Feature Analysis and Comment
In an effort to save both you, the reader, and me, the reviewer, some time, I've created a slideshow of nearly all of the admin screens that should give you a good tour of the 4000's feature set. Of course in some cases, the slides and captions don't tell the whole story, so I'll provide commentary and analysis here for some of the unique features and bugs that I found.
Check out the slideshow for a detailed admin interface tour of the RVS4000.
Setup is uneventful and you reach the admin interface at 192.168.1.1 or by clicking the UPnP icon that will appear in the Windows System Notification Area (Tray) if you have the right UPnP settings. (Navigate to Network Connections > Advanced > Optional Networking Components > Networking Services and enable Internet Gateway Device Discovery and Control Client and UPnP User Interface).
The interface was generally peppy enough and saved settings pretty quickly. But sometimes the admin interface would hang for a bit for no apparent reason and then come back. Secure admin access via HTTPs is supported only for remote (WAN side) access, which I found a bit odd, but better than no secure access at all. Management via SNMP is also supported (I didn't try it) if you're into that method of management.
You can also define eight different administrator usernames and passwords, but I didn't see any way to assign per-user permissions. Multiple admin logins are allowed with no warning issued, so there is no logout function. I'll also note a personal pet peeve: the inability to change the admin idle logout time which appears to be about 5 minutes.
Other admin features include a Diagnostics screen with Ping, Traceroute and Cable Diagnostic functions. You also get configuration backup and restore, reset to defaults, reboot and firmware upgrade functions.
The Firewall has a pretty good set of features including Java, Cookie, ActiveX and Proxy blocking enables, inbound and outbound port filters (the "IP Based ACL" feature), 15 single port forwards and 10 sets each of port range and triggered port forwarding. The port filters and "Internet Access Policies" (domain and keyword blockings) are schedulable and the blocking is smart enough to not be worked around by using IP addresses for at least the domain blocking.
I was happy to see that, unlike products based on Ubicom's StreamEngine technology, the 4000 believes that downstream QoS is as important as upstream. All the 4000's QoS features including Bandwidth Management and Port, CoS and DSCP based QoS support both directions. Unless you have experience with configuring Priority / Queue based QoS methods, you'll probably stick to using the easier to configure Bandwidth Management QoS flavors (Rate Control or Priority based).
Figure 4: Experienced users only, please
I did note problems with setting the Trust Mode and Default CoS/Port Priority selectors in the QoS setup screen with Firefox 220.127.116.11 that were solved by using IE 6.0.X. All other settings worked fine.
Logging was not too bad, with the ability to control the level of messages logged and sending to a syslog server. But new messages were added to the bottom of the file, which means that you'll spend time scrolling to see new entries. I wasn't able to get the Email Alerts feature to work, probably due to authentication issues with my ISP's SMTP server. I appreciated the "E-mail Log Now" button to use for testing, but didn't like the lack of any log entries regarding the success or failure of emailing.
One of the most pleasant surprises in the RVS4000 was that in addition to the IPsec and QoS goodies, it also contains a pretty full-featured Level 2 managed switch! While the switch is only four ports, those ports can be configured into VLANs, have 802.1X / RADIUS authentication enabled, have link speed and mode set (including disabled), be mirrored for debugging and analysis and redundantly connected while protected by RSTP (Rapid Spanning Tree Protocol). The only common "smart switch" feature I noted missing was link aggregation.