![[Bytes Link logo]](../../../cgif/bytelnk2.gif)
SMC Barricade 8-Port Cable/DSL Router
by Herbert Wong, Jr., ocug@SingularityTechnology.com - October 04, 2001 at 00:37:39:
Personal-firewall router hardware is the most exciting computer product category in years. It comes at a time when the need for greater Internet security is gaining recognition and home networking products are becoming pervasive. SMC's Barricade (8-port, reviewed here) is a full-featured product that exceeds the functionality of many of its competitors.The name normally given to such products, routers, disguises the reason most people will buy this product. Foremost in mind will be the personal firewall functionality. As an added bonus, there is print server (network printer sharing) capability.
A firewall is a security measure that is designed to protect valuable assets on the inside of firewall from the hostile environment on the outside the firewall. Firewalls can be implemented in hardware (possibly as a separate appliance) or in software.
This first generation of personal firewall primarily relies upon network address translation (NAT) for security. NAT takes a public WAN (wide area network) IP address and substitutes a private LAN (local area network) IP address that a network client uses. More simply, NAT changes the public network address provided by your ISP (Internet service provider) to a private network address for use only by computers within your network.
Because of this, an attempted intrusion to the system will against a computer that "doesn't exist."
Network address translation's most obvious benefit is that many computers can share a single IP address. The most common need for this is to provide Internet access to more than one computer when the ISP (Internet service provider) will only provide one IP address.
SMC Barricade products provide seven LAN connections in the eight-port unit and three LAN connections in the four-port unit. WAN access (from the ISP) is through a single Ethernet connection or dial-up access is through the serial port (DB-9).
Setup and Administration
The Barricade's administrative software is browser based. Just enter the IP address (192.168.123.254 by default) in a Web browser and then enter your administrator's password. Now you are free to traverse the menu system.
Most likely, the only configuration that you will need to set is how your ISP provides you with your IP address (WAN type). Under Primary Setup, Choose WAN Type of Static IP Address (ISP assigns you a static IP address), Dynamic IP Address (Obtain an IP address from ISP automatically), PPP over Ethernet (Some ISPs require the use of PPPoE to connect to their services), or Dial-up Network (To surf the Internet via PSTN/ISDN).
When the ISP dynamically sends an IP address, the Barricade acts as a DHCP (dynamic host configuration protocol) client to receive the IP address. Then, when the Barricade assigns an IP address to a client on the LAN, it acts as a DHCP server.
Features
The SMC Barricade 8-port (7008BR) is a solidly built metal box. It has an internal power supply (no AC-DC brick transformer) and removable power cord. In addition, there is a real on-off power switch.
A Barricade has a single DB-9 connector for RS-232 COM port communication. Its two functions are administration and serial-port modem communication.
Console Mode provides the means to access the firewall if you have forgotten your system password or the Barricade's IP address. A null-modem cable (not supplied) provides the required connection from the firewall's DB-9 connector to a PC's serial port.
For those people who are concerned about security and are still living in the Internet dark ages, a Barricade's DB-9 connector enables a serial port dial-up modem to connect to the PSTN (public switched telephone network; a.k.a. POTS, plain old telephone service). In practical terms, this allows you to have security and connection sharing on today's dial-up modem and easily upgrade to a broadband connection in the future.
The SMC Barricade 7004BR/7008BR series allows manual switching between broadband and dial-up connections. An updated 4-port model, SMC 7004ABR (not tested), is configurable to automatically discontinue using a failed broadband connection and resume communications over a dial-up modem connection. This functionality may only be of importance to those who live with extremely poor broadband connections.
My favorite feature of the SMC Barricade units is the parallel port for creating a print server. Attach the printer to the Barricade instead of a PC. To print, first turn on the Barricade and printer, and then simply print from any computer on the LAN! Without the print server function, the computer with the (local) printer attached to its parallel port needed to be on and running. With the print server, I can print forty or fifty pages faster than Windows 2000 can boot!
