Discovering Island Treasure
-
Like pristine shells half-buried in the sand, the Island router is full of treasure—little gems in the software that subtly make life easier. Here we identify a few that streamline the process for install, VLAN, and VPN setup. While these gems greatly benefit less technical installers, even techies appreciate simplicity.
-
INSTALLATION GEMS
A self-configuring dream machine
For all types of installation, Island strives to offer as fully an automatic set-up as possible. No need to worry about plugging a cable into the wrong port; Island’s four hardware ports are not assigned specific purposes. There is no set port to connect a WAN (Internet) versus a LAN (local network). Plug anything into any port, and Island figures it out.
A smooth router-replacement hand-off
When replacing an existing router, Island’s self-configuring mission reaches even further. With other router installs, the “new” router takes on a new IP address and subsequently assigns new IP addresses to all connected devices, which can result in tedious reconfiguration and disruptions as some devices may need to reboot. Island’s unique approach makes router replacement smooth and simple. However, it requires following a specific sequence of install steps. First, Island is plugged into the LAN while the “old” router is still operational; importantly, this step enables Island to observe and learn the existing network topology. Then, as soon as the old router is disconnected from the modem and Island is plugged into the modem, Island takes on the old router’s IP address and configuration, allowing connected devices to retain their previous IP addresses as well. Like an Olympic relay team expertly passing the baton, this hand-off occurs quickly and transparently, saving time and hassle for the installer.
Got VLANs? No effort needed.
Many existing home and business networks have been set up with virtual local area networks (VLANs), such as separate guest and private VLANs. Setting up VLANs enables an otherwise large network to be segmented into smaller, independent networks to save on equipment, manage smaller groups of like devices, and for security. Normally, replacing the router would require underlying VLANs to be reconfigured manually. Instead, Island automatically and transparently discovers and configures existing VLANs. Another gem: creating a new VLAN is simple as well, with an auto-configuration option that minimizes setup.
VPN GEMS
Island includes the WireGuard VPN protocol that provides for fast, simple, modern, and secure VPN tunnels; however, WireGuard itself provides no means to make configuration easy. To remedy the complexity, the Island team has written valuable software extensions to simplify Island-to-Island setup in these three usual areas of difficulty:
Public key use: Public keys are long and difficult to enter; Island substitutes this initial exchange with an easy-to-articulate secret (password) exchange.
IP address assignment: When dynamic addressing is being used, Island automatically manages assigning addresses to the VPN peer. Bottom line: nothing to do here, no IP-address lookup needed.
Route management: With Island-to-Island VPN, route management is a non-issue and occurs automatically.
REMOTE-ACCESS GEMS
Off-the-cloud access for total privacy. Remote access across the Internet to a device, such as a thermostat, typically requires either cloud-based management or the ability to discover the device, both of which create fundamental security challenges. Island provides a method for the app to discover and communicate with an Island across the public Internet, while keeping the existence of the Island totally obscured. By using a combination of public-key cryptography and one-way hashing, only authorized devices are allowed to communicate. In this way, remotely accessing your Island or any Island for which you have PIN credentials remains entirely out of the cloud, secure, and private.
A Device-Centric Approach
-
What can your router do for you?
Most customers are delighted with their latest IoT gadgets and the respective apps that come with them. But step back to the network level, the “world” view of your network. Who is keeping track of all these new gadgets coming online—and the old ones too? In the case of Island, it’s your router. And with an Island router, “keeping track” means a wealth of functionality: it finds and lists all your devices, shows you real-time and historical traffic, gives you dynamic or scheduled control over Internet browsing access and other privileges like VPN, alerts you to the network events you choose, and makes sure it all stays secure. Your router can thus give you complete visibility and control of your network from anywhere local or remote, ultimately making your life simpler.
-
What Your Router Can Do for You
Most customers are delighted with their latest IoT gadgets and the respective apps that come with them. But step back to the network level, the “world” view of your network. Who is keeping track of all these new gadgets coming online—and the old ones too? In the case of Island, it’s your router. And with an Island router, “keeping track” means a wealth of functionality: it finds and lists all your devices, shows you real-time and historical traffic, gives you dynamic or scheduled control over Internet browsing access and other privileges like VPN, alerts you to the network events you choose, and makes sure it all stays secure. Your router can thus give you complete visibility and control of your network from anywhere local or remote, ultimately making your life simpler.
