SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > General > Suggestion Box

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 05-30-2008, 12:40 AM
scotty scotty is offline
Very Senior Member
 
Join Date: May 2008
Location: Calgary, Canada
Posts: 311
Thanks: 0
Thanked 2 Times in 2 Posts
scotty is just starting out
Default SMB Router reviews

Here's something I see all to few of in general - SMB grade routers. SNB does have a few good write-ups of a few SMB class devices (I believe there's a good write up on an RV042), but I'd like to see more personally. There's a lot of people out there who run small business and relatively small offices, but need a little more than what a home-user grade box can offer. Yet when you look at most devices like Sonicwall TZ160/170/180 class, Firebox X Edge, Juniper, there's very, very few write ups. There are a few I stumble upon, but generally few and far between.

But as honest feedback, I do frequent SNB because I tend to see more here along these lines than anywhere else. Toms can't be bothered, and most other hardware sites are just that - hardware, not networking. I like SNB from the perspective that it's all networking. So in that sense, keep up the good work.
Reply With Quote
  #2  
Old 05-30-2008, 08:20 AM
thiggins's Avatar
thiggins thiggins is offline
Mr. Easy
 
Join Date: May 2008
Posts: 9,190
Thanks: 165
Thanked 629 Times in 533 Posts
thiggins is just starting out
Default

Hi Scotty,

I agree with you and we're trying to do more along those lines. We have started with the "SMB" offerings from the current vendor base, but plan to do more.

But I'll tell you that Cisco won't send product and Juniper didn't show much interest when we approached them awhile ago. Sonicwall is very cooperative, but their products tend to be $$$, especially when you add in the mandatory support agreements and licenses.

Here are some reviews of those devices in case you missed them:
Netgear ProSafe VPN Firewall 200 (FVX538 v2)
Netgear ProSafe Dual WAN Gigabit Firewall (FVS336G)
Zyxel Internet Security Appliance (Zywall 2 Plus)
D-Link NetDefend Firewall/VPN Security Appliance (DFL-CPG310)
Linksys 4-Port SSL/IPSec VPN Router (RVL200)
Sonicwall Internet Security Appliance (TZ 190)
Linksys 10/100 8-Port VPN Router (RV082)
Linksys 4-Port Gigabit Security Router with VPN (RVS4000)
PePLink Balance 30 Review
__________________
Tim Higgins
Managing Editor,SmallNetBuilder.com
Reply With Quote
  #3  
Old 05-31-2008, 09:13 AM
YeOldeStonecat YeOldeStonecat is offline
Very Senior Member
 
Join Date: May 2008
Posts: 518
Thanks: 0
Thanked 15 Times in 13 Posts
YeOldeStonecat is just starting out
Default

I'd love to see more here...as I'm a small business network consultant....and it's hard to find the "middle range". Most of our clients have networks from 10 - 75 PCs...a server or several in the mix, Exchange server, remote access/VPN needs, etc.

The old sub 200 dollar home grade router just shouldn't be there.

We've done several dozen of the RV0 units...mostly the 082 and 016 models.

I'm becoming more fond of some of the linux based "UTM" distros out there..which add some unified threat management features such as antivirus scanning and SPAM removal...something the small businesses find to be important features. I'll start another thread about that.
Reply With Quote
  #4  
Old 05-31-2008, 03:18 PM
thiggins's Avatar
thiggins thiggins is offline
Mr. Easy
 
Join Date: May 2008
Posts: 9,190
Thanks: 165
Thanked 629 Times in 533 Posts
thiggins is just starting out
Default

Quote:
Originally Posted by YeOldeStonecat View Post
The old sub 200 dollar home grade router just shouldn't be there.
I think I agree. But what are your reasons for not wanting a "home" grade router in a network of that size? Reliability? Features? Certainly not throughput since many "home" routers have higher throughput than SMB routers.

You certainly have the experience base, given your work. Give us your hard-earned wisdom!
__________________
Tim Higgins
Managing Editor,SmallNetBuilder.com
Reply With Quote
  #5  
Old 05-31-2008, 03:55 PM
YeOldeStonecat YeOldeStonecat is offline
Very Senior Member
 
Join Date: May 2008
Posts: 518
Thanks: 0
Thanked 15 Times in 13 Posts
YeOldeStonecat is just starting out
Default

Quote:
Originally Posted by thiggins View Post
I think I agree. But what are your reasons for not wanting a "home" grade router in a network of that size? Reliability? Features? Certainly not throughput since many "home" routers have higher throughput than SMB routers.

You certainly have the experience base, given your work. Give us your hard-earned wisdom!
Hi Tim...it's been a couple of years (we exchanged e-mails a few times way back in practicallynetworked days). I look forward to your forums taking off here!

