Features - Parental Controls, Advanced
Given the complexity of the firewall, I was disappointed in the Parental Controls section. You get both keyword and website/domain blocking, which can be applied to individual clients. But if you want to assign the same rule to multiple clients, you need to create a rule entry for each client. You can also block all Internet access, but again, you need to establish a rule for each client.
The bigger flaw with this feature is that the website blocking feature doesn't block subdomains. So setting a rule to block yahoo.com blocked access attempts to both www.yahoo.com and yahoo.com, but not my.yahoo.com. Worse, however, was that I could bypass the blocking by using the site's IP address. There are also no controls to block proxies, Java applets or ActiveX controls and I couldn't find blocked site attempts anywhere in the logs. As I said, this was a disappointing performance.
The Advanced section (Figure 12) holds all sorts of goodies, too numerous to review here, so I'll just hit the highlights.
Figure 12: Advanced settings
The Remote Administration link actually takes you over the the Firewall section and contains enables for Telnet, Secure Telnet and HTTPS access. But you can't limit access to specific IP addresses or ranges hereyou'll need to visit the Firewall's Advanced Filtering section for that.
Up and downlink priority-based QoS can be set in the Quality of Service section. Controls here include source and destination addresses and protocol. DSCP tagging can also be added, you can elect to log matched packets and also schedule when the QoS rule applies. Note that there are no overall bandwidth-limiting or shaping controls.
Other features found while navigating this section of the administration maze include Dynamic DNS support for dyndns.org, a log email function (buried in the System Settings) with username/password authentication but no test button, UPnP controls and LAN port speed and duplex settings.
Finally the System Monitoring section has both a simple status page with no security nag and the Full Status page shown in Figure 13. You'll also find System (console) log and Traffic Monitoring links among the Advanced Status menus. The latter, however, is just an abbreviated version of the Full Status page showing transmit / receive packet counts.
Figure 13: Full Status screen