The Hero-Router Philosophy: A Device-Centric Approach
The Island router thinks of your devices the way that humans think of devices: as separate entities that can stand alone, belong to people, or be grouped (and people can be grouped too). A device-centric approach means that any network function can be applied to just one or a group of them at a time. It stands to reason that to manipulate all these devices, they need to be easy to find and recognize. Fortunately, Island supplies tools to help.
The Key to Taking Advantage of Device-Centric Operation
The first thing you see upon installing an Island router is a list of every device it finds. The most important thing you can do after install to make your online life easy and useful is to name your devices, name people who will use the network (users), assign respective devices to them, and group devices and/or users according to common purpose. While naming, choose icons and colors where possible. For every device, you can assign a related icon—depicting a phone, desktop, printer, camera, light bulb, etc.—from an extensive list. For each user you create, you can choose one of sixteen colors; any device you assign to that user takes on that color in the app. For each group you create, you can assign an icon and a color, and devices assigned to the group take on the group’s color. (Devices not assigned to users or groups are gray.) From then on, viewing lists, graphs, schedules, privileges, or notifications is a snap—the combination of name, icon, and color immediately gives you clear, visual cues as to what is happening on your network.
Naming and Grouping Has Its Reward: Ultimate Online Ease
Depending on the size of your network, that initial device list can be long, numbering tens or hundreds of devices. It’s not unusual, for example, to find that a high-end residence may have 200-300 devices on its network. Wherever possible, Island uses fingerprinting techniques to help identify devices and assigns an appropriate, default device-type icon. As there are thousands of manufacturers world-wide making millions of IoT devices, however, some devices show up as serial numbers or codes that require googling for clues. Note that Island’s fingerprinting efforts may take a few days, as more information about a device is supplied the more often it is “seen” on the network. So, identifying every device can take a little time. Once accomplished however, the rewards are rich. You can be notified of any “new” device that connects to your network and can take appropriate actions. You can quickly see when devices, users, or groups are on or offline and monitor their activity. Most importantly, any action you need to apply to a device, user, or group can be accomplished swiftly with a tap or a swipe by simply bringing up the device’s name. Functions such as filtering, pausing, port forwarding, setting DHCP reservations, enabling UPnP, and more—suddenly become simple: no having to create and edit tables, to know and add IP addresses, or perform other onerous routines. In the end, the relatively short amount of time you spend naming and grouping devices rewards you with ultimate ease of use for the rest of the life of your network.
Security: The Sum of Many Elements
-
The 3 bedrocks of the Island experience are speed, security, and simplicity. The Island name was chosen to embody security, privacy, and peace of mind. Given that there is no product that can guarantee 100% security, the Island strategy is to provide the most robust security possible, focusing on the measures that have the most impact toward preventing the majority of cyberattacks, without imposing the complication of onerous configurations or compromising performance.
-
A 2024 study by Stanford Research shows that 88% of breaches involve human error, with phishing being the #1 attack vector—91% of attacks begin with a phishing email. So, to start with, we advise that home and small business owners train their users to:
• Create strong pins and passwords
• Recognize phishing tactics and avoid opening attachments or links from unknown sourcesIsland’s security features fall into three categories: 1) those associated with next-generation firewalls, 2) additional features that are expected of secure networks but not necessarily unique, and 3) features that are unique to Island.
Island Next-Generation Firewall Features
• A stateful firewall, plus advanced firewall features.
• Deep packet inspection (DPI): Island analyzes the content of packets at a deeper level.
• Application-level control: Island can identify and control applications running on the network, and provide access by device, user, or group.
• Intrusion prevention system (IPS): Island blocks all unauthorized incoming access, and blocks outgoing access to command-and-control servers and attempts to download malware. Bear in mind that a great many of the exploits that used to be handled by an IPS can no longer be detected within encrypted traffic.
• External threat intelligence and reporting: Island includes URL filtering with a continuously updated threat database from Webroot, and reports aggregate blocked threat attempts on a per device basis.
• Traffic analysis and Insights: The Island logs network usage by device, user, and group for up to 3 years, and dynamically displays the past 7-day window. Custom alerts can be set to notify if a device exceeds an average volume over a specified time, providing the tools for identifying and reporting unusual behavior by any device.
Not Included:
• Encrypted Traffic (SSL/TLS) Inspection: Island does not support this feature because of the complicated requirements imposed, such as the installation and maintenance of safety certificates on devices, the high penalty to performance, and the compliance and privacy concerns of users.
