Related Articles

DSL/Cable routers have become big business. I know of several networking companies who owe a large chunk of their revenue growth to these routers, and that’s why we’re seeing a lot more companies coming out with routers that even compete favorably against the Linksys router, which was the lowest priced of all routers for a time. The SOHOware BroadGuard NBG800 Secure Router is one such new entry. Priced to move and loaded to the gills with features, the NBG800 is being pitched as the most secure and highest performing router of its price class, and SOHOware is working hard to make good on their pitch.

The BoardGuard's Box Shot & Box Contents

Sporting a somewhat dated look, the router nevertheless has a very functional design, with large, easily distinguished diag LEDs on the front, and a very clean rear panel. A reset switch at the back allows you to return all settings to defaults, and though an uplink port is missing, SOHOware includes both a regular Cat5 cable, and a crossover cable in case you need to connect to a switch or hub.

The documentation that comes with the BroadGuard is beyond just superb, it is without peer. I have never seen a more thoroughly useful and well-rounded manual for a networking device. That’s probably why you never see me mentioning manuals at all in my reviews. SOHOware gets kudos for including the most detailed installation instructions (for ALL platforms including Win9X, Win NT 4.0, Win2K, and MacOS), the most detailed troubleshooting guide, an awesome FAQ, plenty of illustrations, and a detailed description of all features. Simply amazing.

Features

And all that excellent documentation is great accompaniment to the equally excellent features. Aside from some of the standard features like DMZ (DeMilitarized Zone), DHCP server, NAT firewall protection, PPPoE support, and Access Controls, you have some funky stuff like hacker attempt email alerts and well documented VPN support.

So what is the hacker attempt email alert? It is an interesting idea that is quite nice in its simplicity. The NBG800 actually detects a port scan s (which can be someone looking for open ports to exploit), it will send off an email with an attached log file indicating the time and date of all ports scanned, along with the IP of the computer scanning the ports. Pretty cool huh?

The router also has intelligent routing via built in RIP I & RIP II protocols, something which other routers in this price range do NOT have (the Linksys router DOES have these two advanced features). The Log reporting of the router is also pretty well thought out. It actually reports on what sites each IP is visiting as well as whether that IP is browsing the web, performing an FTP download, or reading a newsgroup (all of this information is based on port requests, so its not exactly magic, but it could be helpful for some administrators).

SOHOware continues to introduce other interesting ideas through their unique Access Controls. Instead of just allowing you to limit the actual websites that client computers have access to via their URLs, you can also limit using keywords that you might find in URLs (ie “games”, “xxx”, etc). This little feature impressed me, but the rest of the Access Controls falls far behind what other routers offer. You do NOT have access to restrict specific ports on a per IP or a per group basis. Instead you can only restrict a handful of predefined and well known ports (ie port 80 for web browsing, port 21 for FTP, and etc). This could hardly be considered an exhaustive access control system, especially since blocking out FTP access isn’t the only concern a network admin might have, but it DOES offer an ease of use with high general relevance in the average small office or home. Unfortunately, the interface for controlling these restrictions is also quite restrictive.

One feature that is conspicuously absent from the router is a port forwarding feature. To me this is a standard feature that is almost a requirement on any internet router – without it you cannot run popular services like your own mailserver, your own webserver, or even your own FTP server. It may be small potatoes to the home user, but many small offices make good use of a secure/protected firewall with web services running on nonstandard ports. This is a major omission in my books. Which is why I am glad that SOHOware is working hard to resolve these issues in their next firmware update (coming sometime in March or April 2001).

The only other thing missing the ability to remotely administer the router (via the web), but this, too, is a feature that is planned in a forthcoming firmware upgrade.