Main
Broadband
Reviews
Articles
Forums
Info
The Broadband Guide
SG
search advanced
Main
Broadband
Reviews
Articles
Forums
Info
Login
Please Login
reviews shortcuts
ReviewsReviews

SMC Barricade 7004AWBR

A 4-Port Wireless Broadband Router with built-in 802.11b and print server
Quick Index: 
Date: 2002-06-05 07:38
Author: Tom (Bouncer) Blakely, CCNA, CCDA
Category: Wireless
Manufacturer: SMC
Product/Model: Barricade SMC7004AWBR
List Price: $209.99
Online Price: $164.88 @ JandR.com

Management Interface:

The router interface is Web driven, and very easy to use. Below is a picture of one of the basic management screens when you first logon:

Click to expand

NAT, refers to the ability to use one public address to represent multiple inside private addresses. The NAT takes the requests from the inside machines, and presents them to the internet as if they were all coming from the one external IP address. The advantage to this is two fold: It saves limited address space, and as a byproduct, it increases security. When you open a session through NAT, the router tags that session with a number. And it knows that any information coming back to that number is for the particular inside machine. If the router gets a request from the internet for a number it doesn't have, it drops the packet because it doesn't know what to do with it. Basically, this means that most normal communications to the internet have to be started from the inside. So people outside cannot simply initiate communications to the inside machines.

On the NAT router side we have the ability to clone a MAC address from a machine on your home LAN. This is necessary for some cable companies who authenticate based on the MAC (Hardware) address of a network Card in your machine. The router will pretend that it is your machine to the network, allowing you to authenticate. It may or may not be necessary to do this, but sometimes it is, and the router provides for that scenario. In either case the router will acquire a DHCP address from the ISP, as well as default gateway and DNS server information. These are used for directing information to the proper exit, and acquiring a number, to match a name. It will then store this information and pass them on to any of your home computers that connect. The router will even automatically renew your address and connection for you. This means that barring system changes at the ISP, you should have the same addressing information fairly consistently and maintain connectivity. This feature is most useful for those of you on DSL PPPoE type connections, or who are using a Dynamic DNS service.

The router has quite a few security features, enough so that simply calling it a Firewall doesn't do it justice.

Click to expand

On the LAN side of the router, You can decide what machines can communicate with the router by hardware address (MAC). MAC filtering is most useful across the wireless link, to prevent other people from accidentally (or otherwise) accessing your router and your LAN. However, if you're so inclined, or if you're using it in a small office you can apply it so that only the hardware addresses of the servers you specify will be able to communicate with the router. The wireless side goes even further, and can be set to only allow certain devices to associate with the machine. That is, the router won't even acknowledge those devices across the wireless link unless they meet certain security requirements. We'll get more into this in the wireless section. The only limitation is that you can only specify up to 32 different devices for MAC authentication.

Click to expand

Packet Filtering can be done on *both* an Incoming and Outgoing Filter basis.

Within the Incoming or Outgoing Filter, you can select:

  1. Source and Destination Address.
  2. A Single port or a Range of ports.
  3. Whether the port is TCP or UDP port (or both).

Looking at the picture, you may notice that I block incoming Telnet (23), NetBIOS services (137,138,139) and SNMP (161,162). The reason you don't see any addresses, is that if you leave the address field blank it applies to all addresses. In the example above, I'm blocking ANY outside address and ANY port that attempts to reach ANY inside address on the ports I have specified.

The combination of Incoming and Outgoing filter sets is quite powerful. It allows you to customize who may browse the web, or what outside servers you will allow to communicate with you to exchange mail or files, as I did above. When combined with MAC address control, you can very effectively limit who may communicate through the router in either direction on both the wired and wireless portions. You are limited to 20 incoming and 20 outgoing filter sets. However, You can block a range of addresses or ports, not just individual ones. If you take another look you'll see that I blocked 137-139. That's all ports starting with 137, and ending with 139. So blocking ranges is very easy. You can even put a "T" or "U" in front to specify whether you want to block only the TCP or only the UDP. If you don't specify, as in my example, both TCP and UDP ports are blocked.

Some of the other nice features are shown below.

Click to expand

Here you can set up a DMZ server, a server which is NOT protected by the packet filter, and open to the internet. Be advised, if you do this it is a good idea to run a local firewall on that server. Interestingly, you can manage the router remotely if you need to. Be advised there is a security risk in turning this feature on, so, consider whether you really need the ability to manage the router from some other place not on your LAN. You can discard pings from the WAN side. This is a security issue and you're less likely to attract the attention of curious types if they don't know you're there. In some instance you may want to respond to a ping, normally, I like my privacy.

 

Printer Server

The printer server is very straightforward. SMC provides a printer client that you put on your machines, they print to the client. The client forwards it to the router, and the port translates to the actual printer. It's very straightforward, works well, and there was no observed impact on printing while browsing or testing.

As if all that weren't enough, they also put in wireless access!

Click to expand

Previous page  1 | 2 | 3  Next page top
  User Reviews/Comments:
    rate:
   avg:
by dirk - 2007-02-20 13:29
Well - the wireless download speed with WEP enabled is here significantly higher - up to 3600kbps on average - peaks up to 4300kbps. And - strange enough - WEP enabled does nothing to that. Same rate...
I have a ADSL 6000kbps internet connection at home, testimg with XPsp2.

Cheers
Dirk
comment print discuss top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About