Review: Cisco RV 120W Wireless-N VPN Firewall
January 03, 2011
Not all of the settings are easy to understand, and with a plethora of configuration options, it's definitely a large step up for those used to the more basic Linksys line. Still, the Cisco RV 120W is a capable, configuration-rich device that may well satisfy many VPN router and wireless needs for small businesses.
- Remote VPN
- Wi-Fi Multimedia (WMM) and QoS
- 2.4 GhZ (not dual)
- Only 100 Mbps on the LAN switch ports (not Gigabit)
The RV 120W is a mid-sized device measuring 5.91 in.(W) x 5.91 in. (D) x 1.34 in. (H), and weighing 1.10 lbs. The router includes one WAN port and a built-in four-port 10/100 Mbps switch. That's right, no Gigabit Ethernet on this switch, which is unfortunate as Gigabit Ethernet network interface cards are increasingly common (if not the default) on all new PCs and laptops. The 802.11n wireless radio has 2 omnidirectional 1.8 dBi gain external antennas, though the frequency is limited to just 2.4 GHz, so this isn't dual-band.
As the RV 120W is intended as an entry-level small business router, Cisco has provided a startup CD to help users get up and running. No real magic, but the step-by-step instructions make it crystal clear to users how to get the RV 120W operational.
As a bonus that router vendors sometimes ignore, Cisco enforces strong password strength restrictions for the administrator password as part of the initial setup. The quick setup also enables users to get a WLAN operational as well, also providing simple to follow instructions for having a maximum strength security key. As a nice touch, the setup also gives users the option to download their configuration and password setup.The only problem with the setup is how it ends. Instead of giving users the option to jump to the router's browser based configuration screen, setup abruptly ends after the WAN and WLAN setup is complete. Given the target audience for this router, it likely would have made sense at the end of the setup to either login to the router and/or give users the option to read documentation.
Digging into the administrative interface of the RV 120W shows the depth and breadth of the expansive feature set of the device. The only small downside with the admin interface is how it provides access to firmware updates. Cisco provides a button to check for firmware upgrades, however that button simply redirects users to the product page for the RV 120W. Once on the product page, you still need to actually click through to the downloads section and then manually figure out if the listed version of the firmware is newer than the one you have on your own RV 120W. It would have made more sense for this device to have a more streamlined mechanism to check to see if the firmware is up to date.
The status tracking and logging capabilities for the RV 120W are robust with no shortage of logging options. Logs can be viewed through the browser interface, emailed or sent to a remote logging location.
The networking capabilities of the RV 120W provide for both IPv4 and IPv6 connectivity. As IPv4 address space is becoming a scarce commodity, having IPv6 capabilities is likely a route that will becoming increasingly common over the next several years. With the RV 120W, Cisco is providing a really nice entry point to IPv6 connectivity, while still providing mechanisms for IPv4 content access.
Since IPv6 users will also still need to connect to IPv4 sites, there is a '6 to 4' tunneling option. The really helpful, embedded help menu in the RV 120W explains that automatic 6 to 4 tunneling will allow traffic from a LAN IPv6 network to be tunneled through to a WAN IPv4 network, and vice versa.
Firewall configuration on the RV 120W includes some basic attack checks to help prevent TCP and UDP packet floods as well as very limited content filtering capabilities. With the limited content filtering options, users can block Java, ActiveX or cookies all together, which likely isn't granular enough to make sense in most cases.
The device also has settings for trusted domains as well as blocking keywords which could come in handy, though both features aren't automatically configured or updated. So no, this device isn't in the unified threat management (UTM ) category and it won't serve as a substitute for a real intrusion prevention system (IPS ) or full fledged content filtering system.
On the other hand, the RV 120W does have very configurable Quality of Service (QoS ) options, including support for 802.1p, though the 802.1p support is not on by default. Not all traffic gets properly tagged for 802.1p, which is where the bandwidth shaping, or bandwidth profiles as Cisco call them, come into play. Bandwidth shaping is a common enough feature today, and the RV 120W has a setup that is relatively easy to enable.