Hi Lewis, Interestingly the port forwarding tab does not appear until Internet/Share a public ip address are selected, and then Advanced does show port mapping. I have never used that combination before now.
To answer your question.
Something like the Zyxel Zywall 2WG (edit: this is NOT a "modem" of any kind, you can't plug adsl into it)
http://www.zyxel.com/web/productfamilydetail.php?PC1indexflag=20040908175941&CategoryGroupNo=81AD76FF-54E8-484F-A2C5-4 B2C83DFD32B
can accept a 3g cellphone card for access to internet when/if the landline connection goes down. This is also useful if the LAN ever goes walkabout (travelling) like mine does.
From a security point of view it is my understanding that such devices offer more sophisticated protection represented by these words: "Based on Stateful Packet inspection and Denial of Service (DoS) technology...". When I read up on that (long ago, so now somewhat faded) it seemed to me that this is more than mere port blocking (or opening), it is the testing of incoming packets to decide if they are "attacks". The attack parameters can be configured or left to default.
Also you can configure (as I recall) the machine to email you with varying levels of report about its status and levels of attack: or even simply port accesses.
Such a device is massively more sophisticated than an Airport or Time Capsule. edit: in firewall terms at the very least
Do I think I needed it? No not really - except the Cellphone WiFi system backup and also ( a major point for me) is that it runs of 12 volts (which means a car battery- though regulated source would be a good idea)
It also offers multiple WiFi networks so you can have your own or put your voip wireless phones or whatever through a separate net.
Don't think it offers the 5gig network I just found my TC offers.
I am now playing with the TC setup and Server Firewall, so I'll be using these for the reason of simplicity until I have more confidence - and there's nothing but test data on the whole machine anyway.
If I had to stick my neck out to answer your question I'd suggest worthy of review is thatthe dedicated firewall offers "stateful inspection" and denial of service attack defence whereas the Apple items do not.
Anthony
Message was edited by: Anthony Mellor
Message was edited by: Anthony Mellor