- Review Price: £150.00
OvisLink may be a relative newcomer to the UK but this Taiwan-based manufacturer has come in with a bang in the past few months by offering an extensive range of low cost networking products, some of which are quite unique. Its latest range of Security Gateway products are prime examples as these target small businesses and aim to offer a healthy dose of broadband security features along with access authentication and bandwidth management for incoming and outbound traffic based on firewall policies.
The RS-1000 isn’t very interesting to look at with its grey metal chassis offering nothing more than a quad of switched Fast Ethernet ports, a single RJ-45 WAN port at the rear and a bunch of status LEDs at the front for link status, speed and activity on the LAN and WAN ports. Processing isn’t radical either with a Waveplus MIPS 100MHz unit in the driving seat and backed up with 16MB of Flash and 32MB of SDRAM memory. Even so it should be enough for the target market. Power is provided by an external supply and a small reset button alongside returns the unit back to factory defaults if you make a mess of configuration. The appliance focuses purely on broadband security so wireless networking is not on the menu which is a pity considering the price.
Initial installation won’t take long as you point a PC at the appliance’s default IP address where you’ll be greeted by a tidy browser interface. It supports both transparent and NAT routing and we’d expect most users to opt for the latter which allows all LAN systems to use IP addresses and DNS information dished out by the appliance’s DHCP server. You’ll need to provide your own ADSL modem but be careful here as OvisLink products still only support PPPoE and not PPPoA, so you may have problems with a dumb ADSL modem and an ISP that uses this protocol. As we test over BT Broadband this included us but we did come up with a solution to our dilemma by using an intelligent ActionTec R4500U ADSL modem. We connected its Ethernet port to the RS-1000 WAN port and used the Cable Modem User setting which happily took the DHCP information supplied by the Actiontec modem.
Out of the box the appliance is locked down tight as it blocks all inbound and outbound traffic. To get you going you can create a simple firewall policy that allows Internet access to all users on the LAN and blocks all unsolicited inbound traffic. For general Internet access this will be quite sufficient but you can go much further by creating your own firewall policies for both traffic directions. By comparison these are actually surprisingly easy to setup and you start by creating lists of IP addresses on the LAN and WAN that you want the policies to be applied to. You can also specify MAC addresses on the LAN and the Clone option can automatically find this information once you’ve provided the client’s IP address.
Blocking external HTTP access for a specific client or group, for example, is a cinch as you create an address list followed by a policy that denies access to this service. Make sure it’s higher up the list than the rule that allows all external access. Any client on that list will now be stopped from browsing the Internet. A comprehensive list of services is already provided but you can add your custom services as well and use different schedules to determine when policies are to be active. QoS (quality of service) can be applied to policies by specifying guaranteed and maximum bandwidth in kb/sec and using one of three priorities. You can also create lists of users and passwords and stipulate that policies require authentication before a service can be accessed.
When it comes to web content filtering OvisLink plays the same game as many other vendors at this level by actually offering nothing more than URL and IP address blocking lists. Unlike managed services such as those offered by the myGuard 7500GL, Watchguard Firebox X15w and SonicWALL TZ150 Wireless – all you can do with the RS-1000 is manually create a list of up to 300 websites that you want to block. OvisLink claims you can implement AUPs (acceptable use policies) but this is going to involve a lot of manual labour. There’s also an option to block pop-ups, ActiveX and Java content, as well as cookies although this is an all or nothing approach that can’t be customised for individual users.
There’s no denying that the SG-1000 is one of the easiest to configure security appliances we’ve yet seen. The process of using addresses, QoS profiles, services, authentication lists and schedules and applying them to inbound and outbound policies as required is remarkably easy to set up and use. Content filtering isn’t anything special and be warned that PPPoA is still not supported by OvisLink, but if you can get round this as we did, then you’ll find this appliance offers a lot of Internet access controls well suited to small businesses.