Designing your Netgear LPC security rules

There are a couple of ways to design your security set-up using Netgear Live Parental Controls (LPC). It's important to consider your options before starting or you could find that some of your devices have too much or too little freedom to do what you want.

When setting up my system, I actually got it wrong the first time and had to change it. While that was a bit of a pain, the overall amount of lost time was minimal as making changes to LPC is very straightforward.

The most important concepts are these:

1. You have a base security level for your whole home
2. You designate specific devices to have different/special security levels

The trick is that for step 2 you need to use Netgear Genie, a piece of software that runs on Windows, Mac, iOS, and Android.

So let's step through 2 approaches...

Default Closed

I think that this is most people's default approach to security. Lock the whole thing down and then just allow individuals to do what they need on an approval basis.

In this scenario we:

1. Make the default network very secure (few or no permissions by default).
2. Allow specific devices to have lower security.

So let's say we have a family with 2 Adults and 2 Children (look, just like mine!). They each have 1 device and there's also a SmartTV in the house (or Sky+ box, Playstation, Wii, XBox, or other media streaming device). We want the Adults to have full Access and the Children to have limited access.

Here's what it looks like...

So this is working pretty well. The whole network is shut down and the children and adults are given appropriate permissions using Netgear Genie. The only potential challenge is that the SmartTV is restricted using the house defaults. If you want to ensure that your kids can't watch particular types of content on this device, that's great. If you want to be able to watch content freely on this device, it's not great.

Also, if you have a guest come to visit, they'll automatically inherit the closed default network unless you install Netgear Genie on their device and configure it for Child or Adult access.

This is how I initially set up my network. I realised its limitations pretty quickly and switched to the next option...

Default Open

Here we keep the overall network open and then lock down specific devices. Specifically:

1. Make the default network very open (none or few limitations by default).
2. Lock down specific devices to have higher security.

Same scenario with 2 Adults and 2 Children. This time it looks like this:

Here the Children and Adults end up with the same capabilities but any other devices on the network are automatically open. So streaming media will continue to work and any house guests will be able to access the Internet without hitting blocks.

Summary

The reality here is that Netgear LPC is totally dependent on Netgear Genie being installed on a device in order to establish an exception on the network. If you can't install Netgear Genie, then that device must use the default security of the network.

So if you have 2 SmartTVs, one in the Adult's room and one in the Children's, they can't have different security settings. Period.

This is a limitation of the system, but probably only a small one.

I'm using the Default Open setting at my house and it's working just fine.

What do you need to run Netgear LPC?

If you want to use Netgear Live Parental Controls (LPC) you need a few specific things…

• A broadband connection
• An LPC enabled Netgear router
• Netgear LPC Management Utility
• An account on the Netgear OpenDNS site
• Netgear Genie software (available for Windows, Mac, iOS, and Android)

I’ll step you through these in turn.

A broadband connection

Well, I hope this is obvious. I’m using a Fibre to the Cabinet (FTTC) connection that gives me about 72Mbps down and 12Mbps up. BT call this service Infinity but I get mine through the awesome Zen Internet.

My service is provided through a special FTTC modem that I plug into the router. If you have standard broadband, then you probably connect directly to the ADSL dongle attached to your phone jack.

Bottom line is that you ultimately need to be able to connect your router to your broadband via a standard RJ45 connector. You’ll have seen them before. They look like this.

 

You should be able to replace the router that comes with your broadband service (like the evil BT Home Hub) with another router without too much difficulty.

An LPC enabled Netgear router

LPC is specific to Netgear, but other router providers with similar systems are available.

I opted for a Netgear R6300v2. It’s a slightly higher end router with a stronger Wi-Fi signal that can cope with my 3-story, thick-walled Victorian house.

You can pick up one of these or other Netgear router from most high street computer shops and all the normal online stores, usually at a bit of a discount.

It’s important to note that not all Netgear routers support LPC. While most do, you will want to ensure that the Netgear router you’re considering does support LPC. Netgear puts the information right on the box (see below) and you can find it on their web site in the Features/Security section for each of their modems.

Netgear LPC Management Utility

As part of the installation of LPC, you’ll be instructed to install the Netgear LPC Management Utility.

It will help you to set up basic settings for LPC including:

• Turning on LPC on your router
• Creating a Netgear OpenDNS account
• Setting the default (basic) settings for LPC

I’m still not clear why it’s needed as you can do all these things without it. It’s recently disappeared from the LPC web page, so perhaps being deprecated by a combination of the Netgear/OpenDNS web site and the Netgear Genie software.

