The Addlogix Lan-Guard
Internet security continues to be a very hot topic, and everybody wants to feel safe and secure. It is no wonder, then, that there are hundreds of products to choose to spend your money on when you want to address internet security.
Most people opt for the simple and obvious anti-virus software. These days, Windows even tells you “You need to get anti-virus” through system alerts. As a tech support person for many non-savvy users, however, I’ve seen what can happen: even with auto-updates, anti-virus software can become ineffective very quickly, especially if someone forgets (or neglects) to pay the annual subscription fee or neglects to update to the latest versions.
Specifically, moms and dads and Aunt Sallys are good at this: Their copy of Norton Antivirus 2004 is still cranking along, saying it’s updated, but then you get the call and have to go over to their house and sit in their dusty bedroom for six hours fixing their malware woes. “Well what?” they say. “It was updating. I did what you said!”. And you sigh. And you facepalm.
Addlogix has unleashed the Lan-Guard in an attempt to solve this problem. It is a hardware security device that sits between the internet and your home network, updating, scanning ALL traffic, and keeping things safe and secure.
Hardware security appliances are nothing new. In the enterprise, hardware security boxes are the de facto standard, as they completely centralize management of all aspects of internet security, and they don’t bog down individual client workstations with resident programs that all require updating and maintenance. However, hardware security appliances have always stayed firmly in the enterprise because they are expensive.
A hardware security appliance is basically a PC, usually with a light Linux OS installed in firmware, has two network cards, and runs a suite of software to inspect every packet that crosses between them. Because of their nature, they require a CPU, RAM, some sort of storage, and of course two network cards.
Now that the perfect storm of super light Linux installs, super cheap hardware (like system-on-a-chip boards), and solid software has occurred, we can expect to see more and more appliances come down from the lofty stratosphere of five-figure pricepoints into the range of home users.
The question is, though, do they work? And are they worth it?
You may think that something like the Lan-Guard is complicated to set up and install, but it isn’t. They’ve done a very good job of making it as simple as possible if you have a standard home network—that is to say, you have some sort of modem (Cable or DSL box), and some sort of router. If you do have a standard network, the Lan-Guard just plops right in and allows you to configure it quickly with very simple instructions.
The first thing I noticed when I pulled out the simple configuration sheet, though, was that I don’t necessarily have a standard network. I have AT&T U-Verse, which combines the DSL modem and router all into one box. How, then, to insert a device in between them?
When evaluating a product aimed at this market, I always ask myself one question through every step of the way: Would my parents be able to do this?
That, right there, would have been a deal breaker for my mom or dad. No way would they have figured that one out. It would have been a phone call “Brian! What is this damned thing? I don’t have what’s in this picture!”
What I had to do was introduce the Lan-Guard between the router LAN port and the main switch for all the computers in my house; essentially putting another router after the router. So, my U-verse box gives the Lan-Guard some local IP, which the Lan-Guard thinks is a WAN IP, but whatever, it works.
Once I introduced the Lan-Guard into the mix, I had to renew the address on my PC; the Lan-Guard uses a weird non-standard Class C IP block: 192.168.188.x. Again, no real harm done, it works, so whatever.
The included instructions make it pretty simple: use a browser to connect to 192.168.188.9 and then log in with this username and password. Set the time, change the password, and you’re protected.
Could my dad do that? Maybe, maybe not. I have my doubts. That’s why they have us, though.
The interface is relatively standard; if you’ve ever been inside of a router configuration page, you’re probably not going to have any trouble inside this one. There’s a web demo available if you want to see it yourself. The username is admin and the password is 123456.
The customization options are very sparse. You can, for example, block applications such as torrents, AIM, or VNC; but not on a per-computer basis. This is not something you can use to block certain apps from your kids’ computers or on certain time schedules. There is an option called “webguard” which is either on or off; it “ensures that websites visited by clients on your network are not phishing or fake sites.” Whatever that means is beyond me; apparently you have to trust Addlogix to maintain a solid list of which sites are fake or not. You cannot access the list or add/delete sites.
The built-in anti-virus allows you to set the update schedule, and whether to scan executables or go deeper and search within ZIP files. Updates are handled automatically by Addlogix, and I could not find any details about exactly which anti-virus definition library it is using.
Well, everything was on, I was protected according to Lan-Guard. I started to browse the web to see if I could find any shady sites that the Lan-Guard would block. It occurred to me that things were feeling a bit sluggish.
I have a 24mb FTTN internet connection from AT&T. It blazes through almost everything. It’s very fast. Suddenly, it wasn’t feeling so fast. I fired up a speedtest, and was shocked at what I saw:
Internet speed with the LAN-GUARD installed
SEVEN megabits? That’s not right. I tested it again. And again. From several different servers and sites. They were all the same. About 7mb/s. Ouch.
I unplugged the Lan-Guard, reconfigured everything back to the way it was, and tried again:
Internet speed WITHOUT the LAN-GUARD installed
Double ouch. That was a pretty scathing indictment of the kind of performance hit you can expect with this device, despite the bold-faced claims on their website. This is why it is cheap, and not an enterprise-level security appliance. It introduces a significant performance hit to your internet speed if you have anything over an 8mb connection.
In all honesty, I can’t really recommend the Lan-Guard for anybody. I’ll be frank: it seems like one of those cheap Chinese devices that has been hastily translated and marketed here in America. They did an admirable job of attempting to make it as simple as possible, but the lack of options, the sense of misgiving I have about what exactly it’s doing, the cost, and the huge performance hit all lead me to just give up and say, nope; I wouldn’t even install this at my parents’ house. If this device were half the price, I could see it being somewhat effective for the person who says “I have a kid at home and I don’t know what to do what should I use?” but other than the most basic of basic internet scenarios, I’d skip this and go for something better. Hell, the much more well-known company D-Link has something that will do the same thing (except it offloads anti-virus to McAfee on the desktop) for about $20.
The Addlogix Lan-Guard is available now from Amazon for $129.99
Articles RSS