Distributed and expanding companies are increasingly using VPN connections to access and share information between offices and branches. We test ADSL firewall routers that are designed for this purpose.
How we tested
One of the more important aspects of a firewall is to block ports used to exploit a system. Now with more than 65,000+ ports available on a system a firewall does a fair bit of port blocking.
In order to test just how well these firewall routers block ports we used Nmap, which shows how many ports the firewall leaves open by default.
You also expect a router/firewall to provide good logs, support for virtual private networks (VPN), and use Point-to-Point Tunneling Protocol (PPTP) with varying levels of encryption from DES, 3DES, and AES.
A firewall should also support blacklists -- databases of hacker or cracker friendly IP addresses and domain names that can be added to the firewall to explicitly block connections to and from these systems.
We invited all the major vendors to submit products and the ones that took us up on our offer were Cisco/Linksys, Netgear, Nortel, Allied Telesyn, Dynalink, and D-Link.