Broadband connections such as DSL and cable
have found their way into consumers' homes, and will certainly help the
success of Internet telephony in the consumer-to-business marketplace.
Internet telephony companies such as DialPad.com (PC-to-phone), Net2Phone
(PC and phone-to-phone), and eStara (PC-to-business phone) can certainly
benefit from "bigger" pipes -- less latency and better VoIP
voice quality -- but "always on" broadband connections come with
increased security risks. Fortunately, companies such as UMAX have
developed firewall appliances for the home broadband user.
UMAX's UGate-3000 is an integrated Internet gateway and firewall with a
built-in, 4-port, 10/100 Mbps auto-sensing, dual speed Fast Ethernet hub.
The UGate-3000 can be seamlessly configured to use either cable or DSL
modems. It is a router designed to protect and secure your local LAN with
NAT and port filtering capabilities. Moreover, all the users can have
simultaneous Internet access via a single external IP address assigned by
an ISP.
INSTALLATION
We tested it with a cable modem setup. Installing the UGate-3000 was
child's play. Of course, we are a bit biased since we have installed
firewalls many times. Nevertheless, since this product is targeted at
novice home users with broadband connections, we tried to refrain from
using our experience and instead use the documentation manual as our guide
for installation. By reading the documentation, it was pretty clear how to
hook up the UGate-3000. An A/C power adaptor only fits in one spot, so
connecting this was obvious. The only confusion a "newbie" might
have is where to connect the cable or DSL modem, since there are six
possible RJ-45 network ports to connect to. Four ports are for connecting
up to four PCs, and are labeled numerically. One of the ports is labeled
UP-LINK and one of the ports is labeled WAN. The documentation clearly
states that the cable or DSL modem should be connected to the WAN port,
which is what we did. The UP-LINK port is for connecting (daisy-chaining)
to another hub, which we did not need for our tests.
Next, we connected PC #1 to the port labeled "1" and PC #2 to
the port labeled "2." We turned on PC #1, booted up Windows,
launched our browser, and our home page loaded immediately. Success! There
is one step we neglected to mention, and that is setting the PC to DHCP
client mode, which is clearly stated in the documentation. We did not need
to perform this step because the PC was already set to DHCP mode in order
to acquire an IP address when it was connected directly to the cable
modem's Ethernet port. However, if our PC was not set to DHCP mode, then
it would have been simple to change since the documentation once again
explains how to do this. In any event, installing the UGate-3000 was very
easy, which is important considering their target market.
DOCUMENTATION
While we were quite pleased with the installation, we were a bit
displeased with the documentation. We found examples of poor grammar and
capitalization errors scattered throughout the manual, as well as missing
and erroneous punctuation marks. There was also at least one occasion
where a word was missing. This, combined with other mistakes, made the
documentation a bit difficult to read.
Worse yet, there was an entire section towards the end of the manual
that seemed to forgo the concept of using periods to mark the end of a
sentence. It seems that part (if not all) of this documentation was
written by someone whose first language was not English (or else they had
a really bad editor). Considering that TMC Labs engineers had difficulty
deciphering some of the text, we assume that the less experienced home
consumer would have a tough time as well.
Despite the grammatical errors, we found the manual to be well
organized. It contained a table of contents, diagrams, and appropriate
screenshots, as well as a troubleshooting section. Were it not for the
large quantity of grammatical mistakes, the documentation might have
merited a perfect rating.
FEATURES
UGate-3000 can act as a DHCP server (auto-assign IP addresses to PC
clients), saving the time to configure each system on your network. As a
DHCP client on the WAN port, it is ready to receive its configuration
information automatically from the ISP. Also, certain ports on specific IP
addresses can be opened to allow WWW, FTP, and other Internet server
services on the LAN to be accessible to Internet users.
Other features include:
- Support for up to 253 clients.
- Support for Point-to-Point Protocol over the Ethernet (PPPoE).
- Independent operating system.
