"High-end" vs "Low-end" routers

Discussion in 'other firewalls' started by rerun2, Feb 9, 2004.

Thread Status:
Not open for further replies.
  1. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Any thoughts on how routers from d-link and linksys compare to those of zyxel, sonicwall, and snapgear (security-wise)?
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Not really a fair comparison. Depends a lot on where/how it is being deployed and on your security needs. For the average home user, the entry level routers provide good security and are likely all they will ever need.

    Regards,

    CrazyM
     
  3. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Thank you for the reply. I was thinking that as well. But was wondering if there was any justification for such a large price difference between the two types. Both seem to offer NAT, SPI, VPN capabilities, some type of anti intrusion defense, and support for quite a number of the same protocols.
     
  4. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    How much price difference is there really? I'm definitely no router specialist but mine is a "Network Everywhere" basic solutions from Linksys and its a 4 port cable/DSL with NAT for $40 at Wal-Mart.
     
  5. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Some of the higher end solutions that I have been looking into...
    Zyxel Zywall 10II - $260
    SnapGear SME530 - $350
    SonicWall TZ170 - $400

    These are just some price estimates.
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    While some of the features may seem similar at first glance, you have to look closely at the specifications. Once you get into the middle of the road or higher end models you will start to see true firewalls with SPI, packet filters and ACL's, support for numerous VPN tunnels, VPN coprocessors, better throughput, content filtering, etc. A little more than the basic NAT box most home users utilize (not that there is anything wrong with these, they provide good security and are easy on the pocket book).

    Some ball park figures to add to your list and show a range of prices:

    D-Link
    DI-604 $45
    DI-704P $60
    DFL-300 $350

    Linksys
    BEFSR41 $40
    BEFSX41 $70
    BEFVP41 $130
    RV082 $250

    Netgear
    FR114P $85
    FVL328 $130

    Zyxel
    Prestige P324 $80
    ZyWall 2X $130
    ZyWall 10II $240

    Cisco
    SOHO91 $250

    Sonicwall
    SOHO3 $350

    SnapGear
    Lite2+ $225
    SME530 $350

    Regards,

    CrazyM
     
  7. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    For a personal environment you may as well choose a low-end router. One of the differences is the bandwidth and availability that these routers can handle.
    Where functionality is similar, these capabilities are the main factor to base your decision on.
     
  8. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Whew! I must admit I didn't know the things even got so expensive! Mine was a bit of an impulse buy but the main idea was to get my second PC online to my cable modem without slowdown... I hadn't had any security problems before and I use DMZ host in order to host some directplay games.
     
  9. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    I don't need a router currently, but if i would, i am wondering if CISCO router worth their famous brand, i mean they are supposed to be a great brand of routers, better than others, but are they really ?

    They can handle more bandwith ? more customizable control pannel ? more features ?
     
  10. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Ease of use and price might be one of the bigger concerns with Cisco routers (dont know if this has changed with models geared more for small businesses though). No GUI and all command line when I tried it. A lot of other routers now have a type of web based GUI to make configuration easier though.

    So far in my search... price has been a rather large issue. Other issues have been no DMZ (as well as other smaller features) in Snapgear SME530. Questionable VPN support in D-Link DI804HV. May look more into Zyxel later.

    gkweb you may also find this link interesting if you havent seen it already...
    http://www.snapgear.com/vsothers.html

    That looks like a pretty good steal, would you happen to have a link
    o_O
     
  11. controler

    controler Guest

    I am using an Actiontec which i didn't see listed here yet.
    Also has the VPN, web blocking, IM blocking, DMZ, port forwarding.

    I am using the R1520su
     

    Attached Files:

  12. Red_Dwarf

    Red_Dwarf Registered Member

    Joined:
    Feb 10, 2004
    Posts:
    20
    Location:
    Earth last time I looked
    Just as an add in comment folks...

    Since Cisco tookover Linksys they have improved the web front end and added some cisco type features, that are a nice welcome surprise, but thank god they have not introduced their way of configuring cisco routers to Linksys *grins*

    But like others have already said to your question Rerun2, the entry level routers offer what most of us could possibly ask for.

    And of course there is the question of cash and requirments.

    I mean I just upgrade home from a sweex broadband router (was really cheap but great entry level) and Linksys 54g wire access point.
    I wanted everything in one box so I went for the Linksys WRT54G v2.

    hope you get what suites your needs

    Red Dwarf
     
  13. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Cisco now has what it calls "Cisco Router Web SetUp Tool (CRWS)" which is a web based interface for configuration purposes. This is in addtion to the traditional Cisco IOS Software command line interface (CLI).

    Sorry, can't recall which online place that came from. I hit a few when getting the ball park figures posted above. That would definitely be on the low side with a fairly limited user licence.

    Regards,

    CrazyM
     
  14. Red_Dwarf

    Red_Dwarf Registered Member

    Joined:
    Feb 10, 2004
    Posts:
    20
    Location:
    Earth last time I looked
     
  15. rerun2

    rerun2 Registered Member

    Joined:
    Aug 27, 2003
    Posts:
    338
    Thank you for all the input it is very much appreciated :D
     
  16. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hello rerun2

    We are assuming you are talking about wireless routers? If so then one of the most important differences is whether the router has Wireless Protected Access available. this is an interim security protocol that uses a 256 bit key and the key changes as often as you set it to change (for example every 15 minutes). Many high-speed super computers would be very hard pressed to try to break that kind of key even if running in parallel.

    If you use the WPA you need to have at the minimum Windows XP Home or Professional. The other operating systems cannot use WPA because there have been no software written for them. Perhaps some company has done so but not to our knowledge thus far. There is actually a possibility for a third-party vendor providing software for users who do not have XP. The company is at www.funk.com.

    If you are to use WPA then specify in the set-up that you will use your own pass phrase. Next, generate a pass phrase using only the characters 0-9 and A-F and make the pass phrase at least 21 characters long (case does not matter here). This way you will have a very solid 256 bit key and a very solid system.

    As to the question of the difference between commercial routers and consumer routers - the commercial routers have a much more robust CPU in them and they are able to run many more network devices whilst the consumer units start to really get slow after only about 6-7 network devices on them.

    We hope this helps anyone reading!
     
  17. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    Some common differences between cheaper and more expensive choices:

    - speed differences in VPN use (amount of connections, hardware acceleration)
    - availability to sustain a usable network bandwidth under a limited DOS attack (nothing can really withstand a properly done large DDOS9
    - amount of rules, configuration and NAPT forwarding options available at one time (cheaper ones have usually only one port per rule and limited number of rules)
    - if they have in-built ports (4 port switch) then the in-built switching speed may also vary when driving all ports at full 100mbit/s full duplex speed
    - ease of use, esp. for advanced features
    - pricing (per client IPs, price for upgrades, yearly license, etc)

    those are the common differences I've seen in lab tests, reviews and in my own testing.

    Which is the best?

    I wish there was a single best, I would buy it myself :)
     
  18. Valkyri001

    Valkyri001 Registered Member

    Joined:
    Feb 15, 2004
    Posts:
    300
    Location:
    Friendswood Tx. 77546
    :)Hope this isn't to late! We've been using a Linksys BEFW11S4 4-port switch for sometime now with no problems. RR speeds on the hard port are a little higher than the remotes (app 200kbs) but there are firmware dowloads available through linksys. Only time we ever have trouble is when ISP is lost. Hard resets fix that though.
    All for under 250$ (1)hard (2)remotes
     
Thread Status:
Not open for further replies.