SmallNetBuilder

Saturday, Nov 21st

Hot Stuff!
You are here: LAN & WAN LAN & WAN Reviews NETGEAR FR114P 4 Port Cable/DSL ProSafe Firewall/Print Server Review - Firewall, Port Mapping & Filters

NETGEAR FR114P 4 Port Cable/DSL ProSafe Firewall/Print Server Review - Firewall, Port Mapping & Filters

April 30, 2005 Tim Higgins
E-mail Print
<< Prev - Page 4 of 6 - Next >>

Firewall, Port Mapping & Filters

Although the FVS318 and FR114P's firewalls are both SPI-based, the 114P's firewall has a very different, and more flexible, interface than the 318's. The 114P uses a Rules and Services model, which is used to control all port usage through the firewall.

NETGEAR FR114P: Rules screen

Figure 1: Firewall Rules
(click on the image for a full-sized view)

Outbound Service rules (commonly known as Port Filters), are used to specify a range of ports, i.e. a service, that are either allowed or blocked from a range of LAN IP addresses to a range of WAN (Internet) IP addresses.

NETGEAR FR114P: Outbound Services screen
Figure 2: Outbound Services
(click on the image for a full-sized view)

Inbound Services (usually known as Port Forwarding), have the same configuration features as Outbound Services, but are used to allow access to servers on your LAN that are behind the 114P's firewall. Note that server "loopback" is supported for Inbound Services.

The 114P comes with service definitions for commonly used services such as HTTP (Web), FTP, and others, which you can pick from a drop-down list. When you need a service that's not pre-defined, you can add it via the Custom Services screen, shown below.

NETGEAR FR114P: Services screen
Figure 3: Custom Service
(click on the image for a full-sized view)

Rules have a few other handy features. Although both Inbound and Outbound rules are schedulable as shown below, there is only one schedule, which can be applied on a rule by rule basis. You can also control the logging of each rule with selections of Never, Always, Match, and Not Match, as well as the order of precedence for rules in both directions. But note that there is no ability to set an outbound trigger port for the Inbound Services... the service mappings are static only.

NETGEAR FR114P: Rule Scheduling screen
Figure 4: Rule Scheduling
(click on the image for a full-sized view)

As with the FVS318, you can exert finer control (than blocking all access with Outbound Services) over the websites that your users visit via the Block Sites feature. But in the 114P's case, the Block Sites feature is not schedulable, and applies to websites only (vs. websites and newsgroups). You can still enter one "Trusted" IP address that will get unfiltered Internet access, however.


<< Prev - Page 4 of 6 - Next >>


Related Items:

NETGEAR RP614 Cable/DSL Web Safe Router Gateway Review
Netgear FVS318 ProSafe VPN Firewall Review
NETGEAR Cable/DSL Prosafe 802.11b Wireless Firewall Review
SMC7004VBR Barricade Cable/DSL Broadband Router Review
D-Link DI-604 ExpressEtherNetwork 4 Port Broadband Router Review
Comscore