CUJO review

A smart firewall that protects all your devices from the latest threats

TechRadar Verdict

CUJO might be a convenient way to protect connected devices and simple networks from attack, but beware – setup can be time-consuming, even if you know what you're doing, and the ongoing subscription could get expensive.

Pros

  • +

    Appealing design

  • +

    Handles up to 50 devices simultaneously

  • +

    US and UK phone support

Cons

  • -

    Setup can be complicated

  • -

    Won't work on all networks

  • -

    Overpriced subscriptions

  • -

    Managed via iOS/Android apps only

Why you can trust TechRadar We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.

CUJO is an intelligent firewall which aims to protect your connected home from online threats. From desktops to mobiles, tablets to smart TVs, CUJO monitors all network activity to keep you safe from harm.

Once set up, CUJO acts as a gateway between your devices and the outside world. It checks devices as they connect to your network, analyzes packets as they leave and arrive, looks for attempts to access malware command-and-control servers and tests for man-in-the-middle attacks. Threats are blocked automatically, although you can also see and control some of what's happening via iOS and Android apps.

CUJO is much more than a simple hardware firewall. A lot of its processing is carried out in the cloud, where it analyzes metadata from your network connections, checks for problems and instructs your device to block any threats. This reduces the load on CUJO's own processor, and makes it easier for the system to detect brand-new dangers.

Simple device-level parental controls are thrown in as a bonus, allowing you to block access to websites by type. There is no need to install software on the clients, everything is managed from CUJO and its apps.

Despite some overblown claims on the CUJO website, the device can't replace your antivirus, and you'll probably need to keep the same security software you're using now. What you do get is multiple extra layers of protection, and that’s especially welcome for smart devices which can't easily be shielded in other ways.

CUJO is available for $99 (£79) with a monthly subscription of $9 (£7.20). Alternatively, spending $158 (£126) gets you the device and one year of service, or a one-off $249 (£199) covers you forever, with no further payment required. Whatever you choose, a 30-day money-back guarantee is available if the device doesn't work for you.

Design

While most network devices get hidden away in a dark corner somewhere, CUJO is clearly designed to be seen. Its rounded cream-colored form looks almost as though it should hold rose petals, or a candle, or be an air freshener. It's not too bulky at 124 x 124 x 146mm and 377g, and could be left in full view almost anywhere in your home without looking out of place.

As usual with networking kit, cabling can make your life more complicated. There are a couple of Ethernet ports at the back of the product, at least one of which you'll need to use, and a short power cable with a two-pin adapter.

Turn on the power and you'll notice another unusual touch: CUJO has 'eyes', oval LEDs which light up to signify device status. At a glance you can see that the power is on, the device is working (or not), when it's in standby, even when the firmware is being updated.

This lighting scheme isn't exactly intuitive, and we had to check the website to understand what was happening. But it does help you see what's going on with the device, and in a way that doesn't make CUJO seem intimidating. You might look at the smiling eyes and realize that means CUJO is actively protecting current network activity, but visitors will just see a cute plastic pot with a smiley face – nothing technical at all.

What's happening in the background could be an issue for some, as it presents a fundamental privacy concern. CUJO works by collecting the IP addresses of the sites you're accessing and sending them to the cloud, where they're checked for any signs of danger. That ensures your protection is always up-to-date, but also means any time anyone visits a website on your network, that URL is being dispatched to the CUJO cloud.

Is this a danger? In a very brief FAQ page, the company says it collects "metadata based on destination IP addresses", but only logs "that the communication of your CUJO device is functioning with our cloud."

This appears to mean that CUJO maintains information on the sites all users are accessing, but doesn't keep any personally identifiable trail. It's still not ideal, but some other site-blocking applications take a similar approach, and we wouldn't rule out the product for this reason alone.

Hardware

CUJO doesn't come with much processing power. With a dual-core 1GHz CPU, 1GB DDR RAM and 4GB flash storage, we can see why the website says "in the cloud is where we do the heavy lifting."

Still, CUJO doesn't skimp on its network connectivity, giving you two Gigabit Ethernet ports to handle incoming and outgoing traffic.

There's also support for Cryptographic Hardware Acceleration to help CUJO manage its cloud communications more quickly, and it's claimed the system can protect up to 50 devices simultaneously.

The rest of the unit is kept as simple as possible. There are the Ethernet ports and a power connector, and a tiny recessed reset button, but no other switches or controls. CUJO is aiming to be a 'set and forget' device: once you're up and running, you'll barely need to touch it again (in theory, anyway).

Mike Williams
Lead security reviewer

Mike is a lead security reviewer at Future, where he stress-tests VPNs, antivirus and more to find out which services are sure to keep you safe, and which are best avoided. Mike began his career as a lead software developer in the engineering world, where his creations were used by big-name companies from Rolls Royce to British Nuclear Fuels and British Aerospace. The early PC viruses caught Mike's attention, and he developed an interest in analyzing malware, and learning the low-level technical details of how Windows and network security work under the hood.