Check Point’s Safe@Office 225

We tested Check Point’s Safe@Office 225 device for comparison, even though it doesn’t support two active WAN connections. Relying on failover, the Safe@Office 225 aims at the company that wants back-up Internet access.

The metal box about the size of a VCR cassette packs plenty of features. Much like the SonicWall offerings, Check Point provides software add-ons to the basic hardware, so you can configure the system you need. For example, if you want remote management, Web filtering, e-mail anti-virus, or expanded logging and reporting, grab a price list for their subscriptions.

The box didn’t let us set the range for IP addresses doled out by the unit’s DHCP server, but at least the box sees other IP addresses, so it doesn’t give out addresses already in use. The Web administration application is clean and usable, if a bit loud with its orange and yellow color scheme. Firewall rules are set through a pop-up wizard, but without extra filtering modules the service options to control are slim (less than 10).

Our focus was on the failover capabilities, however. Unlike the other boxes tested, the Safe@Office 225 doesn’t plug both broadband modems into connectors on the unit. You must plug the broadband modems into a separate wiring hub (not included), and connect that hub to the WAN1 port on the box. We were fooled by the DMZ/WAN2 label on the front of the device and plugged the WAN2 router there, which doesn’t work but doesn’t give an error message, until we dug deeper into the 250-page manual and discovered the unorthodox connection method. Weird or not, it works. Usually the system fails over from cable to DSL automatically with no Web surfing delays, but occasionally the primary WAN link must be disabled in the administration to kick-start the failover. Streaming audio seemed to always hang up the failover process and forced manual intervention.

E-mail traffic always went to the cable modem WAN link, keeping SMTP traffic flowing. And because the box doesn’t support load sharing, no connections got linked to the slower DSL connection, as did some of the other systems where traffic actually slowed in load-balancing mode. But that also means two comparable broadband connections don’t provide any possibility of a speed boost, as they do on other boxes. About $900 online, the Check Point box will work well when failover is the most important goal, as when the two broadband connections differ widely in speed (such as cable and minimum-speed DSL).

Safe@Office 225 Check Point $900 Small, well known, and full featured; failover happens quickly, as does fail-back when WAN1 reconnects Load balancing not available; more software modules needed for complete system

Company:

Cost:

Pros:

Cons:

Back to review: “Double your broadband, double your fun”