Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Security

Intrusion Detection and Protection is an aspect of the DFL-CPG310 Firewall that increases the Security of your network. In addition to its CheckPoint-developed Stateful Packet Inspection Firewall, the DFL-CPG-310 offers greater levels of security intelligence through its SmartDefend Intrusion Detection and Protection. As you can see in Figure 6, SmartDefend allows for detection of a wide array of specific network attacks, such as Denial of Service, Ping of Death, Worms, and numerous other threats. As I'll discuss in the pricing section, keeping the DFL's security software up to date is a subscription-based service.

IDS/IPS
Click to enlarge image
 

Figure 6: SmartDefend IDS/IPS options

The Firewall in the DFL-CPG310 has pre-built options to simplify port forwarding to Web, FTP, Telnet, Email, PPTP/VPN, Microsoft NBT (NetBIOS over TCP/IP), and VoIP (H.323) servers. Standard features, such as the ability to define a DMZ Host, are also available.

It is interesting that D-Link chose to have a pre-built configuration for H.323 VOIP signaling, when SIP VOIP signaling is more common. Nevertheless, building a rule to forward SIP signaling (port 5060) or other TCP/UDP ports can easily be done with the Firewall Rule Wizard.

When you build a Firewall rule, the DFL-CPG310 provides QoS options to allocate bandwidth for specific traffic, a nice feature, especially for VOIP. As you can see in Figure 7, the bandwidth options for port forwarding are Default, Urgent, Important, and Low Priority.

QoS options
Click to enlarge image

Figure 7: Firewall rule QoS bandwidth options

Understanding these options involves the DFL-CPG310's Traffic Shaper, which requires configuring the speed of your WAN connection. Using a network speed test on www.speakeasy.net, my WAN speed came in at 1829Kbps Up and 5367Kbps Down. I used these numbers on the WAN Interface configuration page (see Figure 8) to set an Upstream rate of 1750Kbps and Downstream rate of 5000Kbps, per the manual's recommendation to use settings below actual.

Traffic shaper
Click to enlarge image

Figure 8: Setting the connection speed for traffic shaping

The DFL's QoS settings use relative weight bandwidth allocation based on the Traffic Shaper configuration. Those settings and their weight are Default=10, Urgent=15, Important=20, and Low Priority=5. Thus, traffic assigned a priority of Important (20) will be allocated twice as much bandwidth as Default (10). If you upgrade to the PowerPack, you can configure the QoS settings to utilize more flexible QoS parameters, such as DSCP classifications or your own custom configuration. I'll touch on the PowerPack option under the Pricing section.

Additional subscription-based security features of the DFL-CPG310 include Antivirus and Web Filtering. The Antivirus feature allows for scanning and blocking of email at the gateway level, monitoring SMTP, POP3, and IMAP packets. The Web Filtering feature enables control of web surfing, providing over 30 different categories of web sites to screen, as you can see in Figure 9.

Web filter
Click to enlarge image

Figure 9: Web Filtering configuration

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi, I am new to Merlin firmware. Used to have RT-N16 on Asus firmware which was working pretty well for almost 10 years. Now, with new AC88U flashed w...
I currently have Xfinity Gigabit Internet. I use the Xfinity router with Wi-Fi off and a Apple Airport extreme plugged into the Xfinity to extend the ...
Which Asus routers use the same power adapters? I would be helpful to have a list with part numbers. For example, I know that the RT-AC66U B1 and the ...
Hello,Came across this firmware today regarding the adblock.My current router is Asus RT-AC55UHP, is there any way I will be able to use merlin's firm...
We just had a 300 mbps Internet service installed in our home, and my desktop routinely registers average speeds of 315 mbps. Needless to say, I'm ver...

Don't Miss These

  • 1
  • 2
  • 3