Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
Four crazy tech ideas from Google's Solve for X project
Obama 2012 campaign playlist revealed courtesy of Spotify
Oracle buying Taleo for US$1.9 billion in direct hit at SAP
Amazon attacks Apple: You get 3 Kindle products for price of iPad 2
Pre-rendered pages highlight latest Google Chrome release
Microsoft exec: Lync-Skype integration a 'compelling opportunity'
The future of hypervisors
/

Soft vs. hard routers

By Steve Janss
Network World, 12/18/00

The idea that Cisco's products are "hardware based" when compared to the two software-based routers reviewed here is a little misleading. Cisco's routers contain a power supply, internal bus, memory (main), storage (flash), a processor and an operating system — just like any PC. They also have specialized network cards (contained in "modules") capable of handling just about every connection imaginable. In short, Cisco's hardware is nothing more than a specialized computer with modular plug-ins. The major difference is that Cisco's operating system (they call it an "IOS") includes the routing software, whereas the softrouter products we reviewed operate on the Windows family of operating systems. As a result, compatibility problems between the various subsystems of a Cisco router are all but nonexistent. Here are some other comparisons:

Soft routers: Doing more for less
How we did it
A note about NAT
WinRoute Pro installation notes
Soft vs. hard routers
NetResults
Subscribe to the Product Review e-mail newsletter

COST: Cisco routers will run the small to midsize organization anywhere between $300 and $6,000, depending upon the number of and throughput support of subnets, the type and speed of the uplink, the security options and whether you need voice support. Let's take one of the more common routers in use today — the Cisco 4500-M. Its throughput capabilities are similar to the systems we tested. The 4500-M supports one 155M bit/sec ATM OC-3 Module, two T-1 ports supporting up to 2.048M bit/sec and up to 16 128K bit/sec low-speed ports. An 800-MHz PC can handle this much bandwidth, which is hardly surprising. Although the 4500-M's components are optimized to do just one thing — route —its Reduced Instruction Set Computing processor is only 100 MHz, and its main memory tops out at 32M bytes. If you compare the cost difference for the memory alone, 256M bytes of PC-133 memory for high-end Pentium III's cost just $100, less than one-twentieth the cost per megabyte for that used in the Cisco router.

However, cost isn't everything, and appearances can be deceiving. The 4500-M has a lot of advantages over a comparably equipped software/PC product, including more built-in LAN and WAN protocols, optimized WAN services, and the ability to centrally install and manage your internetworking infrastructure. Besides — you'll gain a greater uptime rating with a Cisco or other mainstream router product than you will with one that runs as an application or a service on Windows. It still costs $2,000 more than either of the softrouters (including the server hardware) we reviewed, and that doesn't include hiring the services of a Cisco-certified installer. Before making a decision, first consider the target market.

PRODUCT POSITION: Tiny Software's WinRoute Pro is more appropriate for a branch office, while Vicomsoft's Internet Gateway is lends itself toward the corporate office, particularly because it can handle multiple connections from branch offices, or even dial-up users (via a pooled remote-access server). Some corporations are beginning to take their workgroups, with their specific security requirements, and throw them behind software-based network address translation (NAT) routers such as these.

Can either product handle the needs of a large corporation, say, with 5,000 users or more? Many such corporations often connect to the Internet with nothing more than one or two T-1 lines, for less than 5M bit/sec bandwidth. Both products can handle up to six times that throughput on a fast PC. Still, Internet Gateway limited itself to 1,024 users if DHCP was being used, and WinRoute Pro's e-mail services would add significant overhead if used by more than a few dozen people. Whether you would ever use either of these products in that large and diverse of an environment would depend entirely upon your current and future internetworking needs. Most such corporations would require the significantly more diverse capabilities delivered by Cisco's line of higher-end routers.

RELIABILITY: If you installed these products on a clean system, with the latest service packs and security patches, and didn't load any other software, and enabled NAT, they'd be just as secure as any offering by Cisco. The "blue screen of death" is a phenomenon usually related to cutting-edge video cards (and their newly written drivers) or buggy network card drivers.

Although NAT was originally designed for IP consolidation and conservation, it doesn't operate from within the operating system, but installs itself between the hardware layer and the IP stack, and so has unfettered access to and control over all packets before they can be of any harm. The result is increased security. NAT is integral to Internet Gateway and WinRoute Pro, while Cisco uses NAT in its IOS with full NAT capability in IOS Versions 12.0 and beyond. Both implementations adhere to RFC 1631, which describes IP NAT in detail.

Cisco's depth of experience in internetworking is clear in its implementation of NAT because it not only hides the IP address of internal users from the outside, but it can also hide the IP address of external source addresses from those on the inside, which is a good way to keep key internetworking resources hidden from potentially malicious employees.

If you want to keep the bad guys out of your network, there's really no difference between the two in terms of their level of security. Even Cisco's use of NAT in PIX is fundamentally the same as its use in its IOS. Still, Cisco's routers are significantly better at resisting denial-of-service attacks, mainly because Cisco's IOS is both the operating system and the routing/security software in one package. Not only is this far more condensed and less complicated than Windows, but it also tends to be significantly faster, and can be quickly updated by Cisco whenever it learns of a new type of attack — much like Symantec can update its virus definition files several times an month. The Cisco approach is far more condensed and less complicated than Windows, and tends to be significantly faster. It also can be quickly updated whenever Cisco learns of a new type of attack — much like Symantec can update its virus definition files several times an month.

RELATED LINKS

Janss is the president of Jansys Information Systems, a consulting firm that specializes in IS technologies for small businesses. He can be reached at bizcom@jansys.com.

Soft routers: Doing more for less
WinRoute Pro and Internet Gateway offer more than IP routing.

How we did it
Our testing methods explained

A note about NAT

WinRoute Pro installation notes

NetResults

WinRoute Pro
Detailed product info from Tiny Software

Internet Gateway
Detailed product info from VicomSoft

Subscribe to the Product Review e-mail newsletter

Archive of Network World reviews

Send this article to a colleague

Recipient's name:

Recipient's e-mail:
 Your name:

Your e-mail:
Comments:

Feedback

Tell us your thoughts on this article or the issues raised in it. We'll cc: the author and editors on all comments.

Comments:

Name:
E-mail address:

Can we post your comments in an online forum on the topic?
Yes No

What did you think of this article?
Very useful Somewhat useful Not at all useful

Would you want to see:
More articles on this topic
Fewer articles on this topic

Thank you! When you click Submit, you'll be taken back to this article.




Send to colleague

Feedback
Tell us your thoughts on this article or the issues it raises.

Today's News

Kyocera adds color to its smartphone

Windows Media Player holes could expose PC

Preparing for split, Palm names new hardware CEO

TECHXNY - Sharp shows slim ultraportables

TECHXNY - Lexmark shows two all-in-ones


Responsible for insuring the safety of your network?

NWFusion offers two FREE security e-mail newsletters to help you keep your enterprise network secure.

Click here to sign-up.

Advertisement:


Editorial Partners program
Three free and easy ways to bring Network World's in-depth editorial content to your own Web site.
Learn more


  Copyright, 1995-2002 Network World, Inc. All rights reserved.