SmallNetBuilder

Follow SmallNetBuilder
Follow SmallNetBuilder on TwitterConnect On Facebook Google+Get the SmallNetBuilder RSS Feed
You are here: Wireless Wireless Reviews Cisco RV220W Wireless Network Security Firewall Reviewed - Configuration, Differences, Security

Cisco RV220W Wireless Network Security Firewall Reviewed - Configuration, Differences, Security

Print E-mail
<< Prev - Page 2 of 4 - Next >>

Configuration

The menu structure of the RV220W and RV120W are nearly identical, with menu options listed along the left side of the GUI and some menus having multiple sub-options.  There are several additional features in the RV220W, as well as some differences, which I've listed in Table 1.

Main Menu SubMenus
RV220W RV120W
Status Interface Statistics X
Status Active Users X
Status SSL VPN Connection Status X
Networking Jumbo Frames X
Wireless X WPS
Cisco ProtectLink New Feature X
VPN SSL VPN Server X
VPN SSL VPN Client X
VPN PPTP Server X
Administration CSV File Import X
Table 1: RV 120W and RV 220W menu structure comparison

To begin, there are three new sub-menus in the Status menu.  The Interface Statistics sub-menu provides a packet count on the WAN and LAN, while the Active Users sub-menu shows all the logged in users, whether they are an admin user configuring the router or a remote SSL VPN user.

The SSL VPN Connection status sub-menu seems misplaced, however.  It would make more sense to me if it were with the other SSL VPN menus.  Nevertheless, it provides a useful display of active SSL VPN connections, as shown in Figure 3.

SSL Connection Status

Figure 3: SSL Connection Status

Another menu that seems misplaced is the port forwarding configuration page for the RV220W.  Initially, I thought port forwarding was omitted from the RV220W, because the port forwarding sub-menu on the RV120W is located in the Firewall menu.  On the RV220W, the port forwarding sub-menu is located in the SSL VPN menu.  The RV220W does allow port forwarding by application instead of specifying a port, possibly simplifying the configuration, if you look for it in the SSL VPN menu.

A carryover from the RV120W to the RV220W is the need to reboot the router to apply various configurations, such as enabling IPv6.  Rebooting the RV220W is slow, it takes 150 seconds before you can log back in, and even more time for the router to re-establish its WAN connection and pass traffic.

Differences

There are two main differences between the RV220W and the RV120W for your internal network. One, the RV220W LAN has Gigabit Ethernet ports. And two, the RV220W WLAN has a dual band wireless radio. These two additions allow for higher data speeds between devices on the wired and wireless networks.  Other than these two additions, wired and wireless LAN configuration options are virtually identical on the RV220W and RV120W.

I was pleased to see the RV220W had 10/100/1000 Ethernet ports plus jumbo frame capability supporting up to 9000 byte frames. This is lacking on the RV 120W, which has only 10/100 ports.

There is one more minor difference between the RV220W and the RV120W wireless options.  WPS (WIFI Protected Setup) is not supported on the RV220W, even though the feature was available on the less expensive RV120W.  But as Tim noted in his review, this is not surprising, given the business focus of the product.

Security

Firewall and security options on the RV220W and RV120W are also nearly identical and covered in the RV120W review.  There is one big difference, though.  As I noted in the menu differences above, the RV220W has a new subscription based security feature called Cisco ProtectLink.

Cisco ProtectLink is provided through a partnership with Trend Micro.  Cisco has a couple of versions of this feature.  The version of ProtectLink offered with the RV220W is the Gateway version.  Features of ProtectLink Gateway include:

  • Email spam blocker including virus and antiphishing protection
  • Web/URL content filtering with more the 80 categories of website types
  • Web threat protection for blocking malicious websites and monitoring accessed websites

Although ProtectLink works with the router, it is really a cloud-based service.  When activated and properly configured, email and web traffic requests from clients behind the router are sent to email and web servers at Trend Micro.  Replies to those requests are filtered or sent back to the clients, as depicted in Figure 4.

Cisco ProtectLink diagram

Figure 4: Cisco ProtectLink diagram

The advantage to this approach is the CPU intensive work of filtering traffic is performed by Trend Micro, not the router.  An additional advantage is the database of spammers and web sites is maintained centrally instead of requiring the router to download regular updates.

ProtectLink email protection is targeted at networks with an internal email server that can reroute their email MX (mail exchange) record to Trend Micro.  Once your MX record is pointed at Trend Micro, all email sent and received from PCs behind the RV220W is filtered by the Trend Micro service.

