Netgear is undoubtedly best know for its consumer networking products but its ProSafe router lineup aims to provide businesses with that little bit more in terms of features and security options. The VPN Firewall 50, or FVS338, offers the usual SPI/NAT firewalling and protection from DoS attacks but augments these with Internet failover and VPN support for up to fifty mobile clients. Netgear has also done a deal with Trend Micro to incorporate optional anti-virus and anti-spam measures.
The router provides eight Fast Ethernet ports for LAN connections and a single RJ-45 WAN port for adding a suitable broadband device. The web management interface design is common to all Netgear routers and consequently is very easy to use. For WAN failover to function you connect a standard modem to the appliance’s serial port and enter your ISP dial-up account details. The appliance checks for WAN failures by running a DNS lookup on a specific host or a Ping to an IP address and if it receives no response after so many seconds and a specified number of times it will automatically fire up the backup link. We tested this with a basic 56K modem and after disconnecting our ADSL modem found the backup link sprung into life after four DNS lookup failures.
The traffic meter feature could prove useful if your ISP places a monthly limit on your Internet usage and charges if you go above this. It keeps an eye on all WAN activity and can block all further access if a preset limit in Megabytes has been reached. You can add a temporary increase to the limit and also block all traffic except email. General traffic statistics are provided along with a table showing the amount in megabytes of web and email traffic as well.
Initially, security options look more interesting as you can place your LAN users in one of eight groups and apply an Internet access policy to each one. All systems along with their IP and MAC addresses are listed so you can easily select each one and add them to a group using the drop-down menu alongside. All ActiveX controls, Java applets, cookies and Web proxies can be blocked for all users and for each group you can set up a URL list and apply blocking to selected groups. However, only one URL list can be created and this is applied to all selected groups so you can’t have different lists for each group.
The firewall can be customized with extra rules for inbound and outbound traffic and Netgear provides an extensive list of predefined services. Rules can block or allow specific traffic and you can use one of three schedules to determine when they are active. One of six priorities can also be applied to selected services allowing rudimentary QoS (Quality of Service) to be implemented.