Since getting the new Yoggie Pico Pro security appliance, I've been doing some testing. Last week I told you about the easy installation, but also the unexpected blue screens when trying to use the Kaspersky Desktop.
I must admit I've been rather unimaginative in my testing of the Pico. The first test was, of course, downloading the Éclair test virus. Mixed results on that: while the Pico did pick up the virus and block access to it via HTTP; using the HTTPS link let it right through and I happily saved it on my Desktop. I don't see why malware/virus writers wouldn't use HTTPS to download payloads and bypass devices like the Pico.
Luckily I still had Windows Defender running in the background and that quickly picked up the test virus. Strictly speaking I should have disabled Defender as the Pico runs "all the security applications that you will need to completely protect your laptop…." I'm glad I didn't.
I tried some general surfing of dodgy Web sites but didn't receive any malware alerts, so started to play around with Web filtering instead. This can be enabled via the management interface and allows Web sites to be blocked by category. This was pretty successful. Blocking adult content successfully denied requests for thehun.net and blocking e-mail/chat stopped me from accessing Gmail, Live Mail, and e-messenger/net; it did not block access to the Web mail interface for my personal domain, so I would guess it's based on block lists rather than content analysis (because how hard is it to pick out the text ‘Squirrel Mail' from an HTML stream?).
The management interface front page gives a high-level overview of security status using the traffic light system of green/yellow/red to represent low, medium, and high alert levels. There are various 3D reports available to give a graphical representation of alerts; these can split events down into more detailed categories for analysis.
I'm sure the questions everyone has are: does the Yoggie Pico do all that it claims and is it worth the $199 price tag? Here is my list of Pros and Cons:
- Web filtering is great for parents and sysadmins alike; although not bullet proof, it's good enough to stop the average person from wandering on to prohibited sites.
- Very pretty design—silver/black/blue; futuristic.
- Device cannot be bypassed without an admin password.
- Web filtering won't stop everything.
- It's a little large for USB key styling and blocks access to the adjacent USB port.
- Drivers are unsigned (not good for a security appliance!).
- Can't detect malware if downloading via HTTPS.
- Conflicts with Kaspersky, possibly other desktop AV software too.
- Doesn't protect you from malware delivered via USB keys, CDs etc.
Personally, I think the claim that the Yoggie Pico offloads processing of security tasks from the main CPU is completely untrue as is the claim that "all the security applications that you will need to completely protect your laptop work harmoniously inside Yoggie Pico."
Let's be sensible and look at this logically. How is a device which filters network traffic looking for malware going to stop my computer from becoming infected via some other form of media (specifically USB/CD/DVD)? I think the inclusion of Kaspersky Desktop is an admission that it won't.
Furthermore, if the Pico can't scan HTTPS traffic then how does it stop malicious payloads from being delivered via that route? It can't.
Therefore, not all of the software I need to completely protect my laptop is running on the Pico; I still need desktop protection (hence the included installation of Kaspersky Desktop).
If I'm still running desktop antivirus and anti-malware software, then I'm not benefiting from offloading security tasks to the Pico so the performance gain is out of the window too.
These simple facts render both of Yoggie's main lines of sales hype moot and void.
We still have physical separation but that alone isn't enough to motivate me to spend $199 on one (let alone a corporate fleet)!
Overall, I would say that the Yoggie Pico is a nice idea but a very simple analysis shows it to be impractical. It can't offer the level of protection that would allow one to discard desktop antivirus software and continue with peace of mind. If blue screen issues mean that the Pico won't run harmoniously with desktop antivirus, then there's no question: stick with the desktop software and dump the Pico. I will try to test the Pico with another desktop antivirus suite and post an update on whether or not the blue screens return. Let's hope not! If so, then until this issue is fixed, I can't see any IT department seriously considering deploying these things.
Based on my experience so far, I would give the Yoggie Pico a very disappointing 4/10. It's a gimmick and a broken one at that.