THanks, this was helpful. I think I am going to go with a D-Link DI-714. Alex F
=>-----Original Message----- =>From: David R. Matusiak [mailto:[EMAIL PROTECTED]] =>Sent: Thursday, May 23, 2002 2:59 PM =>To: Filacchione, Alex (ISSAtlanta); [EMAIL PROTECTED] =>Subject: Re: Opinions? Wireless access point, firewall, eth., DSL box => => =>Alex -- => =>i recently purchased a WAP from linksys (Model# BEFW11S4) and =>have been =>quite happy with its performance. configurability, however, is not so =>snazzy. i want to be able to block ALL MAC addresses except my one =>wireless card. it does NOT offer this feature. you can only =>put a MAC in a =>"blocked list" once it has already shown up on your network. =>this is my =>main complaint with this product. you can find more info at: =><http://www.linksys.com/Products/product.asp?grid=23&prid=173> => =>beyond that, it has easy HTTP setup, offers a DMZ option for =>one host, and =>can do a "fair amount" of packet filtering. i like the 4-port hub =>built-in (not to mention the freedom of wireless). it offers =>40/56bit and =>128bit encryption, however, i could not get either to work =>with an apple =>airport card. so, basically i just turn off 802.11b when i am =>not using =>it. i can attest to the stability of this unit as it has not =>faltered in =>over two months of service. => =>regarding your comments about stateful firewalling and the =>like, i would =>advise one not to rely on such flimsy measures (well, if security is a =>primary concern) in these consumer grade devices. if you need real =>security, i would instead recommend that you pass your =>traffic thru a more =>robust and customizable firewall (ipfilter, checkpoint, nokia, it all =>depends on $$$ available), segment your WAP on an internal leg of the =>network where it will not be left to public scrutiny. => =>we've already heard enough about how all WAP WEP (40bit, =>128bit, you name =>it) is weak and fallible. so, you are better off securing your =>infrastructure instead of relying on a consumer WAP device. =>it all depends =>on how secure your environment needs to be, however. => =>looks like that SMC unit you found is a good one. now i'm =>wishing i had =>one that would block all MACs out of the box. best of luck with your =>research! (more net/sec links at URL below) => =>dave m. =>http://www.ibiblio.org/matusiak/bkmrk.html => =>On Thu, 23 May 2002, Filacchione, Alex (ISSAtlanta) wrote: => =>> I am looking for a combo DSL gateway (IF w/ DSL router), =>Firewall, 802.11b =>> access point, w/ 10/100 ports. =>> =>> Most of the reviews that I have read only slightly talk about the =>> firewalling features of these devices. =>> =>> The ones that I have looked at that look promising so far are: =>> =>> D-Link 713P and 714 =>> SMC Barricade (802.11 version) =>> =>> and a couple of others. In the street price range of $200 =>or less (the =>> D-Link you can get for around $100, and the SMC is only a =>little more) =>> =>> Has anyone really looked into these devices and their =>firewall features? In =>> your experience, which has the best firewalling features in =>this price =>> range? =>> =>> Some have stateful packet filtering, some don't. Some =>offer a DMZ function =>> (that I will never use), and some don't. Some offer port =>forwarding, some =>> don't. Some can control access based on MAC addr, some =>can't. Some are =>> managed via SNMP, some are http. All that I have looked at =>offer 40 & =>> 128-bit WEP. etc., etc., etc. =>> =>> I am not only looking for the best features, but the =>configurability of them =>> as well. Having dealt with firewalls and routers a lot in =>the past I really =>> don't care if the management interface is "pretty". But I =>do want it to be =>> functional and highly configurable, even if it is only with =>a command line =>> or something. =>> =>> Right now, judging by what I have read about the features I =>am leaning =>> towards the SMC as it has MAC based filtering, stateful =>inspection, port =>> forwarding, virtual ports, etc., etc. =>> =>> Any insight, advice, experience, etc. would be greatly appreciated! =>> =>> Thanks, =>> =>> Alex F =>> _______________________________________________ =>> Firewalls mailing list =>> [EMAIL PROTECTED] =>> For Account Management (unsubscribe, get/change password, =>etc) Please go to: =>> http://lists.gnac.net/mailman/listinfo/firewalls =>> => => => _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