Web filtering doesn't require any changes on your network, however.  Web filtering is performed by Trend Micro, but you can enable and disable it, as well as define what is filtered on the RV220W.  Web categories that can be filtered include Adult, Business, Computers/Bandwidth, Computers/Communication, General, and Social.  Each of these categories has multiple different subcategories for a total of 80 filtering categories. 

I enabled the entire Social category and tried to go to Facebook, and got the message shown in Figure 5.

Web filtering block message

Figure 5: Web filtering block message

I played around with different categories to see what would be blocked.  For example, enabling the subcategory labeled Computers/Internet under the Business category blocked access to smallnetbuilder.com!

Different websites can be filtered based on different times of day based on time schedules created on the RV220W.  You can define two schedules: one labeled Business hours, the other Leisure hours.  The times you don't define as Business Hours will be considered Leisure hours.  Thus, you can block Facebook from 8am-5pm M-F, but allow it outside those hours.

Controls within the RV220W for ProtectLink include defining various clients by IP address to exclude from web filtering.  A whitelist of URLs can be entered for websites that should not be filtered.  Last, you can enable Web Reputation, a feature to protect against malicious websites. 

There is a 30 day free trial of ProtectLink, activated through sending an email and receiving a code.  A 1 or 3 year license can be purchased through various vendors on line.  For 25 email users and a 1 year license, the cost is $277.98.  For 25 email users and a 3 year license, the cost is $455.98.  There are also 100 email user licenses for 1 year and 3 years at $525.98 and $839.98.




Related Items:

New To The Charts: Cisco RV042 Dual WAN VPN Router
Cisco Adds Small-Biz Switches, VPN Router, More
Cisco RV180 VPN Router Reviewed
NETGEAR FVS318N ProSafe Wireless-N 8-port Gigabit VPN Firewall Reviewe
Cisco RV042 v3 Dual WAN VPN Router Reviewed

User reviews

View all user reviews

Average user rating from: 10 user(s)

NOTE! Please post product reviews from actual experience only.
Questions, review comments and opinions about products not based on actual use will not be published.

User Rating    [Back to Top]
Overall: 
 
3.0 Features :
 
3.0 Performance :
 
3.1 Reliability :
 
3.0
 
Ratings (the higher the better)
Features*
 
Performance*
 
Reliability*
 
Comments*
    Please enter the security code.
 
 

Sadly I have to I admit I lost my time and money with this router

Overall rating: 
 
1.0
Features:
 
1.0
Performance:
 
1.0
Reliability:
 
1.0
Reviewed by careful_reviewer
August 27, 2013
Report this review
 

I'd like to share the issues I had with this router - it might help other prospective buyers to decide.

I bought this router in 2011 in order to replace my old DLink, hoping that a "small business router" will perform better ...

I've updated with latest firmware (latest version is 1.0.4.17, released more than one year ago).

The main issue with its web pages is the slowness. Big slowness on access / change anything in these Web pages. Any change applied is followed by a waiting period (seconds) in order to succeed.
A side effect of this is the "automatic refresh". This happens when displaying the "status / dashboard" pages. The automatic refresh happens every 9 seconds or so and it is not configurable. So I was looking to a page full of information, trying to quickly read as much as I could in those 9 seconds interval (because during refresh time the page content is removed). Very frustrating. Imaging you are reading a Web page which is removed every 9 seconds, with a gap of 5 seconds when you see a progress bar. Who is the User Interface / System Analyst which designed this UI ?

I tryed to encourage myself saying that not all the day the user is using the router Web pages, what is the most important is how this device handles its tasks in the network.

But here, Cisco grossly disappointed me.
Several times each day this router was doing a re-boot. The time was pretty random. You can imagine all users in my LAN having the network access cut (WAN and LAN). Everybody was looking at me - I am the "SysAdmin" for that network.

The next step for me was to look on Internet to see if I am the only one with this issue.
I tried to Google "RV220W re-boot" and I saw that I am not alone. A lot of places where people complained about this.

This is an example you may want to read:
https://supportforums.cisco.com/thread/2195130 (Title: RV220W rebooting at random intervals).

There is no resolution for this issue at this moment.
All kind of workarounds are proposed on forums, such as:
- downgrade to the oldest firmware 1.0.1.0 (what a shame, Cisco!)
- disable some firewall settings in "Firewall/Attack prevention/LAN (Local Network) Security Checks" ( disable Block UDP, disable "Block Fragmented Packets") - I did all of these with no effect
(Cisco claims that the re-boot is a legitimate action router takes to block an attack from WAN, so we need to lower the firewall security to avoid reboot!)

Looking on their Web site I learned that
to get support for Cisco you have to purchase a service contract !

