| Netgear Cable/DSL Firewall Router Page 2 Author: Tim Higgins
Review Date: 3/12/2001 Add Your Review
Read 37 Reviews by Users
|
As described on our "How Firewalls Work" page, all NAT based routers perform some sort of "stateful Inspection". The difference in NAT firewalls is how much inspection they do, and the FR314 brings SonicWall's expertise in this area to bear on the problem.
The FR314 duplicates most of the SOHO's extensive logging capabilities, which are detailed in the SOHO review. The 314 supports the emailing of logs and alerts and selection of what to filter. I especially like the fact that the log alert messages are clear and even identify the type of attack instead of just giving you a port number to puzzle out. Some messages are hyperlinked to the 314's built-in log file, which contains an explanation of the attack that's logged! You can also view the log via the admin pages (see screen shot below), sort it by date/time, clear it, or force it to be mailed to you.   The main omission in the 314's logging is that logging to a syslog daemon isn't supported. Reports are running summaries of certain types of activities. The 314 does not keep a detailed "traffic" log, but instead, performs three rolling analyses, which can be viewed, but not emailed: - Top 25 Most Accessed Web sites
- Top 25 Bandwidth users by IP address
- Top 25 Bandwidth consumers by service (Port and Protocol) These reports will give you a quick idea of where your bandwidth is going. You can enable and disable data collection and clear the accumulated data, but can't save it. | |
The 314 supports IPsec and PPTP pass-thru from LAN clients. Only one IPsec session is supported, but multiple PPTP sessions can be supported. No details were available on whether you can connect multiple clients per VPN termination (server). NETGEAR also says that you can access either a PPTP or IPsec server on the LAN side of the router, too (provided you open the required ports). (See our VPN help section for more info.)
| |
The FR314 has a number of features that don't fit neatly into one of the previous categories of this review, so I'll once again use my favorite review shortcut: The List:
-
You can restart the box from the Management Interface as well as from a button on the back of the box -
You can Import and Export router settings (to make it easy to restore your settings after a firmware upgrade), or reset them to factory defaults -
Firmware upgrading is done via a browser Java applet that worked just fine with my Netscape 4.5 browser. You have to download the firmware file to a machine on your LAN first, however. You can also ask to be notified when new firmware is available -
You have five built-in Diagnostic tools including DNS lookup, Traceroute, Ping, Packet Trace, and "Tech Support Report" that will dump a file that can help NETGEAR engineers help you debug problems with your router. -
There's a full featured LAN DHCP server, which you can control pretty much everything on, including Lease time and reserving IPs according to MAC address. You can also shut it off! The DHCP Status screen shows you all active IP to MAC address bindings. You can't, however, manually end a DHCP lease. | |
I ran the Qcheck test suite on the FR314 and got the results below:
[Tests run with Ver 6.0.0.0b15 firmware] | Test Description | Qcheck Transfer Rate (Mbps)
[1Mbyte data size] | Qcheck Response Time (msec)
[10 iterations 100byte data size] | Qcheck UDP stream
[10S@500Kbps] | | (Actual throughput- kbps) | (Lost data- %) | | WAN-LAN | 4.7 | 4 avg.
9 max. | 499 | 0% | | LAN-WAN | 1.7 | 4 avg.
22 max. | 495 | 5% | (Details of how we tested can be found here.) Comments: The poor LAN-WAN throughput could be due to the firewall processing. This would only affect you if you were trying to access servers located on your LAN. NOTE: NETGEAR's testing showed approximately equal speed for both WAN-LAN and LAN-WAN transfers. I double checked my test setup and still got the lower LAN-WAN speed, however. If we resolve the difference in testing, I'll update the review. | |
In my mind, NETGEAR has established a new price-performance point for consumer routers. SonicWall has always had the richest feature set and most friendly user Interface of this class of routers, but they've always commanded a price that made many prospective buyers seek less expensive solutions. With the FR314, NETGEAR brings you most of the key features of a SonicWall SOHO2, throws in a four port 10/100 switch, and prices it to move with a street price about half the SOHO2's price! My main gripes are the inability to control the Content Filter and Access Control features on a user-by-user (or group of users) basis (which NETGEAR says they're planning for a future firmware release), and the omission of the Network Anti-Virus feature that's available on the SonicWalls. Even though Network Anti-Virus is a pay-for option, I think that automatically ensuring that up-to-date anti-Virus protection is installed and working on all subscribed LAN machines is more useful to the average user than a stateful inspection firewall! So if you're looking for a $100 router, then keep looking! But if you're looking for a fast, full-featured router with a robust stateful inspection firewall at an attractive price, then look no further! | |
