Level One FBR-1411TX VPN router with DMZ port

Today we will look at a 4-port VPN router for small offices from Level One. This router can become an indispensable network device for companies that need to provide secure access for customers to their network resources, but at the same time provide free access for everyone to a dedicated server. Let's say you have a company that sells over the Internet, and you need to give access to your database to partners in other cities using a reliable VPN connection. At the same time, your own web server should be accessible to anyone, but protected from hacker attacks. The Level One FBR-1411TX router is able to allocate more than 40 VPN tunnels, it has a built-in firewall, a DHCP server and one DMZ port for the so-called "demilitarized zone". Let's look at the router's capabilities in more detail.

Improve security with DMZ

VPN-роутер Level 1 FBR-1411TX

Almost any enterprise or small organization has resources that should be accessible from the external network and resources that cannot be accessed from outside. Public resources may refuse to work through brandmasters, and applications such as a video conference server, mail server, or web server must be given open access to the global network. If such a server is located in the main local network, hacking it entails gaining access to machines located throughout the internal network. Therefore, a separate DMZ (Demilitarized Zone) is created for public servers to provide additional security. This zone isolates computers that have a direct Internet connection from computers on the internal network. It looks as if the computers in the DMZ are located before the firewall. To use a DMZ zone, you must connect public computers to a router that has a DMZ port.

The allocation of public computers in a separate zone has another advantage - savings of on-net traffic. However, it happens that a public computer must access, for example, a database located on an internal network server. In this case, the administrator can specify in the router settings communication restrictions between the internal network and the DMZ zone based on the requested ports, IP addresses, etc.

To protect the internal network, a hardware firewall is used to check the contents of data packets, SPI (Stateful Packet Inspection). It is the most reliable way to protect your company's computers from external attacks, as it allows you to avoid packets containing malicious codes entering your network.

Domain filtering is a common feature for a router equipped with a firewall. in the FBR-1411TX model, you can log access to selected resources. For example, you can disable a site like ebay.com and the router will record which computers in your network tried to access this site. It is convenient to arrange a scolding at the end of the working week. You can also block a number of URLs by keyword. For example, all addresses containing the words "sex", "erotica", and "mp3".

 Level One FBR-1411TX Exterior

The level One fbr-1411TX VPN router is made in the same form factor as most of the network equipment for offices from this German company. The beautiful design, standard dimensions and rectangular shape easily allows you to install several routers, a switch and, say, an access point on top of each other.

Level 1 FBR-1411TX

On the front panel, there are connection and activity indicators for each of the ports, including WAN and DMZ, as well as power and router status indicators.

Level 1 FBR-1411TX

On the reverse side, four RJ45 ports are installed in a row for the internal network, a WAN port for connecting to a local network (ADSL modem or other router) and a DMZ port. Each of the ports can be used to connect to a switch or other router for device aggregation, as it supports Auto MDI/MDIX. The router is powered by an external PSU connected to the socket on the right side of the case.

Configuration

The router is configured via a convenient Web interface from any browser compatible with Internet Explorer.

Level One FBR-1411TX

The router has a configuration wizard that will help you quickly set the basic parameters of the device to ensure the operation of the network "here and now". The administrator can configure routing rules, access restrictions, log recording, internal MAC address, server installations, and so on in more depth, using the electronic manual, in which each configuration item is considered on clear examples.

Conclusions

The Level One fbr-1411TX VNP router is a clear example of how a single device can ensure the operation of a small office network, with the allocation of secure VPN channels for communication with partners, providing free access to online resources for customers and protecting the internal network from detractors using the built-in firewall. The development of production technologies leads to the fact that today the FBR-1411TX costs only about $ 115. For a small online store or an office of a private entrepreneur, this is not much, but a secure, well-configured network, without unnecessary restrictions, but protected from detractors, is worth no less than the confidential information stored in this network.

  Michael Degtjarev (aka LIKE OFF)
24/01.2006


Tags vpn level one router

New articles

Read also:

Impregnable NAS: hardening and protecting Synology

A modern NAS is quite capable of protecting itself from most attacks and guaranteeing not only the continuity of the service, but also the inviolability of the stored data. Even with minimal settings and following the manufactur...