|
Broadguard NBG800
Router
Review Type: Hands On
Reviewer: Courtney
Lewis
Date: Apr 23, 2001
|
Flash that
ROM!
SohoWare does much more
than just ‘fix bugs’ with their FlashROM upgrades. Entire new
feature sets are sometimes added. Keep up with the latest rom update
here: Sohoware Tech
Support
|
Broadguard router and firewall
features:
1
RJ-45 10Mpbs Ethernet WAN port
4 RJ-45 10/100Mbps switched etherent LAN ports
Web based administration interface
Firewall with statefull packet inspection
HackerAlert system
Summary
The SohoWare Broadguard is the first sub
$200 router to sport a firewall with statefull packet inspection. The
web based user interface features pop-up help screens that are especially informative and helpful.
The Broadguard has a well rounded feature and represents a new measure
by witch other routers should be measured.
 A quick story about my
adventures with the Broadguard
When I first started using the
SohoWare Broadguard I was excited about the superior firewall features but
less than impressed with the operations of the unit as a basic broadband
router. Some key features were missing from the Broadguard that I had come
to expect in any modern broadband router. After some fiddling, I
downloaded the latest FlashROM upgrade from the SohoWare site and –BAM- a
whole new set of features appeared. All the areas where the Broadguard was lacking were suddenly
fixed– all through a simple FlashROM upgrade. If you purchase a
Broadguard, do yourself a favor and keep up with the upgrades – they are WELL
worth it.
Administration and
Setup
 The configuration interface is
web based and can be administered from any platform. With remote
administration enabled it can also be administered over the Internet. The
IP schema can be completely user defined, but the default should work for
just about everyone. A combination of pop-up help boxes and a
configuration wizard makes the router especially easy to configure. I
found the on-line help very informative and the wizard easy to use. Port Forwarding and DMZ
A new feature for the
Broadguard is port forwarding. The Broadguard supports only very basic
user defined port forwarding, but does not expose the level of
control that some other routers have. 
More features ARE available in the router,
but are not yet exposed in the web interface. I expect more features to
appear in the web interface with the next upgrade. The DMZ is something special.
Most routers let you map your single Internet IP address to a single LAN
computer. The Broadguard’s DMZ allows up to 8 other DMZ’s to be
established in case you wish to utilize multiple internet IP address. They
can be mapped to the same LAN computer or different ones.
The Firewall
 We ran the firewall through a series of
tests and it performed perfectly. A thorough port scan showed the router
to be locked down tightly. Unlike most other routers that rely on NAT as
the firewall, the broadguard includes statefull packet inspection. This
allows the unit to detect and thwart many advanced kinds of attacks that
other routers choke on. This level of security is great to see in router
that costs less than $200. ( see
firewall test results
) Logging
This is the only area that the
Broadguard is weak in. The device will display a list of its current
activity, but does not track any historical data. I would have liked to
see a better loggin system, especially with such a strong firewall.
Hacker Alert
The Broadguard includes an e-mail agent
that will send a message whenever it detects an attack- SohoWare calls this
‘Hacker Alert’. Hacker Alert is either On of Off. With it on, every time an
attack comes in, an e-mail is generated. With it off, no alert is generated and
no log of the attack is kept. By default, Hacker Alert sends e-mail
through its own mail server at NBG800.com. This can be changed but
SohoWare recommends using theirs.
Advanced
Options
 The web interface is not the
only administration interface available on the Boradguard. The Broadguard
also has a telnet server built in that lets advanced users control a few
more features than the web interface allows. Here are some of the
undocumented features I found. 1) Fully configurable SNMP trap
setup
2) Advanced port forwarding
with mismatched internal and external ports
I fully expect that these
features will be exposed in the web interface in time, but why wait! The
Broadguard is a powerful machine so take advantage of it’s entire feature
set.
Manual and FlashROM upgrades
can be found at
Interesting
Note: On 4/23/2001 I recieved
about 40 teardrop attacks on the IP address the Broadguard was on.
The Hacker Alert system worked great and let me know exactly who was doing
the attacks. Needless to say abuse@home.com is looking into it.
| 
Sohoware broadguard
Menu:
SohoWare 
