Need business class router that has built in web content filter for network of about 200 computers?

Posted on 2013-11-20
Last Modified: 2013-12-09
Can anyone recommend a good, reliable, router for me?  I want it to be reliable especially when DHCP is used, I need one that will do it's DHCP job accurately and not give me a million "IP conflict with another computer on this network" errors. (As what is happening now).  I'd like the router to also include built-in web content filter technology and preferably one in which you can customize the block page... the page that is displayed when you try to access a blocked website.  The infrastructure is like this:  150+ computers running Windows XP, one server running Windows Server 2003.  Wireless Access Points all over the building, many if not most of them are Apple Airstations and air port devices.  Any suggestions would be greatly appreciated.  Also, how difficult will it be to configure the new router to have all of the settings of the current router?  Such as working with all of the current access points and stuff?
Question by:Brent Johnson
LVL 18

Accepted Solution

Andrew Davis earned 167 total points
ID: 39664781
either watchguard, or Sonicwall. Would be my choice, Unless your are a Cisco engineer, which i am guessing you are not by your question.

However I am playing with Untangle at the moment and is worth a look. see

DHCP is a fairly simple task and just about every device handles the basic function with ease, so if yours is failing then i would expect there are more issues at play (network issues, Rougue DHCP servers). consider using something like from microsoft to find rougue servers. To block any rougue's you will need managed switch.
Why wouldnt you let the 2003 Server handle the DHCP? This is by far the best option.


Expert Comment

ID: 39665098

we use Fortinet products.
there are various configurations and hardware for different needs.

good luck!

Assisted Solution

kiwistag earned 167 total points
ID: 39665396
Fortinet are great products and I do like them.

If you are adventurous have a look at Mikrotik Routerboards. You can set up your own Layer 7 rulesets if you want but they are a different kettle of fish!
If you've never played with one and have small pockets then you're in luck as a basic one might set you back say $60 for 5x 100Mbit ports and a Level 4 licence. I use one at one office as the main router for 2x /21 subnets with DHCP. I only have a basic ruleset allocated (block P2P & say domains with the word 'porn' in the title, add QoS and Queue prioritising SIP/VoIP and run NTP services), but I have been a bit overzealous on the VPN and Firewalling side. They are a Linux backend so flexible but contain a lot more features than say you could pay for a $5k+ Cisco router.
LVL 16

Assisted Solution

vivigatt earned 166 total points
ID: 39665811
You can use any router that supports a recent dd-wrt firware (alternate/open source firmware).
dd-wrt is very powerful and reliable.
And cheap (free!)

Expert Comment

ID: 39666870
Also, I know of some Council offices even turning old desktops (dual core, etc) into content filters/proxys using either pfSense or ipCop.
ipCop is quite old now but very powerful. At a school we use it for 1,200 connections to a Gigabit Internet fibre connection and it runs very well. You can add in proxy caching addons line Upload acclerator so the likes of WSUS isn't as much of a priority as well as iOS updates.
i.e. a 2GHz Core 2 Duo with 2GB of RAM & a 40GB Hard disk is far in overkill specs for these but if the 'router' dies you just slap in another PC with an identical image/backup.

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question