Pros:

- Fast NAT router

Cons :

- NAT router not properly secured
- Expensive compared to separate solutions
- No DMZ
- No Access Controls

The Basics

Front Panel

• Ready

• Error

• Disk Full

• Disk Activity

• WAN Activity

Rear Panel

• Link/Activity for each LAN port

• 100BaseT detect for each LAN port

• Link/Activity for WAN port

• 100BaseT detect for WAN port

• one RJ45 10BaseT WAN

• seven RJ45 10/100BaseT LAN

• one RJ45 Uplink port

• one DB9M serial port

• one DB25F printer port

• printed User's Guide

• CD with PDF manual and utility program

• one UTP Normal cable

• 100-240VAC Power supply

• Has Power/Shutdown switch

• Has Reset switch

Introduction

The Barricade 8 Port 10/100 Mbps Storage Server (also known as the Broadband Storage Server or BSS) is SMC's first foray into the Network Attached Storage market.  It combines a 20GB networked drive with a 7 port 10/100 switch and throws in a NAT based router for good measure.  Unfortunately, the router part doesn't live up to the "Barricade" name...

Setting up

 
The BSS's split personality is reflected in the Front and Read panel arrangements.  The Front Panel contains no connectors and five indicator lights, none of which indicate LAN activity.  The rear panel is where most of the action is, with all connectors, the cooling fan, Power/Shutdown switch, and all LAN indicators located there.  Since I tend to connect and disconnect equipment frequently, I ended up facing the rear panel towards me, which gave me a good view of network activity, but no indication of disk operation.  I would have loved to have just one more LED on the rear panel, indicating disk activity!

Like the regular "8" port Barricade, the BSS also has just 7 LAN ports.  This time, though, they count the "uplink" port as the 8th port (instead of the WAN port!).  Of course, you can use only the 7th port or the uplink port, but not both at the same time!

The BSS can be administered via a web browser, or with a Windows based utility.  I tried both, but didn't see any advantage in the Windows program, so did most of my testing with the browser interface. The opening screen presents you with choices for both Configuration and Storage Management.  We'll cover the Configuration features first.

The BSS's admin server is located at 192.168.123.254 and it comes with its DHCP LAN server enabled.  So you just attach a computer set to be a DHCP client (obtain IP address automatically), either reboot or do a DHCP Release/Renew, fire up your web browser, enter the IP address above and you'll be in business.  Note that you can change the base address for the DHCP server (I did because it conflicted with another router on my LAN), the range of addresses that it serves, and disable it if you want.

The BSS can be configured with Static IP information, be a DHCP client, or negotiate a PPPoE connection on the WAN side.  If you attach a dialup modem to the BSS's serial port, you can get your Internet connection from a non-broadband ISP, too.  Host and Domain names are supported for @Home users, and the WAN MAC address can be set to whatever you like for those users who need this ability.

Since SMC calls this a "Barricade", I expected to see all the familiar Barricade router configuration screens.  What I got, however, was quite different, as you can see in the screens below.

This is because SMC sources the BSS from a different company than its current Barricade routers.  The key differences are:

• No VPN (PPTP or IPsec) pass-thru support

• No Access Control (port filtering)

• No "DMZ" (ability to place one LAN computer outside the NAT firewall)

Content Filtering: On the plus side, however is the BSS's ability to do keyword based Web site access filtering.  You can enter either domains or IP addresses on the "Allow" or "Block" lists to control the sites that can be accessed.

NOTE: You can't just enter a word or string. You need to enter at least the domain name and top level domain, i.e. blahblah.com, or it won't be accepted.

This feature is good in theory, but I didn't have much luck getting it to work. When I enabled it, access was blocked to all sites, no matter which configuration I tried.  Logging didn't work either.  There's also no notification that you're trying to reach a blocked site.  Your browser will just hang, leaving you wondering what's gong on.

You can also individually choose to block ActiveX controls, Java applets, Javascript, or Cookies from passing through the BSS's firewall.  You can have the filtering active only during a certain time of the day (just one range) and certain days of the week (one range), or all the time.

Note that these content filters apply to all users, so you can't establish lists of users with different privileges.

Port Forwarding: The BSS supports both "Special Applications" (triggered port ranges) and "Virtual Servers" (single forwarded ports) methods for port forwarding, but again, things are a little quirky in the execution.

The "Special Applications" can only be used for applications that trip the trigger port from the LAN.  This means that they can't be used to allow access to LAN side servers... you need to use the "Virtual Servers" feature to do that.  But although that feature looks like you can define seven different ports (although you can't change the names), the forwarding is actually limited to the default port values shown.

• While checking out the port forwarding, I found that the admin pages are accessible from the WAN side of the router whenever the "Enable Internet Access" box is checked on the Internet Access Connection admin screen.  

• The "Enable Services" checkboxes don't appear to work either, i.e. the services are available, whether or not the boxes are checked.  

• Finally, a port scan showed the following TCP ports open by default: 80 (HTTP), 139 (NetBIOS--VERY INSECURE), 515 (print spooling), and 3128 (unassigned)

In all, a pretty disappointing showing for the router part of the BSS.