• Sandbox Analysis: Island does not flag and isolate potentially malicious files, usually email attachments, to test run in a separate environment for several reasons: sandbox set-up is complicated, further analysis (decryption, inspection, and re-encryption) takes time and delays message deliveries, false positives occur, and some malware code detects if it has not landed at its intended target, avoiding sandbox detection altogether.Additional Island Security Features
• Network Segmentation: Island supports up to 1000 separate LANs and VLANs, to effectively isolate guest, IoT, kids’, or departmental devices from one another.
• Unobservable DNS: Island offers several options for DNS, but by default, provides DNS over HTTPS (DoH). It provides a wholistic DNS for the entire network that cannot be bypassed, regardless of the configuration of individual devices. Importantly, it covers non-browsing, IoT devices (such as cameras, baby monitors, and thermostats) as well. Island’s DNS ensures privacy and protection from snooping and “man-in-the-middle” attacks that is not guaranteed when using other traditional DNS services, such as those of Google or of one’s ISP.
• Private NAT: Island enables the use of private IP addresses that are fundamentally invisible and unreachable from outside the network.
• New Device Notification and Quarantine: Island sends an alert when an unidentified device connects to the network; optionally the device can be placed in quarantine or a state of restricted access until identified.
• Out-of-the-Cloud Database: Island maintains all data pertaining to your network activity in local memory. Inventories of devices, user profiles, filters, network set-ups, and traffic and browsing histories live on your Island, both for performance and security reasons. Absolutely no one can access this data but you. And It’s always easier to protect your network data if it’s not traversing the Internet or living on a server in the cloud.
• Customizable, Two-level Alerts: Island automatically sends a “red flag” alert to the app upon an attempt by any device to connect to a site considered unsafe: botnets, keyloggers, malware, ransomware, and the like. With one tap, you can pause its access to the Internet. In addition, you can set up alerts based on URL visits, time on the Internet, volume of data used, or simply whether a device comes online/goes offline. So, each customer can decide what constitutes a security or privacy breach in their own network and be alerted accordingly.
• Integrated VPN: Island builds in VPN access to the entire network on a per-device basis without the burden of client software. VPN access is granted to any user or device only on a permission basis.
• Scheduled VPN or Internet Access: Once again on a per-device basis, VPN access or Internet availability in general can be scheduled by time, day of week, or start/end dates. During time periods of known or desired inactivity, this feature can preclude access altogether.Security Features Unique to Island:
• Totally Automated: Security features are integrated and enabled automatically at boot-up, without configuration.
• No Performance Penalties: Security features, including filtering and VPN, occur at wire speed and impose no speed penalties.
• Island Proprietary Software: While Island does use minimal open-source components, most of its software is proprietary and much harder to penetrate than open source code, which anyone can study to find entry points.
• Modular Architecture: Island’s code is unusually modular, creating natural impediments for malware to travel throughout the network.
• Isolated Kernel Stack Interface (Patent-pending): In a typical router architecture, the operating system and its many services, including TCP/IP stack, routing functions, NAT, and firewall, are all contained in a semi-monolithic kernel. Not only does a fault in any part of the kernel crash the entire system, but the kernel TCP/IP stack has complete access to all of the internal and external networks that are attached. In contrast, Island's operating system kernel, along with its TCP/IP stack, has no direct access to any network interface. Internally, the kernel is treated as a separate, virtual network and runs on its own private IP address. In this way, the dedicated packet processor is modularized and protected, where faults can be isolated and restarted gracefully.
• Automated, Non-disruptive Updates: Island’s modular architecture not only enhances security, but also enables modular firmware updates that normally produce no disruption at all; or, if needed, the packet processing engine can be upgraded with less than five seconds of down time.
• Designed and Assembled in the USA: Primarily non-intelligent components, such as the internal power supply, are sourced offshore for use in Island. All software is loaded onto Island routers only in-house in the U.S., removing opportunities for tampering.Item description
The Power of the Umbrella
-
The umbrella, a symbol of protection for 4000 years, evokes exactly the emotions the Island team intends to generate with its new router. The power of Island’s umbrella derives not only from the tone it sets, but also from the quality of its filtering database, the unmatched speed of its lookups, and its ease of use.
