Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
Netgear ProSafe 802.11g Access Point with Propagate Networks' AutoCell
Author: Joseph Moran Review Date: 2/17/2005
Price: WG302: $249; WAG511 PC Card: $108; AutoCell View: $299 for 10 APs
Pros: Automatically adjusts AP channel usage and power output to optimize signal strength and compensate for interference.
Cons: AutoCell View utility not included with hardware; utility interface.
For better or for worse, turning a wired network into a wireless one is often as simple as plugging a wireless access point into any available RJ-45 port —as the ongoing problem of "rogue" access points clearly demonstrates.
However, simply adding wireless access to an existing network is only the first step. Deploying a functional and well-designed WLAN involves ensuring adequate coverage and capacity where needed. This is often a significant undertaking, involving a comprehensive site survey before installation and considerable device configuration and tweaking afterward. This is especially true when deploying more than a few 2.4 GHz access points in one location, since the limited number of available channels make overlap interference likely. Moreover, adding additional access points to a network later on often bring such issues back to the fore.
Propagate Networks' AutoCell offers a way to take a lot of the hassle out of deploying a 2.4 GHz WLAN with many access points. AutoCell consists of specialized firmware which allows an access point to intelligently configure and re-configure itself, based on information gleaned from a radio frequency (RF) environment analysis other AutoCell-equipped devices, to mitigate or avoid the effects of interference and provide the best possible performance.
Unlike most conventional access points, whose settings are often fixed unless manually changed by an administrator, an AutoCell-equipped access point has the ability to continually adjust both its channel usage and power output to avoid overlap with neighboring devices. Similarly, Propagate says AutoCell devices can reconfigure themselves to compensate for failed hardware, or for stationary or transient sources of interference.
Alas, you can't get AutoCell's firmware for the WLAN hardware of your choice; it's available only in specific products from vendors who have licensed the AutoCell technology from Propagate. The company counts such companies as Accton, Atheros, BlueSocket, Chantry, Netgear and ReefEdge among its current partners. For this review, I worked with four AutoCell-enabled Netgear ProSafe WG302 802.11g access points, paired with Autocell-enabled Netgear WAG511 CardBus NICs.
Logging into the administrative console of the AutoCell-equipped WG302 reveals little difference from the interface on a standard Netgear router. There are only two additional configuration options: one to enable AutoCell and the other to turn on Privacy Control, which minimizes the power output except under certain conditions.
To view the configuration status of and interact with AutoCell-enabled equipment, a separate utility called AutoCell View is necessary. AutoCell View is available directly from Propagate —it doesn't come with the WG302— and costs $299 to manage up to 10 access points, $599 for up to 50, and $999 for up to 999. There's also a free trial version that supports two access points, but if that's all you have for APs you probably don't need AutoCell in the first place.
AutoCell View focuses on the wireless realm and doesn't concern itself with LAN-related settings. So when deploying more than one AP, things like IP address or DHCP configuration must be configured manually to avoid conflicts. Since the WG602's default settings include a static IP address, the first step was to change each device's configuration to give it a unique address for the subnet. (AutoCell View can be run on either a wireless or wired computer, and there's also a remote agent provided when running the utility on a different subnet than the AutoCell devices.)
After adjusting IP addresses (the only modification I made) for the quartet of access points, I set them up in the corners of a 20 x 10 room and fired up AutoCell View. The AutoCell devices use SNMP to communicate with each other and to report their status to AutoCell View. AutoCell View then plots the information on a generic 2D floor plan image. You can also substitute AutoCell View's generic image with your own floor plan. The AutoCell devices operate on a peer basis; there's no centralized hardware or software needed to coordinate their communication or operation.
The information provided by AutoCell View made it almost immediately evident that AutoCell was doing its job. Of course, having four 2.4 GHz access points set up in a relatively small physical area was a sure recipe for problems since there are only three available non-overlapping channels (1, 6, and 11). One of the WG302s set itself at full power on channel 1. A second WG302 was using channel 6, and the final two had set themselves up on channel 11. (AutoCell View color codes AP icons, making it easy to determine channel usage at a glance.) Rather than running at full power, the three devices on channels 6 and 11 had each dialed back their power output by 10dB to avoid stepping on each other or several other non-AutoCell APs that were located somewhere within the building.
Optimizing a WLAN at the time it's installed is one thing, but environments seldom remain static for very long. Moreover, your ability to control potential sources of interference are often limited, especially if you are in a multi-tenant building.
To see how AutoCell adapted to new sources of interference, I brought an additional AP online in the room— this time a non-AutoCell device set to use channel 1 (and thus conflict with the full power AutoCell device). Sure enough, that WG602 reduced its power output accordingly, and an adjacent access point on a non conflicting channel (11) boosted power to cover the gap. After I removed the interloper, the AutoCell access points returned to their prior configuration.
Next, I pulled the plug on one of the two WG602 devices using channel 11 to simulate a device failure. In short order, the remaining channel 11 WG602 stepped in with increased power. Conversely, when the other channel 11 WG602 came back to life the signal equilibrium between the two returned. Similarly, when shutting down the full power WG602 on channel 1, it wasn't long before one of the other APs picked up the slack.
Finally, I added a 2.4 GHz cordless phone to the mix, which caused the AutoCell WLAN to reconfigure itself several times. It's worth noting that each time the AutoCell devices adjusted to an outside stimulus, the change wasn't necessarily instantaneous, but it was fairly rapid, usually taking just a couple of minutes or up to five or six in some cases. Faster than a human could respond to such instant changes, that's for sure.
Aside from optimizing the channel usage and signal footprint of APs, AutoCell boasts the ability to load balance when used with AutoCell-enabled clients, and this feature also seemed to work well.
With only one of the WG302s on, my three WAG511 clients each associated to this access point. I then turned on two more APs, and once all three had decided on their game plan and were fully operational, two of the clients migrated to the new access points so that each client was on its own AP.
Although AutoCell View provides a great deal of information about and control over devices, it also suffers from a somewhat haphazard interface. The utility has two main focal points— the aforementioned floor plan view and another window that provides access to a log and various configuration options. You can make each of the configuration tabs into an autonomous window but that quickly leads to a lot of desktop clutter.
In the floor plan view, you can easily see basic device information like IP and MAC address, whether an AP is online, its channel usage, and the approximate range of its 54Mbps-quality signal, but to get more detailed information about a device (like its specific power output, associated clients, etc.) you must right-click a device to bring up a context menu and an entirely new set of configuration tabs.
It would be easier to view and manage the wireless environment if AutoCell View offered a unified layout that let you view and modify an access point's configuration simply by highlighting the device. According to Propagate Networks, a new version of AutoCell View that will display more information about devices (and in tabular form) is in the works, but its not been decided whether it will be available as an upgrade to existing AutoCell View users.
Although a WLAN outfitted with AutoCell-enabled access points and clients like the WG302 and WAG511 will cost a bit more than using garden-variety hardware (mainly through the additional cost of AutoCell View), when you compare it to the effort and expense of a thorough site survey, it seems like bargain. The AutoCell View takes a while to get familiar with, but if you want to set up a WLAN with some intelligence and adaptability, Propagate Networks AutoCell is a good way to do it.