The last straw was when I tried to create a thread on Cisco support forums (the only place where I could hope for free support - I am not a business, just a private user with its home computer(s)). The signup process was very slow when I submitted the form data (what kind of Web servers + software is running there - I had to wait seconds and seconds for the form submit to succeed?)

After I finally created the user, and activated it using the received E-mail, I was unable to login.
The message was:
Your login was unsuccessful for one of the following reasons:
•You entered your user ID and/or password incorrectly. Please try again.
•You recently registered or reset your password and our systems are updating your information. Please try again in 5 minutes.

The coolest advice was "... our systems are updating your information. Please try again in 5 minutes"! He he he...

I can assure you I tried again and again 5 minutes after 5 minutes with the same result. Even now, days after registration, the same "... our systems are updating your information" is displayed.

Anybody can try to create an user name and see on its own.

To summarize:
- random reboot multiple times a day
- slow Web UI + annoying refresh - usability irritation
- miserable non-paid support (basically non usable)

I wasted so much time and energy until I had to acknowledge that I lost my two hundred and something I paid for this piece of hardware. I have to put is in the correct place: the e-waste recycle bin.

For me Cisco looks like a big corporate with chaos inside, but no danger for loss since it sells a lot for enterprise systems (Cisco phones etc.). So the "home user" has no significant place in this picture.

 

VPN assymetric speed

Overall rating: 
 
3.7
Features:
 
4.0
Performance:
 
3.0
Reliability:
 
4.0
Reviewed by Oleksiy
April 18, 2013
Report this review
 

Some days ago I got two RV220W devices to test VPN perfomance and got the strange results. I built site to site VPN , IPSec preshared key.
A) AES 256/SHA512/DH Group 1536 Incoming speed Mbit/s 17,07 Outgoing-34,14
B) AES 256/SHA1/DH Group 1024 Incoming speed Mbit/s 33,83 Outgoing 77,66
C) AES 128/SHA1/DH Group 1024 Incoming speed Mbit/s 34.69 Outgoing 78,00

I did not expect to see assymetric speed.
Suppose Cisco knows why? :)


 

I would not recommend this router

Overall rating: 
 
3.3
Features:
 
3.0
Performance:
 
3.0
Reliability:
 
4.0
Reviewed by Doc T
April 10, 2013
Report this review
 

Usin the latest firmware atm (1.0.4.17) the router seems fairly stable to me..

However, I would really not recommend this router to anyone..
Looking at the firmware change log, the firmware still contains many bugs..

The VPN functionality is close to impossible setting up (I have not managed to do so for now)..

Cisco has not provided any VPN client for Mac OS X users, and the IPsec VPN is not compatible with iPhone/iPad (which was the main reason why i bought this router)..

If you do not need VPN functionality, you should definitely not buy this router..
If you really need VPN functionality that badly, you should definitely go for a more professional solution..

I chose this router because of the Cisco brand.. However, it looks like they have ditched their Small Business series..

 

Lacking in Development of good firmware

Overall rating: 
 
3.3
Features:
 
5.0
Performance:
 
3.0
Reliability:
 
2.0
Reviewed by linksysinfo
August 27, 2012
Report this review
 

TBH this router could have been great except for allowing Team F1 to develop the firmware for this device.

Issues:

Frequent Random Reboots
DHCP Server slow at times.
WebGUI Very Laggy.

 

SSLVPN issues on RV220W

Overall rating: 
 
4.7
Features:
 
5.0
Performance:
 
4.0
Reliability:
 
5.0
Reviewed by Cisco User
February 02, 2012
Report this review
 

I have spent a lot of time trying to configure this device on my own and with CISCO tech support. My case was eventually escalated level 3 (i think).

Problem 1:

When accessing https://WAN_IP/portal/sslvpn portal, text fields were grayed out and login button was disabled.

Solution: We eventually figure out that URL is CASE SENSITIVE
You must use https://WAN_IP/portal/SSLVPN for it to work properly.

Problem 2:
I am using Windows 7 x64 OS and no matter what I tried I I continuously received the message "Error Virtual Passage Installation Failed!" I built numerous virtual machines and confirmed that Virtual Passage driver works on WIndows XP and WIndows 7 x86, but NOT on x64.


Here is a final response from CISCO tech:
--------------------------
This is a valid issue that has been root caused. The SSL VPN driver file (.sys file) has a self signed Cisco signature but it should have Microsoft signature to get around the below Windows error.
This will be fixed for the upcoming MR2 release. We are investigating whether a work around to the below installation issue is available with the current firmware.
--------------------------

(Firmware Version: 1.0.3.5).

 
 
View all user reviews

Amazon Top-Selling Wireless Routers