-
The Umbrella: An Icon of Security and Peace of Mind
In advertising, the umbrella icon is frequently seen shielding the consumer from rain or other calamity. Scenes of umbrellas on a beach represent not only protection from the sun but conjure up moods of relaxation and peace of mind. Even the tiny paper umbrellas in cocktails suggest an atmosphere of fun and whimsy. Since all of these feelings dovetail with the objectives of the Island brand, we chose the umbrella to represent a major security feature in Island: filtering.
Why Filtering Matters
Filtering is basically the ability to block users from browsing to undesirable sites on the Internet. A parent may want to block access to mature content from kids; a homeowner to keep objectionable content off their network altogether; and businesses to filter access for matters of security, legal protection against inappropriate content in the workplace, and productivity. According to PC World, more than 41% of small businesses now use content filtering, and with the current frequency of cyber threats, that number is sure to grow.
Power In Best-quality Filtering Operations
Island has incorporated a highly reputable filtering solution. Continuously updated in the cloud, the technology’s URL database scans and categorizes over 750 million domains and 27 billion URLs. Because Island includes high-capacity memory, it is able to keep a sizeable URL database resident locally; any request that is not checked internally goes to the cloud for lookup and is then added locally. Many competitive router brands warn the consumer that, if they turn on filtering (or parental controls), performance may suffer. Not the case here; Island takes pride in high-speed lookups that only add to the power of Island’s umbrellas.
Power Through Ease of Use
Note that automatically, every device on the Island is instantly protected from all manner of threat-ware (malware, spyware, phishing, and more) represented by the icon of a single umbrella. If filtering is desired for security purposes only, you’re done, and need not delve into filtering further. If additional filtering is wanted, Island makes it simple to set up. Filtering options are organized into eight major categories, each with subcategories. There are three pre-configured umbrella templates, each progressively more restrictive. You can view the pre-configured umbrellas and assign to users, groups, or individual devices with one click and a save. You can also tweak the pre-configured umbrellas to fit your needs, or thirdly, create entirely custom filters. Setup entails simply selecting allow/block buttons and does not require long manual entries or copy and paste. Such easy filtering setup and assignment makes the umbrella a powerful tool for keeping home and office networks safe.
Why Speed Matters
-
The most common time a user notices speed, or the lack of it, is when loading a page during browsing. If pages or links are slow to load, patience wears thin. If pages display quickly, it’s just plain gratifying. Perception of one’s entire Internet experience rests heavily on performance.
-
The most common time a user notices speed, or the lack of it, is when loading a page during browsing. If pages or links are slow to load, patience wears thin. If pages display quickly, it’s just plain gratifying. Perception of one’s entire Internet experience rests heavily on performance.
Unfortunately, to understand why Island is so much faster than other routers, we need to take a minute to talk transactions and packets, and how they affect performance. While factors like how fast the pipe is from your provider, how fast your PCs, consoles, or phones are, or how well the software programs you use are written, one large factor affects performance more than any other: the fact that the Internet has become extremely transactional.
What does that mean? It used to be that you requested a site page, and you received practically all the content back in very few exchanges of information with the source server. Today when you request a page, like a weather site for example, hundreds or even thousands of little transactions occur as ads are loaded, dynamic maps, animations, clocks, temperatures, and more are continually updated in near real-time. Every transaction, big or small, requires roughly the same amount of overhead. More frequent loading of smaller bits of information coming from a multitude of servers places an exponentially bigger load on performance than a one-time load of a large cohesive chunk of information. Then picture many users in one household actively hitting sites like weather or shopping or news simultaneously, or playing games…sometimes using multiple Internet-connected devices at once. Add to that all the devices like cameras, thermostats, and sprinkler systems now checking in for updates, and all the TVs and other devices streaming video. Result: transaction avalanche.
How Island addresses the performance degradation that is commonly caused by this avalanche of small transactions is exactly what makes Island a performance leader. For starters, enterprise-grade hardware—processor and memory components—have been selected for this product. But here is the most important factor in Island that maximizes performance: Island’s engineers have written its routing software from scratch. Island does not use standard open source, generalized software that practically all residential routers on the market use. That standardized software takes more than 400,000 lines of code, tons of which support outdated mechanisms. Instead, Island’s developers, with decades of network coding experience and award-winning products under their belts, have created an architecture unique to Island that uses roughly a tenth of the code used by open source software and optimizes handling of all packets, but especially small packets. Bottom line: Island’s software is simply way more efficient, giving Island a whopping performance advantage to handle the extremely transactional nature of the Internet today.