LOSTCIRCUITS

Miami, FLa-based Nexland is one of the lesser known players in the networking market, that is, as long as we are talking about the commodity or value sector. In the commercial grade and high end sector, Nexland is an established player sporting a full repertoire of Symantec Firewall/VPN Gateways used by ISPs and Telcos throughout the entire world. Nexland also offers so-called Internet Sharing Boxes or ISBs for the home and small business sector using the same high-end components but lacking the VPN hardware accelerators. Easy to configure and built for ultimate durability and performance, these ISBs stand out from the crowd of commodity firewalls. A unique feature of the Pro800turbo is the presence of dual WAN ports to allow load balancing and / or backup through different service providers. Compared to any standard firewall, we found an almost complete elimination of lag time resulting in a noticeable gain in access speed. The ISB Pro800turbo is not geared towards the budget oriented but deserves serious consideration for any small business with high security requirements. Moreover, any of the smaller ISBs sharing the same technology are worth a look for any geek who wants to get the maximum performance out of his or her cable connection without compromising internet security.

There are some concerns about wireless networking, though, the most important one being security breaches. The current 8 xxx standard offers extremely poor protection from anyone hacking into the wireless transmission via scanning the airwaves and using decryption software that needs only some 100 kB of data to crack the code and after that, the unsuspicious user is laid open to any local hacker who is either looking for a free ride to the internet or else wants to snoop around on the LAN side of the network.

Granted that there are countermeasures such as disabling DHCP and assigning static IP addresses to every computer on the network including a limited subnet mask but who amongst the standard users has the knowledge to take these issues into consideration. In rural areas, the limited reach of wireless interfaces poses a certain protection, however, in high density areas such as apartment buildings, wireless setups are probably not such a great idea. What the whole thing comes down to is the fact that the best firewall to the outside is useless if there is a back orifice through the LAN side of the network that can easily be hacked into by any drive-by shooter and for any business with sensitive data, this risk is simply not tolerable.

Another issue is that most wireless routers have only a limited number of standard ports available. In most cases, it is four LAN ports that are easily exhausted, not in a standard home but certainly when it comes to small businesses. In addition, there is the problem of too many users drawing on the same WAN access. All of these factors taken together bring up the need for something more custom tailored for small businesses, a clientele not to be underestimated. Such a solution would encompass the following features:

• an integrated firewall
• no wireless capabilities for security reasons
• a higher number of standard ports
• flexibility in internet access speed to compensate for multiple users
• advanced options like virtual private network (VPN)
• high internal processing speed and enough memory to provide the necessary bandwidth for both intra-LAN communications as well as WAN access using state of the art control operations.
• WAN sharing, similar as modem sharing but called Load Balance

Needless to say that there are enough routers that can be bought in any of the computer supply chains but those won't meet the criteria. Needless to say also that there are enough high end routers available who exceed the needs of a small business and, more importantly, the budget.

In our last article about the DLink D-Link DI-714 wireless router, we briefly touched upon the subject of firewalls and the way of how they operate:

Just in case that someone doesn't know what a firewall is, the abridged explanation is that a firewall uses an encryption routine behind which all computers on the LAN side are hidden. The operational principle behind a firewall is stateful packet inspection and filtering. Behind this term hides a routine that will allow only data to pass through that have been requested by a PC on the LAN side. In other words, logging on to the www and requesting a webpage to be downloaded will tell the firewall that these data will be arriving and, thus, they are assigned a "requested state" and allowed to pass through the filter. On the contrary, if anyone tries to access the LAN side of the network without being invited, the data will be discarded without further notice as if there were nothing behind the firewall.

Nexland ISB Pro800Turbo Behind the purple cover resides a serious firewall with capabilities to combine two separate WAN inputs, featuring eight LAN ports able to serve up to 253 computers using network address and port translation (NAPT). Ten licenses for Symantec Virtual Private Network secure connection are only the tip of the iceberg.

From the above, it should be clear that a router and firewall are not just passive interfaces to the outside world but that there is a lot of computing power that is going on, particularly in side a firewall. Computing power, in turn requires a dedicated Digital Signal Processor or DSP that reads the data packages, writes them into memory and then requests them again to route the packages exclusively to the party that requested them. By extension it should be clear that a faster DSP will assign the "requested state" and allocate the data to the relevant port much faster than a lower speed processor with more limited capabilities.

A lesser known company amongst the big players in the home and small office networking field is Miami, FL-based Nexland. Most likely, one will not find Nexland products at BestBuy or other outlet chains, the reason is quite simple, the quality of the device is above the average home-user needs. On the other hand, there are several reasons to look for something like the Nexland product line, in that the fastest PC won't be able to access the internet even at the capabilities of the local ISP or cable provider if the interposed firewall kills the access speed by dawdling or not being able to process data at the rate they come in. With high-speed connections gaining foothold, this factor should not be underestimated.

The repertoire of Nexland products encompasses simple firewalls to be added to existing networks and wireless routers with all the advantages and drawbacks outlined above but that's not where it ends. The flagship of the Nexland enterprise product line is the ISB (internet sharing box) Pro800turbo, a unique router in that it is the only router in its class to offer two separate WAN ports to combine two separate cable or DSL inputs by means of load balancing. Briefly, aside from doubling download / upload speeds (but only in multiple client configurations, see below for more detail), the dual WAN ports are capable of using separate providers which means double redundancy in case the never-heard-of problem of one provider experiencing technical difficulties is encountered. Again, for the home user, a downtime may be not that problematic, for businesses, though, it can be crippling.

next page:    => At One Glance =>