Core Competence, Inc. Internet @ppliance Industry Report:
A Guide to Technology,
Products, and Deployment
David Strom, Inc.

WebRamp 300e

Workgroup Communications Appliance offers small businesses shared Internet access, remote/branch office connectivity, and traveler/teleworker remote access, using ordinary telephone lines and ISP dial accounts.

Price:
WebRamp 300e as tested $499; WebRamp 310e adds dial-in access and VPN for $699; WebRamp 310i adds 2 integrated 56Kbps modems for $849; Dial-In and VPN firmware upgrade available for WebRamp 300e at $349.

Contact:
Ramp Networks
3100 De La Cruz Blvd.
Santa Clara, CA 95054
Phone: (408) 988-5353
Fax: (408) 988-6363
Web: www.rampnet.com


Reviewed:
September 1998

WebRamp 300e

WebRamp products are geared towards those small businesses and branch offices which still use analog or ISDN modems to access the Internet. Ramp Networks offers easy-to-use shared Internet access for workgroups of approximately 2-40 users. Just plug the WebRamp into an ordinary telephone line, and your entire office will be web-connected in less than five minutes. It is an ideal first dial-up router.

What's inside?

We tested the WebRamp 300e, an analog bridge/router with an integrated four-port Ethernet hub along with serial ports that connect up to three external analog or ISDN modems. We also tested the M3iPlus, an older model that includes dial-in access and virtual private network support with a pair of internal 56Kbps modems. Successor products WebRamp 310e (external modems) and WebRamp 310i (internal modems) offer dial-in access and VPN features in late 1998. Each WebRamp can be used as a bridge or IP/IPX router for shared dial-on-demand to three locations, connecting everyone on your LAN to the public Internet or a private enterprise network. The WebRamp 310e and WebRamp 310i also support up to three dial-in sessions, providing remote access to travelers and teleworkers and branch office connectivity.

Setting up the WebRamp

A pocket-size installation card provides step-by-step, illustrated instructions on setting up your WebRamp. Plug in the power supply and connect your PC or hub to one of the WebRamp's Ethernet ports. To use the WebRamp 300e or WebRamp 310e, you'll also need at least one external modem and connecting cable. Plug a phone line into the internal or external modem, and you're ready to run EasyStart™ from the CD-ROM.

If you're creating a LAN from scratch, choose the Express Setup™ option; this modifies your PC's Ethernet settings to match the WebRamp's default private IP address with dynamic address assignment. If you're adding the WebRamp to an existing network, choose Custom Setup and decide whether to retain your own network addressing scheme. Click hear to view a larger image
Click on this image to view a larger one

EasyStart makes all necessary changes to both your WebRamp and PC, then offers to install Netscape on your PC. There are no special browser requirements, so skip this if you already have a browser. Finally, EasyStart will open your browser to the URL http://<ip-address-of-WebRamp> to configure your WebRamp.

Click hear to view a larger image
Click on this image to view a larger one
To connect to the Internet, you'll need to purchase a single-user dial account from an Internet Service Provider (ISP). Then, from the WebRamp home page, click on the Express Internet button to configure your WebRamp with the phone number, username, and password supplied by your ISP. From now on, the WebRamp will automatically call your ISP whenever any PC on your LAN tries to connect to the Internet.

Communication and Internet Services

The WebRamp offers a suite of communication services that will satisfy the network access needs of a typical 40-user LAN-based workgroup. It can address a full subnetwork (253 hosts) on the local LAN and forward traffic to other LAN-attached routers, but the number of users comfortably supported by the WebRamp is determined by the phone line(s) to which it is connected. For example, three 56K modems bonded together yield over 150 Kbps of downstream bandwidth. This throughput compares favorably to ISDN's 128 Kbps, although analog calls will take about 30 seconds longer to place than ISDN. You can still use external ISDN adapters or leased line modems with the external WebRamp models, and standard LZS data compression is also provided to further increase throughput.

Two flavors of multi-link bonding are available to combine dial connections into a single virtual data "pipe" that makes effective use of multiple modems. Industry standard MLPPP will bond two calls to the same number, if your ISP supports it. Ramp's patented method, called COLT, bonds up to three calls, placed to different numbers, using any ISP. We used COLT to boost bandwidth when web surfing with noticeable improvement. With either MLPPP or COLT, you can configure thresholds so that additional calls are placed only when needed to support a sustained burst of traffic -- for example, a lengthy file download.

