A Practical Review of the ASUS BRT-AC828 Router installed for our Workplace
In case you didn’t know, the parent company of The Tech Revolutionist is T05 Technologies Pte. Ltd., which provides digital transformation services to businesses who are seeking to move from traditional business processes to structured and automated digital processes. The crux of productivity in any of today’s Small and Medium Enterprises is largely reliant on the office’s own reliable wired/wireless network for access to the internet. Our company was thus tasked to plan, develop and implement an affordable yet high performing network that supports up to 200 simultaneously connected network nodes. So we wondered, which router in the market will be able to handle such a heavy load, while providing seamless network experience to every user?
While most consumers worry about the core performance and speeds of a router, the considerations for a office and business set up are quite different. With a large number of clients connected simultaneously to a single router, we need to find out the actual routing performance of a router. Can the ASUS BRT-AC828 handle so many simultaneous connections? Can it ensure that no single client will hog the limited internet bandwidth that is provided by the Internet Service Provider? Will security of the network be compromised? Can we keep a proper audit log of the clients and monitor their usage? These are the questions which different stakeholders within a business will ask. Our job as system integrators is to ensure that these expectations and requirements can all be met by the ASUS BRT-AC828.
 |
| The ASUS BRT-AC828 was supposed to be mountable on a server rack with an aluminum mount, that is purchased separately. Sadly, there is no information on how integrators can get their hands on the aluminum mount. |
Our job was simple. We were required to set up a network that supports 80 wired network points and about 120 wireless devices. Based on some assumptions on requirements, the router is needed to handle the load of about 150 network nodes simultaneously at any one point. Moreover, the whole 170 m2 of working space has to be covered by wireless connectivity.
Most network planner with experience will likely deploy enterprise level network equipment from Cisco. However, as we deem that such a setup will not require that kind of performance, we decided to give the ASUS BRT-AC828 a try. Moreover, with the BRT-AC828, we are also getting additional features. These features include software firewall, DDoS protection, VLAN, VPN and many others. These additional features will cost a lot more if bought separately, as they are likely to be individual hardware equipment that have to be configured to work with our setup. It seems that the ASUS BRT-AC828 business router simply suited out requirements really well.
Our setup consisted of the following hardware:
- ASUS BRT-AC828 Wireless Router that supports Routing for the whole network
- 10 x TP-LINK TL-1024G Gigabit Network Switch for wired network nodes throughout the network
- 6 x Ubiquiti UniFi UAP-AC-LR Wireless AC Access Point
The router connects to an Optical Network Terminal provided by the Internet Service Provider. The subscribed plan was a 250Mbps fibre service.
Honestly speaking, setting up such a network can be extremely simple with the ASUS BRT-AC828. For starters, simply plug all network cables into the ports on the switches, while making sure that all switches are directly or indirectly connected to the router. With that, you would have already completed 70% of your work!
The ASUS BRT-AC828 will be intelligent enough to enable dynamic DHCP IP address allocation to any wireless or wired network devices. We will not go into the specifics of how we set up our network, as it goes beyond the scope of this feature review.
Do note that some images below have been edited due to privacy and security reasons.
Tracking and Auditing Features
For network administrators, it is fundamental to properly monitor the usage of all the different clients on the network. The ASUS BRT-AC828 achieves this requirements by having a dedicated Traffic Analyzer feature built-in its software. With the Traffic Analyzer, network usage information can be monitored from both the client or app perspective. This means that we can either look at specific individual network device, and find out what kind of websites or network services that are they are using. It can also look at individual type of network services that all the clients are using.
The image above shows the monitoring of data from a user perspective. This is a summary of all the users and the types of traffic that is going on in the network. Additionally, individual client’s traffic data can also be monitored with a filter list at the top right corner of the user interface. It could also be used in conjunction with the graphs to find out which network device is using up a lot of network resources at any one point of time.
We can also toggle to view network traffic information from an App’s perspective, and gain insights to the behaviours of the users on the network. For example, based on this graph, we can surprisingly know what most users serves content through HTTPS. From what we gathered, the top apps that were used are YouTube and Dropbox.
After monitoring the types of data that the users are accessing on the internet, we devised a plan to improve their network experience. In order to prevent any single device from hogging the entire network, we used the Quality of Service(QoS) software features that was included in the ASUS BRT-AC828. With QoS, we can limit the network resources that flows to every single network device. As we can see that most content is likely to be served over an internet browser, we will prioritize all web surfing packets with the Adaptive QoS feature. This will limit the bandwidth allocated to the network clients, so as to provide equal and fair bandwidth sharing between all network devices. Other QoS modes, such as Traditional QoS and Bandwidth limiting features are also available on the ASUS BRT-AC828 router.
The AiProtection feature could potentially be the feature that differentiates the ASUS routers from any other routers in the market. By working with Trend Micro, the ASUS routers are able to effectively nullify most network threats from devices both within and outside the local network.
AiProtection can also block and drop packets from infected device. From the logs above, we can see that a certain network client has been communicating with a remote blacklisted host at 163.172.81.35. This could be a computer that has been infected by a botnet virus and is quietly reporting back to its host server. By blocking these packets, we can effectively prevent any information about the local network to be sent to the botnet server, and also prevent other network devices on the same local network to be infected by the same malware.