- 10/100 BaseT auto-sensing ports.
- Virtual servers and exposed PC option.
- Easy-to-use Web interface for setup and administration.
- Upgradeable firmware.
- One year of free dynamic DNS service powered by TZO.COM.
- Link and activity lights for each port.
- Support for Road Runner ISP with special logon setup screen.
OPERATIONAL TESTING
The UGate-3000 features a Web-based administration interface. We typed in
the default IP address (192.168.0.1) and the main Web configuration screen
loaded. The factory default is "no password," but a password can
be specified via the Web interface to prevent unauthorized changes to your
configuration. We should also point out that we could have changed the
default IP from 192.168.0.1 to 10.0.0.1, which is another popular internal
LAN IP address assignment used.
For the more advanced, you can assign users to specific groups and then
block specific ports for any particular group. Also, a "virtual
server" feature is built in, which allows users to host LAN services
such as an FTP server, Web server, and Web cam to Internet users. Simply
by specifying which port number is assigned to which internal IP address,
any traffic coming in on that port will be directed to that address. 192.0.168, 4 is a Web server since it is assigned port
number 80, the standard port for HTTP/Web traffic.
By itself, this "virtual server" is pretty neat. A friend can
type in the IP address of your UGate-3000 and view your Web page or see
video from a Web cam. However, since your IP address assigned by your ISP
is often dynamic, you would have to tell your friend your new IP address
each time. If you had your own domain name, such as www.mydomain.com, then
that certainly is much easier to remember even if your ISP assigns a
static IP address.
Fortunately, the UGate-3000 has a unique feature called Dynamic DNS.
The one year of free dynamic DNS service, powered by TZO.com, allows the
user to get a domain name (yourname.UGate.net) for their UGate-3000. Used
in conjunction with UGate's virtual servers feature, this allows any user
to run their own Web, FTP, e-mail, chat, and other servers from either a
static or dynamic IP address. The free dynamic DNS can also be upgraded to
a private domain for less than $60 a year.
Another interesting feature we liked was the "Exposed Host."
This feature allows you to enter a single IP address, which is
"exposed" to the outside world. Essentially this allows all
Internet traffic to pass through unfiltered by the UGate. This is useful
for troubleshooting purposes and playing online games, as well as getting
around any VoIP firewall issues. We do not recommend leaving this feature
on since it leaves your internal LAN unprotected (at least one PC anyway),
but it was a useful feature nonetheless.
We tested PC #2 and it was also able to surf the Internet. Running
Winipcfg.exe revealed that PC #2 was assigned the next available IP
address. Finally, we wanted to test the internal LAN performance on the
UGate-3000, so we simply copied a file from PC #1 to PC #2 and determined
the average throughput to be about 3,400 Kbps.
ROOM FOR IMPROVEMENT
We noticed that the UGate-3000 generates a lot of heat. We were
concerned that it might have a short life expectancy since heat is the
enemy of any chip circuitry. A small internal fan or ventilation slits in
the case might help reduce heat. As previously mentioned, we would like to
see the grammar and punctuation fixed in the manual. We would also like to
see a method of viewing some network statistics on a port-by-port basis.
For corporate environments, this would help identify the "bandwidth
hogs."
We were testing some Internet applications that were using some unknown
ports. It would be helpful if the UGate allowed us to monitor connections
real-time or log which ports are being accessed. This would help us figure
out which ports to unblock instead of having to unblock all ports or
expose a host PC.
CONCLUSION
Some documentation issues notwithstanding, the UGate-3000 is a fine
product. TMC Labs was impressed with the UGate-3000's nearly plug-and-play
installation as well as components of its innovative feature-set, such as
the virtual server, exposed host, and ability to register your own domain
name. TMC Labs highly recommends the UGate-3000 for any broadband user
looking for a turnkey firewall solution to protect the LAN as well as
provide Internet connectivity for multiple PCs.
[ Return
To The November 2000 Table Of Contents ] |