Configuring each computer to use the print server is a small inconvenience, but barely more difficult than installing the printer as a local printer. Attach a suitable parallel port printer to the Barricade, install the SMC print server software, and install the printer (under Windows 98) as a local printer. Instead of attaching it to LPT1:, under "Available ports:," select the "PRTmate (All-in-1 IP-Sharer)" option. I strongly recommend following the step-by-step instructions provided by SMC.
Documentation
The documentation (http://www.smc.com/smc/common/products.cfm) is the only thing that I would not give the highest marks. And it is not because the documentation is anything but very good. The documentation tells you how to configure the many Barricade options. All items are systematically covered with plenty of screen shots of dialog boxes.
Nevertheless, I wanted more! There are no discussions of how the firewall works, what default settings should be altered, various configuration scenarios, what not to do, etc. Good is not good enough when the product is outstanding.
I would like explanations of things like entries to the System Log. Does "Unrecognized access from 66.27.149.224:1706 to TCP port 80" mean that the firewall blocked the attempted access? On the other hand, was security breached and the System Log was just making a note of it? Since the entries remain the same whether a computer is on, or not, I don't think anything is awry.
Experiences
Here is my biggest complaint about this firewall. It is so simple to setup and operate that I don't know whether or not it is working correctly! I want some sort of feedback! (Please don't hack my system to let me know I need to reconfigure my firewall.)
Here is my favorite feature about this firewall. It is so simple to setup and operate that I don't know whether or not it is working correctly! I don't want some sort of feedback!
Alternatives/Supplements
Now I could run both a hardware and software firewall. Like so many others, I installed Zone Labs ZoneAlarm v.2.6 (http://www.zonelabs.com/). There were lots of popup messages telling me that some application that I was not familiar with was attempting to send or receive data. A slight mistake (a mouse click here or there) in granting access to my system could prove to be fatal to my data.
Additionally, on my Windows 2000 system, the Performance Monitor stopped working, the Windows Exploder Properties dialog box would not appear, and so much more... After much frustration and several complete reinstalls (from CD-ROM) of Windows 2000 and all applications, I deactivated ZoneAlarm. Guess what I discovered? ZoneAlarm is no longer welcome under Windows 2000.
Consider using the SMC Barricade instead. The hardware firewall solution is external to all connected computers. There is no software required except for the print server driver (which is discretionary). No nasty software means fewer headaches.
Conclusions
The SMC Barricade is simple to configure and use. Once it is working, you will almost never have to do any maintenance. The only software that you optionally must install is the PRTmate print server software.
The print server is a superior solution for printer sharing. I used it with a Samsung ML-4500 GDI WinPrinter and a real inkjet printer. It worked fine.
The network address translation worked simply and without problems. I only use one computer at a time, but NAT works perfectly to enable multiple computers to access the Internet through one IP address.
The SMC Barricade is an excellent single solution to many current computing configuration scenarios. Its switch/router integrates multiple computers in a LAN. Its network address translation and firewall functions makes broadband access more convenient and more secure. Its print server saves time, electricity, and money (other print server alternatives can cost about $300-400).
The SMC Barricade (http://www.smc.com/smc/common/products.cfm) is worth every cent (8-port SMC7008BR approximately $170US street price; 4-port SMC7004BR approximately $100US street price) for its tremendous functionality. Then, there is the untold savings you will never know about when it protects you from a security breach.
You own at least two computers and a printer, have broadband Internet access, and believe in bad people out there. Do yourself a favor. Run out and buy an SMC Barricade. You'll be glad you did.
This review first appeared in the North Orange County Computer Club's (http://www.noccc.org/) Orange Bytes for October 2001. The latest revision will eventually be available at http://www.SingularityTechnology.com/articles/SMC70.html. You can contact me, Herbert Wong, Jr. at ocug@SingularityTechnology.com. This review is dedicated to my cousin Bill Lum who was on the ninety-second floor of the World Trade Center's Tower Two on September 11, 2001.
![[------STRIPE-----]](../../../cgif/str1.gif){kind=small}
Site Disclaimer Suggestions? E-Mail to webmaster@noccc.org