device anomalies with the capability to quarantine infected devices.
6) ARP/MAC spoofing detection/blocking.
7) New device control (including default blocking of new devices)
and much more…
With the bullet points out of the way, for security buffs I am going to tell you how to ramp this Gryphon up to new levels, essentially making it UTM-Like in functionality. First, I recommend instead of creating User Profiles, you create DEVICE profiles. This is easy to do, all you need to do is create a user profile for a specific goal you wish to accomplish. For example let’s say you want to block some specific devices from ALL internet connectivity, let’s say you run cameras with a local DVR or Blue Iris on the network and you DO NOT need your cameras talking to the internet. To accomplish this task with Gryphon all you need to do is create a ‘Camera’ user profile, assign a device type as ‘Computer’ to your cameras, move them to the Camera User Profile, then go in and edit the camera profile and pause the internet AND/OR set it to ‘Toddler’. Your cameras will never be able to communicate outside of your network or be able to be hacked, or send telemetry to China, etc. This functions as a sort of policy based routing with some level of granular control and I feel is one of the most powerful aspects of Gryphon when configured correctly.
Instead of user categories, I have: Tablets, Phones, Desktops, Laptops, Servers, Cameras. Then I group devices within those categories and assign specific rules/controls to control them on a more granular level. For example my ‘Servers’ user profile is set to Toddler, then I go for the first day of use, look at the pages the server is trying to access, and whitelist/blacklist based on the activity I want to permit. That way the servers still get windows updates, but can’t do things like have ransomware on them dialing out, telemetry from installed applications, etc. This is exceptionally powerful and a largely undisclosed (but major) benefit of Gryphon. The best part, I can do all of this and manage my entire network from my phone laying in bed! Here are some security tips that would likely make the Gryphon one of the most secure routers in the world;
1) Since all devices connect to ‘Guest’ user profile until you categorize them – I recommend restricting Guest Profile to Toddler and/or setting that profile to be permanently paused. That way it’s a full lockdown on all new devices, until you approve those devices individually.
2) I recommend device categories for user profiles over individual users in many cases. This allows you to group all devices, then control them. Servers with limited access out the WAN. Cameras or other junk you might want to totally block from the internet, etc.
3) I recommend setting SCHEDULES for all computers. For example group your computers into a computer user profile, then set a schedule to disable the internet from 2AM-7AM each night. This will reduce your threat surface during off hours and provide additional security.
4) Go into malware protection, and toggle it to ‘All Threats’. There is no reason to degrade security in any way.
Bottom line, out of the box this is one of the most secure router in the world. With minor tweaks, it IS the most secure one in the world, probably even above many SMB/Corporate offerings.
Wireless (how good is it?)
REALLY GOOD. My home is quite large, and this device covers all three floors and the entire floor plan with full bars in almost every area. To give you an idea of how good this is, I previously required 3 FortiAP units when I used Fortinet, and when I switched to Ubiquity I required a top of the line Unifi AC-HD Pro unit AND a Mesh Lite unit to cover the home. This unit performs better than any other wireless solution I have tested. Google WiFi, Velop, Orbi, all of them are childrens toys compared to this!
Speed wise, it’s 3000Mbps ‘total’ maximum throughput. Obviously you won’t get that if your connection is 300 Mbps, what it means is the absolute maximum from all devices and radios combined will be 3000Mbps. That’s throughput on the LAN, WAN, and all three radius. But it does live up to it’s potential far better than any other router I have tested – you can trust me on that! Top of the line ASUS routers are nothing but trinkets compared to this. They’ve really done their homework regarding this system.
Recommendations/Cons
No cons to this device at all. But I would recommend they implement a few basic things to take it to the next level. ICMP shouldn’t respond from WAN. Even with ports all stealthed I’d like to see ICMP responsed blackholed. Not a huge issue. I’d like to see a ‘custom’ web filtration category where I can setup custom fields about what to block. A few more device categories would be nice.
In close – this is the best possible router (hybrid UTM) device you can purchase for your home. Period. Bar none. Nothing else comes close. You can toss every other gadget out (Fingbox, Dojo, Norton Sphere, Cujo, etc), they’re all basically junk compared to this. This is the only consumer router to get my 100% seal of approval. In fact, for prosumers, you can probably forget about your Sophos and Fortinet’s and run with this. You won’t be disappointed! Another recommendation to Gryphon Company would be to improve information and FAQ with more detailed question/answers, especially for the Prosumer market. I’d like to see whitepapers, some test results, and maybe technical documentation. Information is a bit too vague IMO, and I have provided more information in my review here than you’ll ever find anywhere on Gryphon, and it was done through my own testing/research over a 24 hour period.