Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
Sereniti Smart Home Networking Service
Author: Joseph Moran Review Date: 11/3/2005
Price: $99.95, plus $9.95 monthly subscription fee Pros: Excellent technical support. Cons: Extremely limited configuration options, particularly for hardware firewall and parental control features; lacks advanced wireless security (WPA).
While setting up a home network has gotten easier and less expensive over the years, that doesn't mean that doing so properly is always simple and inexpensive. In reality, making a home network functional and secure usually requires buying and installing hardware and software from multiple vendors, which can get pricey and often leads to finger-pointing when the inevitable support issue arises.
Sereniti believes it has the
solution to this dilemma in its Smart
Home Networking Service, a subscription-based offering whose cornerstone
is a remotely-managed 802.11g wireless broadband router with parental control
features, plus security software for up to four PCs on your home network. The
SHNS includes comprehensive assistance by technical support personnel with the
means to remotely access your network to diagnose and resolve problems.
Since the SHNS is targeted specifically at non-technical households, Sereniti
takes great pains to make setup as simple as possible. One example: an installation
wizard illustrating each step of the physical process. The company goes so
far as to color code the router's WAN and LAN ports to match the blue and
red Ethernet cables included in the box. (The only oversight was the lack
of prompting to reboot the cable modem/DSL router after installation, which
is almost always required to get the ISP-issued device to issue an IP address
to the new hardware.)
As you proceed through the setup process, the extent to which Sereniti tries
to insulate you from the technical stuff quickly becomes evident. This limits
the opportunities for a user to unintentionally cause mayhem, but it can sometimes
backfire. For example, setting up the wireless network consists of nothing
more than selecting a passphrase for a 128-bit WEP key, but because Windows
XP only accepts actual keys and not passphrases, you need to hunt down the
router status page to look up the key derived from your passphrase.
A status page is the main way to interact with the router; direct access
to the router settings isn't provided. There's no provision to use another
form of encryption (i.e. WPA), or to change the SSID or other configuration
options, for example.
User Accounts and Parental Controls
Before you can access the Internet, you must first log in to the router,
either via Sereniti's PC Client utility or by entering your user credentials
directly into the browser the first time you attempt to access the Web. The
PC Client offers wizards to share folders and printers, as well as a link
to Sereniti's online library where you can download software utilities and
documentation. The PC Client can also serve as a launching point for contacting
support personnel via e-mail or live chat, and provides access to the Command
Center, where you can view the status of the network as well as manage users
When you sign up for the Sereniti service, your first user account is designated
as a "privileged" account that has the ability to modify system settings and
create other user accounts. New accounts can be assigned to one of several
broad parental control levels — Child, Young Teen, and Mature Teen —
which govern the types of content the account can view and what times of day
Internet access will be available. You can subsequently customize a user's
default schedule to allow access at only specific days and times, but your
ability to customize the content filter itself is very limited.
Unlike many parental control services, Sereniti lacks the option to add or
remove content categories to be filtered for a particular account. Your only
options are to change the user's access level or to enter specific URLs to
be allowed (or blocked), which isn't the most comprehensive or efficient means
Via the Sereniti Command Center, you can view the status of all the devices
that have been discovered on your network. This can include non-PC devices
like digital video recorders and game consoles (both my networked TiVo and
Xbox were recognized, though neither was identified by name). You can re-label
and choose unique icons for each device that's discovered.
Each device on the network can be assigned specific firewall rules to accommodate
the nature of the device or particular applications (the Sereniti router also
supports UPnP for automatic firewall configuration). But as with the parental
controls, configuration options are fairly limited. For example, it's not
possible to define rules using explicit port numbers. Granted, many non-technical
users wouldn't care to attempt this, but some might, especially as they become
more comfortably with their networks. As it stands, you can only pick from
the predefined application- and service-specific rules provided, and if there
is no rule provided for your particular program (and UPnP isn't supported
or doesn't work correctly), your only option is to contact Sereniti technical
support for assistance.
The Sereniti device management interface also had some difficulty when a
system that had previously been detected re-entered the network with a new
IP address from DHCP. In these cases, the system's existing entry was not
updated to reflect the new address, and instead, the device got an entirely
new entry, so any previously defined firewall rules for that system ceased
To augment the protection provided by the Sereniti router, you can download
and install the Sereniti Security Suite on your PCs. This software provides
a fairly comprehensive feature set that's roughly analogous to that of a Norton
or McAfee product. It includes firewall, anti-virus and spyware detection
components, as well as pop-up and banner ad suppression, all of which work
well. If you have more than one PC on your network, the inclusion of this
software can be a real money saver (compared to having to shell out $40-$50
for each system).
Pricing and Support
Pricing for the Sereniti Smart Home Networking Service starts with the $99.95
cost of the router, plus an ongoing service fee of $9.95 per month. (A one-year
service commitment is required.) Another option is to ante up $199.95 up front
to buy the hardware plus a year of prepaid service, which effectively reduces
the monthly fee to $8.33 (at least for the first year).
For that ongoing fee, Sereniti does indeed provide a reasonable degree of
technical support. Sereniti says its support personnel will help customers
with any issue that's network-related, like device connectivity, resource
sharing, or getting an application or game online (for non-networking issues,
you're on your own). The techs have the option, with the customer's permission,
of remotely viewing or controlling systems. Technical support is offered via
toll-free phone, e-mail and online chat on a 24/7/365 basis, and according
to the company, it's always staffed by humans. (Too often nowadays, technical
support means wading through labyrinthine IVR define) systems, especially
during off-hours). My experience in a chat support session found the representative
to be both cordial and capable.
Sereniti Smart Home Networking Service is a good example of how simplicity
and flexibility often occupy opposite ends of a continuum. It won't give you
nearly the features and control of even a $50 store-bought WLAN router, but
for some users, that's not necessarily a bad thing. For them, the high level
and single source of support will justify Sereniti's purchase price and ongoing
Remember, though, that the Sereniti hardware is good only as long as you
remain a subscriber, so if you're the type that outgrows technology or you
like to retain a degree of control over your network, you'll likely find the
Sereniti Smart Home Networking Service a bit too rigid to be useful.