The Norton Core is the first attempt by Symantec at bringing a new security approach for home networks to the market. The main idea is to make sure your network is secure, protecting even those devices that would not in other circumstances be able to run anti-malware software - think IoT devices such as your home automation and security devices, streaming boxes, digital scales and other network-connected devices.
To do this Symantec came up with a router that is secure by design - going as far as making sure the router uses a secure boot mechanism that ensures it is not tampered with.
Out of the box the Norton Core router is an impressive piece of design. Its geodesic polyhedron structure is quite striking and you don't need to hide it from view, like some other routers with antennas and cords coming out of everywhere.
The Norton Core provides four gigabit ethernet ports and two USB 3.0 ports, for network printer sharing at the moment. In addition you it is also a dual-band 2.4 GHz/5 GHz802.11ac Wave 2 access point with 4x4 MU-MIMO technology, providing up to 2.5 Gbps wireless connections.
When you buy the Norton Core you receive a one year subscription to the Norton Core Security Plus service. This provides security for all network devices connected to the Norton Core router plus an extra ten Norton Security licences that can be used on desktops, laptops and mobile devices providing these with security when outside of the secure network. And when the one year Norton Core Security Plus subscription is up you can renew it or continue to use the Norton Core as a router only.
You manage the Norton Core, network, devices and users through a mobile app, available for Android and iOS. There is no web-based management or any other open network ports to access the router.
The mobile app is well finished and easy to use. Through it you can connect and configure the Norton Core router, create users, manage devices, assign devices to users and manage parental controls.
These parental controls allow you to determine schedules, maximum allowed network time per day and content filtering by category. This way you can allow some devices to connect to the Internet at specific times and block any site that falls into a certain category. To make things easier you can select an age range for your child and the app will suggest some categories to block - you can then add/remove any other your wish.
Norton Core allows you to easily pause traffic to and from a device on your network, or a group of devices assigned to someone - or even the entire network traffic.
You can create a secure guest network and even time limit it so that visitors will have access to the Internet only within that limit and without access to other devices in your main network.
It is also possible to turn off the security features of the router (which seem to involve packet scanning) for up to 30 minutes, after which it returns to the default. There's also a more restrict security level but the app warns that selecting this setting could affect traffic speeds.
In terms of performance I had the Norton Core router connected to a gigabit fibre service. The app provides a speedtest but I couldn't see how to change the test server. The results were around 350 Mbps download speed - far from the 800 Mbps that I can get with my default router but I think this could be because of the security level and the test server selected by the app. Not a big deal if you are on a 100 Mbps plan but not ideal on a gigabit service.
I searched for various malware test sites and pretty much all of them were blocked by Norton Core with a simple to understand web page explaining why it was blocked. Other than this, during my test period I did not encounter false positives.
Not a big deal for people with default networks, but if you have static IP addresses in an already existing network, Norton Core dishes out addresses on the 172.16.0.0/16 range. This means if you have a network with static address (such as NAS devices, servers) then you will have to redesign your network to fit into this address space - meaning if you use static addresses instead of DHCP reservation then you have to change these devices to DHCP and use the mobile app to reserve addresses before changing back to static (if you want this on the devices). I personally just use DHCP reservation instead of static but YMMV.
Now the caveats...
Do not expect IPv6 support with Norton Core at this stage.
The Norton Core uses a set of pre-configured DNS servers. You can select either your ISP DNS, Norton's own ConnectSafe servers or Google DNS. You cannot enter your own DNS servers there. This makes sense from a security point-of-view. The Norton Core also intercepts all DNS requests coming from devices, regardless of manual configuration on these devices. This means you cannot use third party DNS with Norton Core - no OpenDNS, 18.104.22.168, geounblocking services for you even if you enter these settings on a per device basis.
The Norton Core is a router only, not a modem, so if you want to connect it to a xDSL service then you will either need a modem or change your existing gateway (modem/router) configuration to bridge mode before connecting the Norton Core to the existing device. The Norton website provides information on how to do this for both standard routers provided by Spark and Vodafone. If you don't have their standard routers or use a different ISP then you will have change your router configuration to turn off routing, wireless, DHCP, firewall before connecting the Norton Core to it.
If you are connected to UFB (fibre) then be aware the Norton Core does not support VLAN tagged traffic on the WAN port, something a good number of ISPs in New Zealand require. This includes NOW, Orcon, Slingshot, Spark, Stuff Fibre, TrustPower, Vodafone, Voyager and 2degrees - pretty much the whole market except for niche players.
This means you can't just replace your existing router with a Norton Core, like you do with most routers available in the New Zealand market. You will have to either change your existing UFB router as explained above, or use a managed switch to accomplish the same. The way I connected the Norton Core to the ONT (the device that converts the medium from optical to ethernet and the entry point in your network) was by using a HPE PS1810-8G managed switch, with a VLAN 10 configured to tag traffic on port 1 (connected to ONT) and untag traffic on port 2 (connected to Norton Core). With this I had no problems in configuring PPPoE to connect to my provider.
In conclusion, a very capable router, with an approach that differs from other network security devices tested before - with some important caveats you should be aware before connecting it to your network.