|At a Glance|
|Product||Linksys by Cisco Wireless-N Gigabit Router (WRT310N)|
|Summary||2.4 GHz Broadcom-based 802.11n Draft 2.0 router with gigabit switch, Parental Control and Security Features|
|Pros||• Scheduled web access and activity reporting
• Includes four TrendMicro AV licenses
• Gigabit WAN and switch
|Cons||• Ineffective web filtering
• Requires Windows application to administer
• No jumbo frame support
Cisco recently introduced a subscription-based security enhancement called Home Network Defender for their Linksys by Cisco draft 802.11n WRT310N and WRT610N wireless routers. (The WRT160N will be added "soon".) The focus of this review will be on the HND service. But I will also briefly look at the 310N's routing and wireless features, which are very similar to the previously reviewed WRT610N's.
Home Network Defender (HND) is comprised of router-executed web filtering, parental control, and user-activity reporting provided through a partnership with TrendMicro. Although the services themselves run on the router, setup and administration are accomplished by functions added to the Linksys EasyLink Advisor (LELA)—a setup and network management application shipped with all Linksys routers.
The last time we looked at LELA, we weren't very impressed. But that was before Cisco acquired Pure Networks and its Network Magic application that provides many of LELA's functions. LELA has matured and, with the addition of HND, now widened its scope. LELA's Setup Wizard now even runs on Windows and Mac OS systems. But LELA's network mapping / viewing, management, repair and now, HND functions require a Windows XP or Vista machine for configuration. Once the router's HND features are set up, however, I confirmed that you don't need to have a Windows machine running LELA.
It's an odd design choice to have router-based, OS neutral network security depend on a Windows machine to install and administer it. Other routers with similar security features that I have reviewed, specifically the Zyxel USG100 and the D-Link DFL-CPG310, both execute the security functions and provide browser-based administration.
HND also includes four licenses for TrendMicro Antivirus plus Antispyware (available via download), which run independently of HND.
After being installed on a Windows system, LELA uses HNAP, or Home Network Administration Protocol to construct a map of LAN devices. Device discovery is performed by running arp requests to all devices connected to the 310N's wired and wireless networks.
I configured my 310N to use the 192.168.199.0 address range on its LAN, and as you can see from the Wireshark capture in Figure 1, HND is systematically running arp requests from my PC (192.168.199.101) to the entire range of addresses from 192.168.199.1 to 192.168.199.254.
Figure 1: ARP discovery
Once LELA discovers a device via arp, it then attempts to set up a TCP connection with it using a multitude of ports to determine various details about the device such as its make, model, and operating system. This process can take awhile. But other LELA functions are still available while discovery is running.
I would advise against installing LELA on a notebook that travels between home and office. I had the pleasure of having a fellow engineer at work ask why my personal PC was trying to discover and connect to various secure corporate network devices. I found that LELA's network discovery runs regardless of whether LELA itself is launched, due to two services that are started when the system that LELA is installed on boots. The services are nmctxth.exe and nmsrvc.exe, which are Pure Networks Platform Assistant and Pure Networks Platform Service.
Note that if you have more than one router in your network, HND will not find devices behind the other router(s). Arp (address resolution protocol) broadcasts are limited to a single subnet, so HND will only manage devices directly connected (wired or wireless) to the 310N.
LELA displays discovered devices in an graphic "global" network map with the 310N in the center or in a "list" style map as displayed in Figure 2. You can flip between the global and list displays by clicking the map icon on the bottom right of the screen.
Figure 2: Network Device List Style Map
LELA will display each device with a generic name of "Network Device". But you can rename them to anything you want and choose from over 30 different icons to more accurately depict each device. Linksys has the home network covered, with icons for laptops, desktops, Macs, PDAs, printers, VoIP phones, storage devices, even gaming consoles.
LELA provides a dropdown menu for each device (Figure 3), with choices based on the device type. You can see MAC and IP address in the Details option, and devices can be assigned a name via the Rename option. If you have configurable network devices, the Advanced Settings option makes the Linksys map a handy place to view your network and launch individual device web configuration tools.
Figure 3: LELA Device menu
Linksys' manual says the Advanced Settings only works with Linksys devices. But I noticed it worked with several of my non-Linksys network devices, such as a NETGEAR router. It appears that LELA's Advanced Settings option works with devices that are configurable via HTTP port 80. Devices that are configured via port 8080 or HTTPS didn't have the Advanced Settings option.
There is also the option to Track a device as an Intruder, which turns the device icon red on the map and then inserts its MAC address into the 310N's Wireless MAC filter table, preventing that device from accessing your network. A downside to this feature is if you are already using the router's MAC filtering, the allowed MAC filter table will be erased and overwritten with disallowed Intruder devices.
Third, content filtering and scheduling is not dependent on the PC running the HND application. I loaded LELA and HND on my Vista laptop and applied restrictions to other PCs in my network. I then turned off my Vista laptop and verified both content filtering and scheduling were still in effect.