Recently, I surveyed several of the SBS MVP’s to find out which router(s) they use or recommend with their SBS installations. Their answers are listed below (no names, to protect the innocent!). As with many things, there were different opinions. If you have your own personal favorite, please add it as a feedback.
MVP #1: I’m using low end routers (DLink DI-604) along with the Basic firewall because these clients (under 15 users; no heavy Internet activity) normally don’t need a router that has all the high end features of VPN, SPI or extensive logs. The DLink is really cheap, but it gets the job done. VPN works, basic logging and it appears to keep the bad boys at bay. None of my sites require multiple simultaneous VPNs at this point.
MVP #2: I’ve used low end SOHO stuff too – mostly D-Link, but moving more towards MultiTech for the more wealthy clients.
MVP #3: I use cheap routers, Netgear mostly. The only client that requires multiple VPNs have a Linksys RV082 (which is quite good). I also have a Cisco which I don’t manage (don’t know how either J).
MVP #4: If we’re providing the router, we usually go low end – D-Link DI-604. They’re cheap and work great. We don’t have any sites with need for multiple simultaneous VPN tunnels or the like. We do have a handful of clients that have ISP-provided Cisco routers. As a result, I was forced to familiarize myself with the Cisco CLI.
MVP#5: Using Netgear mostly, and some D-Link (although not by preference).
MVP #6: I have a very specific dislike of DLink. They’re gear looks cheap, feels cheap and has caused me more grief than I care to remember.
MVP #7: The DLinks certainly don’t have the look and feel of a $300+ router, but I’ve had very few problems with the DI-604. It’s a little long in the tooth but has been a workhorse. Just had a client replace his defunct Sonicwall with one of these and he says his Internet downloading is faster now (not sure I could quantify that). Occasionally the PPTP passthrough needs to be reset and the router rebooted, but that’s about all. I had some issues with Linksys and VPN a year or so ago. And haven’t had the need to venture out into wireless routers yet (other than playing with them for home use).
MVP #8: For a low end unit the DI-604 has woked well for me with 0 failures so far. Linksys used to be my product of choice but lately their QC seems to have dropped.
MVP #9: I acknowledge that this is a high level of overkill, but I use a SonicWall TZ170. I had to replace my Linksys since I needed a device that supported more VPN connections. Since I had to spend money anyway, I decided to get the SonicWall under the Susan Bradley layered security theory. We have a mountain of confidential client docs on our Intranet, and we’re appropriately paranoid for that reason. FWIW, it works well in all respects.
MVP #10: I have used a bunch. I like SMC since they give you the option of saving the configuration to a file. They are also quite easy to use and configure. Adding other features like VPN, Netgear has been good to me. 3Com and Nortel are good in the high side.
MVP #11: I let the isp supply me with a connection I can use. Cisco router that they administer is fine. Westel or Netgear router that they supply that I can configure if I need to is fine. If for some reason they supplied just a dsl modem then I will get a Linksys, Belkin or Netgear router. I do not really sweat a router as a first line of defense. Heck, some isps give you a router wide open. You are on your own to configure ISA to do its job. I am more worried about people contaminating their own machines than someone hacking in.
MVP #12: Most of our sites use NetGear. The older models are better than the newer. We’re actually disappointed with the operation of several newer models. When we had to have something with VPN capability, we found the Netgear FVS we bought was a piece of junk (there’s a later model with a different mobo in it, much improved). We found SnapGear Lite or Lite+ good – they’re now called CyberGuard and the model is SG300. Good thing about them, they can act as VPN endpoint but don’t interfere with passthrough. We’re having a problem with one unit locking up occasionally though.
Our newer sites using ADSL we’re putting Netcomm combined ADSL modem and router into, not sure of model nb1300? Or relying on whatever the ISP can supply, we’re finding that having an ISP supplied router/modem combo is helping from the support angle, something going wrong with internet the ISP is responsible up to our external interface.
If we were putting Standard in (which we very seldom do) we’d like something like a WatchGuard Firebox. We have one site with a Firebox III, it’s a decent device. Not to be confused with the Firebox SOHO which was already in place when we took over another site, a capable unit but we’re glad it’s got ISA behind it. The most reliable device for Australian cable (BigPond) is the Compex NetPassage 15. It was the first unit to be available in AU with builtin login client. No other router has a login client as robust as this unit.
MVP #13: For my own office I use a SonicWALL SOHO TZW. I’m paranoid about having my client data at risk, so I’ve used a Watchguard SOHO and then a SonicWALL Tele 3, and now the TZW. For client sites I place them either behind a SonicWALL and then use Netgear or Linksys switches on the LAN, or I use ISA (SBS Premium) and place it directly behind their broadband device. ISA only goes into offices that I don’t intend to have site to site VPNs in and I use a straight CEICW install. If site to site VPNs are going to be happening, then I deploy SonicWALLs and do IPSec box-to-box connections between the offices. For home users not running a server, they normally end up running a Linksys or D-Link because they are easy to get at the local office store.