With the built-in software firewall on the ASUS BRT-AC828, the network can be properly filtered. For example, if the network administrator wishes to disable a certain port number or application to prevent misuse of the network, they can do so by keying in the port number of those applications. The network administrator can choose to disable common BitTorrent ports to prevent users on the network to access P2P file sharing services, or common VPN ports for those who tries to circumvent the firewall with a VPN.
With the firewall feature, the ASUS BRT-AC828 also allows the filtering of different web content. In the case of our network setup, websites of adult content, violence and alcohol are blocked. This is achieved by comparing the address of the visited site with an established database of known sites. This feature can also be filtered through keyword, URL and application.
As the number of clients on the network increases, the broadcast domain increases as well. For the layman, if a broadcast domain is large, the performance of the network may decrease.As the name suggests, a broadcast message is sent to every single node on the network, mainly for internal network identification. If there are 240 network devices on the network, a broadcast message from one device will be sent to all other 239 nodes. Broadcast domain size thus has to be reduced, so as to decrease the effects of a broadcast message.
VLAN effectively allows the separation of broadcast domains. This is done by allocating a VLAN ID to a specific port on the router. All devices that are connected to this port will then have the same VLAN ID, and will have its own separated broadcast domain. VLAN tagging is also much more cost effective than conventional means such as physically separating networks, which requires additional routers to be purchased. With the ASUS BRT-AC828, you have the feature for free, built right in on the router.
The ASUS BRT-AC828 has a built in VPN Server and VPN client, supporting PPTP, OpenVPN and IPSec VPN protocols. The VPN service on the router is extremely useful in connecting two remote and separate networks together. For example, an office in Singapore can have direct access to the networked resources in the office at United States. This is done through establishing a VPN connection between the two offices. Yet again, the feature is also made free to users with the feature-packed ASUS BRT-AC828 router.
Even though we used a comprehensive set of features on the ASUS BRT-AC828 to accomplish a proper network within out office, the router had a lot more to offer. We will briefly discuss these features below.
Dual WAN – Understanding the network performance and reliability requirements of a business set-up, the ASUS BRT-AC828 prides itself with two WAN ports. These ports support link aggregation and failover features. I.E. If we have 2 x 250Mbps internet connection from the ISP, link aggregation will enable a 500Mbps connection to clients. If one of the connection fails due to the connection to the ISP failing, the failover function will automatically switch to the alternate ISP for uninterrupted connection availability.
User Grouping and RADIUS Authentication – For better accounting of users that are connected to the router, user groups can be configured together with a built in RADIUS server. This means that users will have to logon to the network with their own username and password for authentication. Individual access rights to the network can then be allocated to the individual user groups. A customizable captive portal could also be used for the RADIUS login page to further enhance the professionalism of the network setup.
Wireless AC – It’s odd that we did not focus much on the wireless features on the ASUS BRT-AC828, as this router is meant to perform extremely well with its built in Wireless AC2600 chip. It can reach up a total of 2.5Gbps just on the wireless interfaces itself. The 2.4GHz range can support speeds of up to 800Mbps, while the 5GHz range goes up to 1734Mbps. Both frequencies can also operate simultaneously as well. Based on the tests from ASUS, the ASUS BRT-AC828 managed to support 250 clients connected through wireless to the router at the same time! That is indeed impressive.
Supports 802.3ad LAN Teaming – 802.3ad allows multiple parallel physical lines to be set up for increased bandwidth between two devices. If a PC supports 802.3ad, having up to 4 separate Ethernet cables from the router directly to the 4 Gigabit Ethernet ports of the PC will open up a theoretical 4Gbps link. This feature could be useful when Dual-WAN ports are aggregated at their maximum 1Gbps speed. This results in a 2Gbps connectivity to the internet, which can only be supported by a PC with the 802.3ad LAN Teaming feature and a 2Gbps direct link.
M.2 Slot and File Server – ASUS BRT-AC828 also features a M.2 slot built right into the router. A SATA based M.2 SSD can then be used as a networked storage device. The router also supports SMB (Samba) and FTP services to share the attached storage. Do note that the storage devices can also be connected via USB and shared throughout the network as well.
|
Factor
|
Description
|
Score
|
|
|
Innovation
|
ASUS BRT-AC828’s innovation comes in bringing multiple enterprise level features into a single
consumer friendly package. This is probably the first in the world, and is extremely useful for its target market segment in the Small/Medium Businesses. |
10/10
|
|
|
Design
|
ASUS BRT-AC828’s
user interface design with ASUSWRT has made it extremely simple to manage the various features of the router. Traditionally, these services will have to be accessed via command line. Aesthetically, the router also looks great for home/office use, but the lack of the availability of the aluminium mount for server rack mounting could deter integrators from using this setup in their server rooms. |
8/10
|
|
|
Value
|
Enterprise level
features at consumer-friendly prices. Superb value for any Small/Medium Business Owners |
9/10
|
|
|
Average Score
|
9/10
|
||
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
Great review, thanks for sharing