Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

NAS Reviews

Firewall Features

Given the premium price that ioGEAR and Tritton are asking for their products, I was surprised to find the products' firewalls both missing important capabilities and buggy in the features they did have. But in the interest of trying to stay positive, I'll cover the better stuff first.

The ASAP / BOSS has two capabilities not typically included in consumer routers - Multiple NAT and IP Alias. Multiple NAT allows users that have multiple public IP address from their ISP to assign specific LAN clients to share a particular public IP address. This is mostly useful for business users and most useful for distributing server load.

The IP Alias feature - a first for me - lets you have LAN clients in up to three IP address ranges in addition to the 172.16.1.X or 192.168.2.X supported by the ASAP and BOSS' default settings. This could be handy for larger networks, or those with statically assigned IP addresses.

You also get to control some of the Stateful Packet Inspection (SPI) aspects of the firewall via the Denial of Service page (Figure 5).

BOSS Denial of Service settings

Figure 5: BOSS Denial of Service settings

Access to Internet services is controlled by the IP Filter capability, which provides five sets of IP address ranges that can each have four single ports and one port range blocked (Figure 6). But since the IP Filter Group must be specified in "slash" notation (example 172.16.1.0 / 24), you're pretty much limited to having the filters apply to all clients on your LAN - not very helpful.

BOSS IP filter settings

Figure 6: BOSS IP filter settings

From these high points, however, the firewall feature set heads steadily downhill. First, you can forward only ten, single, static IP addresses via the Virtual Server feature, and neither port ranges, nor triggered mapping nor "loopback" is supported. You currently can't even make up for the miserly number of forwarded ports by using DMZ, since it's not available either. When I asked about these missing features, ioGEAR said they will be added in a future firmware release, while Tritton would say only that they'll "look into" adding the features.

Next, though you get ten URL filters, they aren't very robust. You can't enter keywords and instead must enter URLs with a .com, .net, etc. (i.e. "yahoo.com" not just "yahoo"). I found that sub-domains (i.e. mail.yahoo.com) are not automatically handled and you can't enter a sub-domain wildcard (i.e. *.yahoo.com) either. By the way, note that the URL filters, IP filters and Virtual Servers aren't schedulable, a feature found on routers costing far less.

The worst "feature", however, is the major security hole opened as soon as you enable the ASAP / BOSS' file sharing features. I'll describe that later in the File Sharing section, but for now, let's move on to the VPN features and performance.

More NAS

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I’m using 384.9 on the AC87U and noticed last weekend the parental controls cut the kids internet off an hour early. When I checked the clock was in D...
Good day, I have been searching for a way to optimize my Asus Merlin ac3100 router, and it has been difficult to find a comprehensive guide. I get 100...
Hi everyoneSometime , I upgrade my R7800 router to Voxel V1.0.2.64SF firmware . I want to install entware bug I got an issue when I plugged second USB...
I currently have a Netgear R7800 running Kong DD-WRT. I have my 2.4Ghz and 5Ghz interfaces using the same SSID, we have mostly new devices and they pr...
Hello,I play games and have been trying to minimize my network's latency to improve this experience. Also, I am hosing a LAN party soon where my netwo...

Don't Miss These

  • 1
  • 2
  • 3