Greetings,

I'm looking for some opinions and feedback. We are working on putting

together a SOHO project to allow our broadband users (cable or dsl) to
be
able to connect in to our system with a standard configuration. We
require
a router with 802.11g capabilities, a minimum of 3 RJ-45 10/100 ports,
the
ability to remotely administer the router and we would like the unit
to
support a print server. Does anyone have any feedback on devices that
work
well with Novell's BorderManager and have these requirements? I've
seen a
few posts and this page: http://nscsysop.hypermart.net/vpnnat.html
which are
helpful resources, I'm just looking for opinions for what others have
done
in their environments and for their users. Initially we will probably
only
have around a dozen users, but there are probably over 50 who could
eventually benefit from this and we don't want to end up having to
support
umpteen configurations. I've added our requirements below as we've
currently outlined them. Perhaps this information would also be
useful to
someone else.

Note that each line item is denoted "R" for a firm requirement or "U"
for a
useful feature.



1. General Objectives

1.1. R: Secure, manageable local area network

1.2. R: Connectivity to either cable or DSL modems

1.3. R: Sufficient connections for desktop PCs and network-attached

printers

1.4. U: Print server capable

2. Connectivity

2.1. R: (1) RJ45 10/100 wide-area network (WAN) port (connects to
the
cable or DSL modem)

2.2. R: minimum of (3) switched 10/100 RJ-45 LAN ports

2.3. R: wireless 802.11g capable

2.4. U: print server support

2.4.1. Pre-requisite: fully-functional Win2k/WinXP printer
drivers

2.4.2. DB-25 Centronics printer port

2.4.3. USB printer port

2.4.4. Wireless printer server support-e.g. HP WP110

3. Operations, Administration and Management (OA&M)

3.1. R: "Quick-Start" type of documentation will be developed to
facilitate the on-site installation and configuration of attached PCs
3.2. R: Allows our ITS helpdesk secure remote access to the router
3.3. R: Allows our ITS helpdesk remote access to support to the PCs
on
the SOHO network-pre-req: WinXP/Pro

4. Security

4.1. R: Network address translation (NAT)

4.2. R: Virtual Private Network (VPN) supported for both wired andwireless PCs

4.3. 802.11x wireless related:

4.3.1. R: WEP capable w/128-bit encryption

4.3.2. R: when properly set up, allows wireless laptops to
seamlessly
"roam" onto our wireless networks other than their native SOHO
environment
without reconfiguration

4.3.3. U: more stringent security features-pre-req: 802.11g

4.4. R: Able to restrict wireless access to PCs with specific MAC
addresses

4.5. R: Works separately or in conjunction with PC-based virus
scanning

4.6. R: Works separately or in conjunction with PC-based content
filtering/denial of access

4.7. R: Works separately or in conjunction with PC-based firewall

5. Target cost

5.1. Target price-point between $200-$500 per site for the complete

package


Thanks for checking this out, I look forward to your feedback.
Daniel Maxwell
Network Administrator
Word of Life Fellowship, Inc.
http://www.wol.org/