February 10, 2015
I need to start out by saying that I've been a Netgear fan for a really long time, having purchased several of their products in the past. But while Netgear used to make really solid products that worked well, they've fallen into the trap of making terrible products that can't stand up to even the most basic of usage scenarios.
My love affair with Netgear began to fade shortly after purchasing several WNCE2001s and having them destroy my network. (You can read my review on those here.) I chalked that up to them being an old and discontinued product, but it started to chip at my confidence in Netgear's products. Then came this thing, the FVS318N firewall.
The firewall I had before this one was the FVS318G, and it was excellent - so much so that I immediately wanted something newer in the Netgear ProSafe line when it was time for me to replace it. And lo, I found the FVS318N and ordered it without hesitation.
My first mistake.
The firewall arrived, and I updated the firmware and re-entered my network configuration on the new device. (I should note here that I'm a full-time 15+ year IT security professional, so I know my way around firewalls and the like.) For the first day, the firewall worked great. The speeds were so much faster than I've been used to and it was a pleasure. But after the first 24 hours or so, the connection through the firewall became horribly unstable. 33% of connections began straight up failing due to random connection resets. I decided it was time to contact Netgear Support.
My second mistake.
I opened my support ticket on December 5, 2014. The first-level technician did some basic troubleshooting and had me downgrade the firewall's firmware to its factory state, then we upgraded to the penultimate firmware version to see if it was an issue with the latest firmware. Nothing helped, so the issue was "escalated" to engineering, who promptly came back and said that it was a DNS problem. A terrible diagnosis, as this kind of failure has nothing to do with DNS. (DNS doesn't interrupt existing connections, it serves to translate hostnames to IP addresses so that the initial connection can be made.) I followed their ridiculous recommendation and told them that wasn't the problem. They also asked me to spin up a syslog server and have the Firewall log to it, so I did that too.
That was on December 17, and that's pretty much where this issue stalled. I re-upgraded the firmware to more reliably reproduce the problem, and continued logging to the syslog server. On the 18th, I uploaded the logs to Netgear's support portal after reproducing the issue. On the 19th it was again "escalated to next level support" which is where everything died on their end. I requested an update on the 23rd and didn't get a response. I requested another update on January 5, and got no response until January 13, when Netgear requested access to a host on my network. Actually what they asked for was a host running Wireshark and PuTTY, at which point I told them I don't have any Windows machines but that I could give them access to a Linux machine with tcpdump and ssh available, and I asked if that was acceptable. On January 30 they agreed, so I immediately provisioned a brand new virtual machine and gave them access as of February 1.
That's where my ticket hit a brick wall. A week later (Feb 8) I updated the ticket saying that I hadn't gotten any response from Netgear and I needed an update because this firewall has crippled my network. I was told "Engineering is working on it" but the logs on the machine I gave them said otherwise. In fact, no one other than me had ever even logged into that box. Nobody in Netgear Engineering was paying attention to this issue at all.
So here we are today. I have a completely unusable firewall, and the company that makes it has absolutely no interest in fixing it. Additionally, I'm not the only one with this problem - I provided them several links to places on the Netgear forums from people who are having the same issue. Google yields even more people with the problem, and it's been an issue since the firewall was first released.
So yeah, no more Netgear for me. Ever. I would encourage you to stay away as well. They make terrible products and they have awful support standing behind their products. Don't waste your money or your time.
(10:12)
Search :: Previous Entry :: Next Entry