Well...starting out years ago...as soon as small businesses started to get "broadband"...to fill that gap between shotgunning 56k modems for the cheaper offices...and saving some cash for the offices that used frame/T's...many of us in the field were just slapping in the early Linky befsr41 routers...or the Netgear (back when they were under BayNetworks) RT311, etc. The early days of broadband were unreliable....the ISPs were still maturing (both cable and DSL), as were the router manufacturers, as well as both of them trying to keep up with the subtle changes in PPPoE.

But eventually it got OK. As us techies found out which routers gave us less headaches (I moved from the befsr81 to the befSX41 models..I found throughput a hair higher, and stability).

But even then..in small businesses...10-25-40 PCs or whatever...the routers needed frequent reboots, and during heavy loads...they just couldn't handle all the concurrent connections of a large office. Sure..many (even today..the home grade ones) could keep up with throughput (as you state)...but slap an entire network behind them of many PCs....each with many little "things" connecting to the internet such as windows updates, antivirus updates, Adobe Acrobloat checking for updates, office staff with adware toolbars, blah blah...and, well, you have a situation for that little home grade router that is not unlike P2P software..in that article of yours. "Many concurrent connections".

The price of Cisco or Sonicwall or Watchguard boxes..often too much for the small business. But Linksys came out with a decent product (IMO)...the RV0 series. Beefy Intel processor, stuffed with quite a bit more RAM....after deploying quite a few of these to clients....I was no longer getting calls from my clients about "no internet". Plus, they did a decent job as far as "stable". They just kept going..and going. No more weekly reboots..no more monthly reboots even...heck I've had some that probably ran a year or more..rebooting only if I updated the firmware for something, or did some config change.

Other nice..almost enterprise grade features....something like RV0 series..built in PPTP VPN server. IMO..rock solid. However..their IPSec "QuickVPN" product leaves something to be desired...after several attempts at getting that going for clients...no more of that VPN setup for me. Ability to add ACLs to the WAN interface...example, a client of mine (golf club/beach resort) needs port 80 open on their server for this "Tea Time" software to tie into the software company. I'd be petrified to leave port 80 open on a server..but on a biz grade router like the RV0 series..you can put an ACL allowing port 80 to only be open to the range of IPs that the software company gave me.

Ability to have port based VLANs on the router itself...for smaller networks..gives you that flexibility to segment the network easily.

So to sum up your question...the features as you leave the 100-150 dollar home grade routers..and step into the 200-400 entry level biz grade routers....it's stability, ability to handle high loads of a large network, and some biz like features such as built in VPN, VLAN ability, and some lightweight ACLs.
Reply With Quote
  #6  
Old 05-31-2008, 04:19 PM
thiggins's Avatar
thiggins thiggins is offline
Mr. Easy
 
Join Date: May 2008
Posts: 9,190
Thanks: 165
Thanked 629 Times in 533 Posts
thiggins is just starting out
Default

I thought I recognized your handle! Nice to have you here.

Great reply. Lots of good info there.

I agree with you on Linksys' Quick VPN. Great when it works. Hell to figure out what's wrong then it doesn't!

One interesting thing is that # of concurrent connection handling has been on the rise in "home" routers. Ubicom based routers (most of D-Link's line except for the real cheapies) are very good in that regard and Ubicom tells me they can actually handle thousands of sessions! You might take a one of the D-Links at the top of the Router Simultaneous Connection charts sometime.

Another trend I'm seeing is a shift to SSL-based VPN's, even in the less expensive "SMB" routers. The Linksys RVL200 is a good example.

We will be doing more entry-level business grade products as we can get them, though.
__________________
Tim Higgins
Managing Editor,SmallNetBuilder.com
Reply With Quote
  #7  
Old 05-31-2008, 04:37 PM
YeOldeStonecat YeOldeStonecat is offline
Very Senior Member
 
Join Date: May 2008
Posts: 518
Thanks: 0
Thanked 15 Times in 13 Posts
YeOldeStonecat is just starting out
Default

Quote:
Originally Posted by thiggins View Post
Another trend I'm seeing is a shift to SSL-based VPN's, even in the less expensive "SMB" routers.
Agreed....SSL VPN is fantastic. Many call it "clientless"...but there's usually a tiny java based client that installs into your browser. I've gone to using SSL VPN for clients....I'm most pleased with Junipers products..such as the SA700. Granted....pricey pricey...but problem free. Another device that I never have to reboot....unless I upgrade the IVE (firmware).