The WebRamp can use multiple modems to provide simultaneous connectivity to different destinations. For example, a teleworker might configure one line to dial corporate headquarters, a second line to dial the local branch office, and a third line to dial the public Internet. Inactive lines remain free for dial-in calls, available as an option on the 300e and standard with other models. Click hear to view a larger image
Click on this image to view a larger one

To enable dial-in access, associate up to forty unique usernames and passwords with the modem(s) you wish to have answer incoming calls. Each incoming caller is authenticated, then supplied with local network and server addresses (see Security Features). Only three calls can be active at once; callback is also supported for added security. Individual policies can be applied to each user to authorize access to specific services like email, web, or file transfer. Documentation on CD-ROM provides illustrated example configurations that help you choose between bridging and routing, and to properly configure IPX when connecting Novell networks.

Network Address Translation maps the single address assigned to each call to private addresses used by hosts on your LAN, allowing many users to share one or more low-cost dial accounts. The WebRamp caches names and addresses learned from your ISP's DNS server, automatically assigned when calls are placed. Through additional menus, the WebRamp provides additional DNS, DHCP, and routing services and is easily integrated with servers on your own LAN or remote network. The defaults should work for most entry-level users, and more experienced administrators will appreciate having this control.

Security Features

No small business or branch office should connect to the public Internet or permit dial-in access without considering the security implications of doing so. All WebRamp products include default and customizable packet filters that are commonly used to prevent unauthorized outside traffic from entering your LAN, and dial-in products authenticate users with industry standard PAP and CHAP. But many businesses need to selectively enable limited access to internal hosts.

If you want to put a public web, file, or other server on your LAN and allow remote access to it, use the Local Servers feature to map the public IP address of your WebRamp to the private address of the server. Incoming traffic associated with the affected protocol (HTTP, FTP, etc) is redirected by the WebRamp to your server. Alternatively, if you want to make an entire computer accessible to users on the Internet, use the Visible Computers feature. You can configure one Local Server per protocol type, and one Visible Computer per ISP. But remember that doing so exposes these computers to greater risk; we recommend real caution using Visible Computer.

For increased security, Virtual Private Networking (VPN) is available as an option on the WebRamp 300e and standard feature on other WebRamp products. To use this feature, you will need Windows Dial-Up Networking on your PCs, and a Point-to-Point-Tunnel-Protocol (PPTP) server (for example, Windows NT with RRAS) in the destination network. Client PCs launch a "VPN Adapter" to create a logical connection -- called a "tunnel" -- between the client and server. (The new WebRamp 310 can also launch a shared tunnel automatically from the WebRamp.) The server authenticates the client, and all traffic exchanged between the server and client is encrypted to keep data private. Combine VPN with filters to provide a simple, modest level of security.

Other Notable Features

The WebRamp provides diagnostics that test modem operation and network reachability, as well as an event log and problem reporting utility that can be used to determine what's going on inside the box. You can import, export, or reset your WebRamp's configuration, and upgrade its firmware. While all management can be accomplished through a browser, a Telnet-accessible command line interface and a Simple Network Management (SNMP) interface are also supported.

Click hear to view a larger image
Click on this image to view a larger one

An essential ingredient in an access router is the ability to determine call status and quickly drop unwanted calls; the WebRamp provides for both. We'd also like to see the ability to monitor network statistics so we could understand how heavily our WebRamp is being used. Finally, if you're also looking for an email server, consider SLIMM (Seattle Labs Internet Mail Machine), an NT software product marketed as an add-on for the WebRamp, or pairing the WebRamp with the Cobalt Qube 2700.

Final Word

The WebRamp 300e is a natural fit for small businesses and branch offices seeking to connect simply and inexpensively to the Internet with ordinary phone lines. Power residential users and teleworkers can leverage the WebRamp to share a single phone line and Internet account. Multi-link support, packet filtering, and VPN features offer entry-level branch office connectivity.

Copyright © 1998 1999 Core Competence, Inc. and David Strom, Inc.
All Rights Reserved

No part of this report may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without permission in writing from the publishers.