An account on the Netgear OpenDNS site

You’ll need an account on the Netgear OpenDNS site. This is where you set up all your default and custom settings for you and your family members, determining what and when individuals can access on the Internet.

It’s actually a subdomain on the OpenDNS site at netgear.opendns.com.

Netgear Genie software (available for Windows, Mac, iOS, and Android)

Netgear Genie is the new software used to configure both your router and specific device access. You might find references to the Netgear User Utility on web sites and forums, but this is no longer available and has been replaced by Netgear Genie.

You can download the current version on the Netgear LPC page.

This tool is a little peculiar and seems to cause a lot of people confusion. That’s because it does multiple things. The 6 main functional areas shown allow you to:

• Internet – see the status of the current router internet connection and recent usage, run a speed test against the netgear.com site (available to anyone)
• WiFi Connection – manage the local machine’s wifi connection (available to anyone)
• Router Settings – configure router settings (available to router administrators only, password protected)
• Network Map – review and name any devices on the local network (available to anyone)
• Parental Controls – configure basic parental controls with a link to the OpenDNS site for more detailed control (available to router and opendns.com administrators only, passwords required)
• ReadySHARE – Manage sharing of USB storage and printing devices via the router (available to router administrators only, password protected)

Installing and Using Netgear Live Parental Controls

I recently reached the point where I decided that being able to control my children's Internet use more closely would be a good idea.

My boys are 11 and 13 and access the Internet using a Windows 8 computer, Amazon Fire HD tablets, and Samsung Galaxy Ace phones.

The computer has always been installed with both desktop security (limiting software installation) and Microsoft Family Safety which allows me to monitor and control both application and browser usage.

But I found that after the boys had their mobile devices, the monthly broadband usage tripled. It seems they were quite enamoured of a few Minecraft specialists on YouTube and were spending huge amounts of time watching these videos, often when they were supposed to be doing other things.

In some cases we could just withdraw their devices, but both need them for communicating with friends (sometimes about homework) or for doing research for homework.

What is Netgear Live Parental Controls (LPC)?

Netgear LPC (www.netgear.com/lpc) is a tool that's built into many Netgear routers. It's been around for a few years and has changed a few times.

At it's core it has the ability to limit people on your network from accessing particular sites on the Internet. It does this using about 60 different categories of site that allow you to do things like:

• Protect everyone from phishing sites
• Ensure that your kids don't access sites with "Adult Themes"
• Keep kids away from "Time Wasters" like YouTube during the hours they're supposed to be doing homework

The categories are provided by a company called OpenDNS who ensure that all the web site classifications are up to date and provide the ability to set up different roles and times that individuals can or can't access specific sites.

The protection is provided for specific devices, meaning that you can protect computers, phones, and tablets.

Do Netgear Live Parental Controls (LPC) work?

The bottom line is that, yes, they work and work well. It's comprehensive and extremely flexible, allowing you to give the access needed to individuals or groups, and ensuring that guests can use the Internet as needed when visiting.

But while LPC are a great solution, Netgear's documentation is not good.

• My router came without software and detailed instructions
• Online documentation is badly out of date and refers to tools that are no longer available
• Documentation on the tools is non-existent
• The tools are not highly intuitive

So I figured I'd write a few short articles here on how to set up and run Netgear LPC. If you have any questions, please drop a comment on the relevant article.

Following articles are...

• What do you need to run Netgear LPC?
• Designing your Netgear LPC security rules
• Using OpenDNS to set up Netgear LPC bypass accounts
• Configuring individual devices using Netgear Genie

We find the defendant…

For the last 2 weeks I’ve been on jury service here in the UK. It’s been an odd, unsettling, and sometimes completely bizarre couple of weeks. But it’s also been inspiring and reaffirming that sometimes our bloated, overstressed systems actually do work.

What was it like?

Well, the whole set-up was completely different to what I expected. I figured that all the big cases happened at the Old Bailey and that Kingston Crown Court would be small, probably have just one or two court rooms, and see just 1- or 2-day cases.

I arrived to find a massive room of about 80 people waiting for their jury service. It was like a massive airport lounge but with fewer people standing close to the front desk trying to be the first ones through the doors.

They handed me a form telling me that they were starting a 10 week trial that day and that if I couldn’t sit on it, I had to tell them why. I’ve never been so pleased to have pre-booked travel in my diary as it gave me something concrete to include in my get-out-clause.

It turns out that there are 12 courts in Kingston covering a wide range of cases by type and length. I spoke to one lady who’d shown up to do her 2 weeks in January, was put (against the wishes of her and her company) on a long trial and had already been there for 13 weeks.