As much as a Linksys fan that I was a few years ago....I never gave their SSL box a try....and based on reading some stuff in the linksysinfo forums...sorta glad I didn't.
Reply With Quote
  #8  
Old 06-01-2008, 03:57 PM
matthi matthi is offline
New Member
 
Join Date: May 2008
Location: Bruges, Belgium
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
matthi is just starting out
Default

I'm fairly happy with my Netgear SSL312 concentrator, I think thisone was already handled by your staff. Most newer SMB routers get the SSL-VPN feature out of the box now.
I think regarding VPN and SSL connectivity, Zyxell is a brand worth looking after, although I'm not sure how easy these are to get your hands on in US and/or Canada.
Reply With Quote
  #9  
Old 06-04-2008, 10:40 PM
mgraves mgraves is offline
Member
 
Join Date: May 2008
Posts: 79
Thanks: 0
Thanked 1 Time in 1 Post
mgraves is just starting out
Default

Don't forget about m0n0wall. It's perfect for SNB, and can easily be setup for $200 on one of the new PCEngines ALIX platforms.

It was more expensive on older hardware, like Soekris or WRAP. Used to start at $250 for the hardware. Now its well under $200.

Very solid software, too!! Great community support.

Michael

Last edited by mgraves; 06-04-2008 at 10:49 PM.
Reply With Quote
  #10  
Old 06-05-2008, 10:52 AM
Brandon Brandon is offline
Senior Member
 
Join Date: May 2008
Location: Claremore, OK
Posts: 121
Thanks: 0
Thanked 2 Times in 2 Posts
Brandon is just starting out
Default

Cisco's SSL VPN is an amazing product, something they are very proud of (You can tell by the licensing fees!!). I personally use it, and SSL Explorer (It doesn't require anything to be installed, SSL Exp does) for both me, and friends/co-workers.

We also use CiscoSSL for our work network (I think we have something like 50 Licenses for SSL, 20 or IPSec) which works very well for us. We run a very VERY locked down network (No local admins, no writing to C other than a temp file for program settings).

The down side to Cisco has been the same thing for years, which they /are/ trying to improve.. sort of.. When you have a product that complicated, it really doesn't fit well into the small industry, which really hasn't been a target for them. I think the Linksys buyout was to try to move them in that direction a bit more (I just which some of the Cisco tech would step down to the Linksys line of products >.>).

The problem with low end business tech, is the lack of interest of your major names. Most aim for 20-50 heads Plus, which leaves the small guys out. When you have to pay someone to come in and reprogram your equipment every few weeks because you can't afford to staff someone, it gets to be a bit much.

I currently support around 350-400 end points (Servers/workstations/laptops/networking) with two other systems administrators (yes, two). We have quite a few people coming in fairly often to do what we can't afford to staff people for (Like recently hiring a local company to inspect our network, checking confureations, making everything run better) which helps a lot, but not something you can afford without some know how yourself.

Now, the smaller end of the scope, that needs a lot (Not nearly as much however) of the same grade of products as us, can't afford it. The worst part of all of this, most of the techs hired by small companies (Not all, so don't flame me) have never used anything outside of home grade. This in turn costs much much MUCH more than people should be spending when they can afford the better stuff but hire the wrong people.

Note: the rest is a story, and can be skipped (I tend to babble..)

A recent case, a friend of mine worked for a Tax office that had a total of five offices, all of which connecting using a hardware VPN to the main office. This system supported a VoIP (All lines came into the main office, then went out through the VPN..). The main office used a Comcast high end cable modem (16 Mb down, 512k up) at $300/month, then home cable (6 Mb down, 128k up) in its offices. When a phone rang, every come would go dead.. For WEEKS!

The tech (The one that set the system up in the first place) suggested changing all of the devices (Linksys Firewalls) to Sonicwalls (Newegg price at the time $450/each) into each (5x(450+%30)) into each office. I told him he needed better connections to support was he's trying, and also SonicWall doesn't support QOS over VPN, so it would create more problems. I suggested going with an SDSL in the main office for starters, then upgrading the connections in the offices..

A week later, the offices are sporting both ADSL, AND Cable modems, with duel (10x450+%30) SonicWall firewalls, the main office sporting duel T1's.. I just /facepalmed as the phone rang, and the system kicked out..

Moral of the story, CHOOSE YOUR TECHS WISELY!!
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -4. The time now is 12:00 AM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  402
john9527  158
azazel1024  116
htismaqe  103
sfx2000  87
stevech  75
ColinTaylor  69
AndreyPopov  58
TonyH  54
bbb0777  42
RMerlin  6059
john9527  390
stevech  351
ryzhov_al  280
TeHashX  237
L&LD  232
RogerSC  201
sinshiva  147
sfx2000  134
joegreat  126
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  29510
Old Brainstorming...  2661
Old RT-AC68P...  2640
Old Advice on...  2595
Old Looking for...  2358
Old RT-AC68U...  1894
Old Asus...  1814
Old Issues...  1779
Old Stable...  1678
Old AC-68...  1615
Old Asuswrt-Merli...  209
Old Brainstorming...  49
Old Advice on...  49
Old Looking for...  35
Old RT-AC68P...  31
Old WiFi...  27
Old Issues...  25
Old Stable...  25
Old WiFi Rates  23
Old RT-AC68U...  22


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.