NETGEAR Cable/DSL Prosafe 802.11b Wireless Firewall Review



Introduction & Routing Features

NETGEAR Cable/DSL Prosafe 802.11b Wireless Firewall (FM114P)
SummaryWi-Fi certified 802.11b wireless router, w/ 4 port 10/100switch & print server. Bundled with zer0knowledge's Freedom Security and Privacy suite.
UpdateNone
Pros• Schedulable firewall rules
• Scheduled, emailed logs & alerts
• Can disable wireless Access to LAN
• Built-in parallel-port printserver with LPR and bi-directional printer support
Cons• Cyclical variation in wireless throughput

NETGEAR Cable/DSL Prosafe 802.11b Wireless Firewall

The FM114P is essentially an FR114P with a built-in 802.11b access point. Since I previously reviewed the FR114P, please refer to that review for most of the routing details. In my checkout, however, I did notice some changes added by the Rev 1.4 Release 06 BETA firmware that I downloaded from NETGEAR's site that are worth mentioning:

  • This release adds UPnP support. It is enabled by default, but can be disabled via a checkbox on the LAN IP Setup screen. Passed my NAT Traversal test by automatically opening ports when I launched Microsoft Messenger, and closing them when I quit it. But the Internet Connection Status reports an 8.0Mbps speed, which should be 10Mbps.

  • The "Blocked Sites" feature now works for Newsgroups as well as websites.

  • The login "loopholes" seem to have been fixed.

  • Logging features have been enhanced and logging to a syslog server has been added. You can selectively log the following events:

    • All incoming and outgoing traffic
    • Router operation (start up, get time etc)
    • Connections to the Web-based interface of the router
    • Traffic to the router
    • ICMP traffic
    • Other IP packet traffic
    • Known DoS attacks and Port Scans
    • Attempted access to blocked sites


    Although I applaud the added logging features (especially the ability to log normal website traffic), NETGEAR still has some work to do here. Some of these checkboxes seem like duplicates and were confusing to me, and the log was filled with "Administrator Interface Connecting..." messages which looked like some sort of keep-alive from the computer that the admin interface was running from. Syslog logging seemed to work fine, though.