There’s an airport scanner at the front door and a security lock to get into the jury area.

They officially operate from 10am until 4:30pm with a fixed 1 hour break for lunch from 1pm to 2pm.

The jury waiting room is rows upon rows of comfy chairs. There’s an office for the jury staff, a quiet working area, and a small cafeteria. They give you a card which magically refills to £5.71 each day for your on-site “subsistence”. Though if you don’t spend it you get it back at the end of your service (try not to spend it all in one place!).

How did it work?

After they show you a short video with a few definitions and a bit of a “what happens in court” for anyone who’s never watched an episode of Law and Order, they tell you to make yourself comfortable and wait.

And wait you will. You could technically go your whole two weeks without getting a trial though that seems pretty unlikely given the sheer number of trials. It seemed that about 4 new trials started each day.

When they need a jury, they put together a jury panel by calling out names. That’s normally 15 people but for a long or complex trial could be many more. The jury panel is taken down to the court where everyone is waiting.

The defendant is in the dock behind a waist to ceiling glass barrier. The judge is on his/her bench. The solicitors are in their places. And they’re all wearing robes and wigs.

The court clerk randomly selects 12 who go straight into the jury area while the other 3 hang out. The defendant has the option of rejecting one or more jurors before they’re sworn in, so the other 3 act as alternates, just in case.

Once in place all the jurors need to be sworn in. The standard swearing in statement is Christian while holding a bible. The first alternate is an “affirmation” that’s almost the same but leaves out “Almighty God” and the bible. But they also keep copies of the Koran and other holy texts in the court with appropriate swearing in statements. After the jury’s sworn in the alternates leave and go back into the jury pool.

And then it just starts! No introduction. No preparation. Everyone was already there and waiting for the jury so they just get on with it. The prosecutor stands up, sets out the case, and calls the first witness!

What were your cases?

Over the 2 weeks I sat on three different cases.

The first was a case of violent disorder and conspiracy to cause criminal damage after an alcohol-fuelled rampage through a town centre. There were three young men on trial and others had already pled guilty in advance. We found them all not guilty on all charges.

This was quite a long trial and included CCTV evidence, statements from all 3 defendants, a Detective Inspector on the stand, and one of the defendants on the stand over 5 days. But mostly it featured the 3 defence solicitors (one for each defendant) bringing up points of law that the jury couldn’t hear. So on any given day we’d spend half the day in court, and half the day shuffling in and out, waiting around wondering if/when we’d get called back to court.

It also featured some really amusing points where the solicitors, witnesses, and even the judge were repeating things allegedly said by the defendants during the rampage. So we had educated people with posh accents saying things like “who’s on for a terrorize”, “who want’s some?”, and “the police ain’t fucking coming.”

We also enjoyed one of the defence solicitor who tried, during his closing, to make out that his client was “like the lead character from Schindler’s List”. He was there when the carnage was happening but he was the good guy trying to stop it. He even helpfully pointed out that director Steven Spielberg was Jewish!

The second was a case of sexual assault. We found the defendant not guilty.

This was a lot simpler due to a reduced number of solicitors; one for each side. But because of the nature of the case, over the 1.5 days it took to try it, we heard a fascinating set of language over and over and over again. There was a huge amount of “testicles”. Quite a lot of “foreskin” and “shaft”. And even some “ejaculation”. The term that really grossed us out was “scrotal gangrene”. And the winner for funny phrase of the two weeks was “he was the one who brought his penis into play” (twice).

The third case was about fraud and theft. What seemed like a simple case became quite complex due to the subtleties of the laws on fraud. But in the end we found the defendant guilty on 2 counts of fraud, and not guilty on 1 count of fraud and 1 count of theft.

In the jury room

At the end of the case after we’d heard every possible piece of evidence explained to us multiple times by the prosecutor, one or more defence solicitors, and the judge, we were packed off to a small room with a table and 12 chairs to consider our views.

I think they must make these rooms cramped and uncomfortable on purpose. You can’t leave except to go to one of the ensuite loos and they bring in a fairly pitiful selection of sandwiches at lunch (bring your own if you think you’re going to be deliberating). They won’t even bring in tea or coffee at any time except lunchtime! And of course you don’t have any electronic devices in the room at all so you’re completely cut off from reality.

If you don’t decide in the day they send you home at night and then lock you up first thing the next day.

Yet somehow in that environment, people display the very best of themselves.

