The Hotbrick 401W with the new firmware (June 2005) does not save passwords properly with passwords ending in a number. (i.e. glen123) I am a good QA engineer!
Review of the firewall: (Besides the bug)
- The thing gets HOT. Almost to the point of burning me. They don’t call it Hotbrick for nothing.
- The interface is ugly as sin. Why can’t they get a graphic artists to just give them a decent layout, this is embarrassing.
- The actual functionality in the device is very nice. Auto-detect of client machines. It creates a nice database of servers or workstations and you can create rules using their normal names. This is really a high end feature that the Cisco Pix 501 (sux) tries also has. Although the Pix (sux) trips all over themselves in PDM setting it up.
- WPA support. This is a must in any wireless device. They have more options on this than other comparables I have seen. AES, TKIP and more.
- The logs are unreadable. This is an area the Tele3 from Sonicwall had wrapped up. Logs were great on that thing. The 401w could improve on this alot.
- The price is fantastic. $129 for a great router/firewall with wireless built in. I took a chance on this device specifically because the price was worth it. Free firmware upgrades and they don’t make you sign into a super secure site to get them. Sonicwall was awful on that score. If you don’t have official ownership of a device, you need to jump through hoops just to get a firmware upgrade. Its a mess.
- Overall, I give this device a B+ which is the best grade I have given any firewall out there.
Other firewalls I have used:
Sonicwall Soho3: B-. Mediocre UI, great logging. Can’t stand mysonicwall.com to get firmware. Too expensive, and too limited in functionality. This was my first firewall. I believe they have scrapped this product line.
Sonicwall Tele3: C+. Couldn’t tell the difference between this and the SOHO3. I guess I wasn’t using the VPN features so it didn’t matter. However, this device only allowed 10 internal IP addresses. What the hell is that all about? Would cost hundreds of dollars for an upgrade? Made me pack it up.
Cisco Pix 501: F-. Piece of crap. PDM (GUI) doesn’t work at all. Command line is the ONLY way to manage this thing. Expensive as hell. The technical support people were worthless. I literally couldn’t get the simplest of networks setup. If I could advise you to avoid only firewall, this is the one. Booo!
Hotbrick 401W: B+. See above.
Microsoft MN-500: C. Nice interface, but very limited functionality. Had wireless built in, but only 802.11b. No upgrade through firmware. Nice UPnP support. Microsoft has since dropped the product line completely. The MN-100 was this exact model without the wireless support. (C- for that one)
Microsoft MN-700: C+. Just like the 100 but with some improvements in functionality, most notably WPA support. Still, it just didn’t have enough functionality. The logs were awful.
Soekris Net45xx running M0n0wall: C. I had never heard of this thing before. A consultant talked us into buying one. It is an interesting project. An open source firewall. The UI was decent, although I found it a bit confusing. Also the sysadmin using it apparently had installed a beta version of the firmware and the thing required way too many reboots. If you are an enthusiast and want to play around with something that will change often, this is a good choice. Otherwise, I wouldn’t suggest it.
Watchguard Firebox Soho6: B-. I didn’t use these that much but I remember an excellent UI. The main drawback to firebox is that it costs a fortune. Too expensive to use. More expensive than Sonicwall. Also, they don’t just “sell” the device, you have to jump through hoops just to get one.
Juniper Netscreen 5GT: B-. Same as the Watchguard. Decent interface, but way too expensive and you can’t just purchase one of these.
Ok, that’s my review. I don’t know how many people read through this blog. Or how many of them know what the hell I am talking about. But if you did and you do, then please give your own thoughts on the best firewall.