In all 3 juries I sat on, my fellow jurors were reasonable, patient, open, sensible, honest, generous, logical, and willing to put their own personal feelings aside in order to consider the evidence presented and nothing else. The only real issues and arguments we had were when we were struggling to get our heads around the sometimes subtle and contradictory elements of the laws we were considering.

It amazes me that you can put 12 people from completely different backgrounds, educations, and even continents (I sat on juries with other expats from Europe, Asia, and South America) and still come to a unanimous decision on a complex matter after only a few hours.

And finally…

After two long and exhausting weeks my jury service is over.

I can’t say that I enjoyed it, but I absolutely think it was worth doing and I recommend that anyone who’s asked should do it rather than try to dodge it. It is inconvenient, but it’s an experience that you won’t get anywhere else.

The system of justice in the UK, like in many countries, is complex, laborious, and incredibly slow. My three cases were based on events that happened between April and September last year. For those involved in the cases, either as victims or defendants, that must seem like an eternity.

But ultimately, in spite of its flaws, the system seems to work. The defendants are absolutely considered innocent until proven guilty. The burden of proof is entirely on the prosecution. The judge ensures there’s no bad behaviour with an iron hand.

It may not be perfect, but it works.

Tonight's Tipple: Touraine Sauvignon, Les Hauts Lieux, 2011

After a short delay, here's the next wine review. We actually consumed this last week but I haven't had a chance to complete the article. And frankly the wine didn't enthuse us that much so I wasn't in a massive rush.

Today's wine is Touraine Sauvignon, Les Hauts Lieux, 2011 (£6.95 per bottle £83.00 per case of 12). This is a pure Sauvignon, which apparently is a little unusual these days, with most Sauvignon grapes being mixed with other varieties.

We served this wine with a really lovely Salade Niçoise and it went very well with the food. It has a strong, almost grassy style that we felt had a really old fashioned quality. We found that while it went extremely well with the food, it just didn't appeal on its own after we'd finished dinner (yes, it sometimes takes us more time than a midweek meal to finish a bottle).

The Wine Society describes this wine as "an elegant sauvignon that would give many a Sancerre a run for its money". I won't disagree with that or say that the wine was poor, but it definitely wasn't to our taste and we won't be returning anytime soon.

Tonight’s Tipple: Fiano Mandrarossa, Sicilia IGT, 2011

Last night’s taster was the Fiano Mandrarossa, Sicilia IGT, 2011 (£6.50 per bottle, £39.00 per case of 6).

The accompanying notes were quite detailed on this Sicilian wine. Apparently it’s produced by a cooperative in the hills around Menfi. Made from the fiano grape, the wine is sourced from dedicated vineyards using a computer-mapped traceability system. This is used to analyse sugar, tannin, and acidity to ensure that the grapes are picked at exactly the right time.

My first sip gave me a mouth full of acidity which was a bit of a shock and initially put me off. It does absolutely have the “hint of apricot and peach” as described which improved over time. I’m not sure whether the initial punch was due to what I’d been eating previously or if the wine wasn’t quite cold enough (it had been chilled for about 30min).

We were eating a chicken dish with a cream-based sauce and I found it to be an excellent accompaniment for that, with the fruit flavours and acidity helping to cut through the rich food. The Wine Society web site says it would go well with Spaghetti Puttanesca, Spanish Chicken Salad, or Macaroni Cheese, all of which I can see.

So a good wine to serve cold with rich food, but probably not something you’d want to have on its own.

Tonight’s Tipple: Viña Zorzal Graciano, Navarra, 2010

It’s a new year and that means it’s time to try new things. Just a few…

The Wine Society helped us out this year by including an article from Tim Sykes, their Head Buyer. He reviewed a range of current wines across many different types and varieties, all at fairly reasonable prices. Conveniently, the Society then offered up a discounted taster case!

Well, how could we refuse…

We started the case last night with the Viña Zorzal Graciano, Navarra, 2010 (£6.75 per bottle, £40.50 per case of 6). This wine comes from the Ribera Baja region in Navarra. It is made exclusively from graciano vines, which is one of the supporting graves in Rioja blends. The big difference from Rioja is that this wine spends a relatively short time in oak, only 4 months.

The tasting notes describe it as “a juicy, bracing red with herby, red fruit flavours and lots of character”.

We served it with a locally made beef and ale pie served with salad and it was well matched to the strong flavours of the pie. Having spent so little time in oak, instead of a strong, dry wine you end up with a massive fruit taste in an easy drinking wine that reminded me of a good Syrah.

We’re not connoisseurs, but we really enjoyed this wine and will probably consider picking up a half case in the near future.