We do this exactly for large companies with many small offices that they don't want to manage individually. We limit the number of offices in a minimum order to 10. This was a hard lesson. We started off dreamy-eyed with onesies and twosies but were rapidly buried under a sea of "and it also has to...".

We'll do smaller numbers if a customer really wants it but the price per month of any number of units 10 and under is $950/month. (So we bill for 10, even if they only use 2)

The shocking truth we discovered about this market is that it doesn't matter if its one location or a thousand, one computer or 10k, each customer requires about the same amount of work on a monthly basis. If you control the router, you are the defacto first-call for any trouble in the office/home. They've outsourced their IT, and its you.

For the curious, we deploy a custom baked read-only Centos distro on compact flash running on Soekris boards. When more oomf is needed, we move up to lanners. Wireless radios are 'CM9" A/B/G atheros.

If you want to make a go of it, you can fully kit out at http://www.netgate.com (1)

Its not really a "startup" in our classical HN definition as it scales most linearly and only works as well as your best engineer, but I'd be happy to answer any questions from people who are interested in working this type of angle, or even doing some development for your own particular flavor. (2)

(1) I don't have any affiliation with netgate beyond getting to know the guys down there and really appreciating all they did to help us get going.

(2) I've been kicking around the idea of a home version coupled with a distributed VNC powered helpdesk for several years now but haven't found the right group of people/motivations to make a go of it yet. The numbers are hard (very), but the market would be limitless.

Hearing you describe this had me envisioning the following shrink wrap product:

buy "Secured home router"

plug in cables

turn on

launch web browser

captive portal configuration screen

configuration goes through common steps, advanced options buttons for those who know what they're doing, one of which is an option for 1 month free software upgrade/virus/malware/firewall administration, 3/6/9/12 month subscription rates and sign-up process.

Actual functionality is: firewall provides reasonable QoS parameters for a shared internet connection and prioritizing traffic in a manner that benefits user-interactive applications (HTTP(S) over p2p, etc.), dns blackhole for known malicious domain names, updating firewall rules for blocking known bad IPs (stolen abandoned blocks, etc.), captive portal style page hijacking for sites known for malicious content (with an ignore this warning button), software updates, configuration backup to a central server.

The main issue I can think of is that the end user wants to feel like they're completely uninhibited on the internet. The problem is that to protect against most real threats, there's trade-offs and you'll have a 5-10% error rate for blocking traffic the user really wanted. This means that support would be a difficult cost to overcome, but I think a url on the system that resolves locally to the router to provide a "what problem are you having yes/no" style troubleshooter could help prevent a large number of complicated call ins.

All in all, this sounds like a really interesting problem with two sales domains: target the consumers directly and target ISPs looking to have another value-add to their internet products.

Yeah. This is pretty much what I'm thinking about. The core feature is, "I get to solve this 'want stuff to work in my house' problem and live my life without learning how to configure QOS, etc"

>the end user wants to feel like they're completely uninhibited on the internet.

People I know are more concerned that they're unsafe because of their set-ups.

"problem with two sales domains"

I hadn't thought much about the indirect sales model, and this might be where the money is long-term. I'd also argue that hard-to-use routers are likely the root cause of many telco consumer tech support calls. Perhaps the value in the telco reselling such a solution would be to reduce its own costs.

Interesting. I had hoped (perhaps erroneously) that a lot of fixed-cost effort in building a great configuration system could significantly reduce the need for hands-on customer service.

I have a Harmony remote. The software doesn't ask me about remote control protocols, or any other technical stuff. It just asks me what the model numbers are of the boxes in my family room. Then, it configures activities (Watch TV, DVD, etc.) based on that and configures the remote so that it works. The magic is the large database of A/V equipment so the user doesn't have to specify the details.

I'd like the configuration software to observe my traffic and notice that a particular computer is talking to backblaze. It should ask me if I'd like to make sure backblaze can run really fast without affecting other activities and then just make it happen. I shouldn't have to configure QOS settings using an iptables script I found one a guy's blog (to that guy, thanks a million!).

Could you elaborate on your setup ? In particular how does it compare to a modem feeding into a managed switch.

Are you building a small-form-factor computer running pfsense (or something) with a wireless radio baked in ?

By the time you get to managed switches, the cost of the device and the overhead to maintain it means that the location usually has an IT person to handle this. This is not our target demographic.

A Soekris board is a very small Geode based i386 computer with 4 network ports. It has one usb 2.0, one minipci and one full sized pci. We use the pci for the "modem" device (T1 interface, cable modem, dsl card), the minipci for the wireless radio "bake in" and the usb for local storage. The OS boots and runs read-only from a compact flash card inside the case.

pfsense was too limiting, we use 4 gig CF's with full centos 5 server distros for maximum utility.

Here's the mainboard we use http://www.soekris.com/net5501.htm

Here's where we get the broadband interface cards: http://www.sangoma.com/products/

All the wireless cards and antennas come form netgate, as previously mentioned.

Hmmm. Sounds like I need a big blog post about bootstrapping this kind of business for those interested. Stay tuned.

Have you ever played around with DD-WRT? http://www.dd-wrt.com/site/index

Grab yourself a WRT54G (or WRT54GL, L for LINUX) and you won't regret the combination :D

I have a total of four DD-WRT routers in my house. One is the "main" router, and the others exist to provide wireless distribution to devices lacking WiFi (DishTV box, etc.). It works well enough, but it's way too hard to configure. Just finding the right distro on the dd-wrt site is enough to prevent 99% of the US population from using it. Would you like the version with Kaid? std, min? Who knows?

OpenWRT is more configurable than DD-WRT.

you might also look at http://www.fon.com/. The Fonera 2.0 is close to the service you describe. The Fonera routers are built with OpenWRT, coincidentally.

Upvoted for Fonera. These guys have added value to the router. I haven't looked at their site enough to know if they have made security/configuration easy.

You want one of the routers that can run a third party Linux router distribution. Take a look at:

http://www.myopenrouter.com/

The Netgear WNR3500L with DD-WRT firmware is as close as you're going to get for a reasonable price (about $100 USD).

Edit: The feature list for DD-WRT is here:

http://www.dd-wrt.com/wiki/index.php/What_is_DD-WRT%3F#Featu...

I don't doubt that there are many solutions that are great feature-wise. What I want is something easy that works. It's now mindless to connect a Windows 7/OSX/whatever computer to a WiFi network, but setting up such a network in one's own home in a secure way is too much to ask of my relatives.

The innovation isn't in features, it's that you don't have to work in IT to have enough knowledge to configure it. Home networking is not a problem most people want to think about. They just want it to work.

We have a "dual fuel" HVAC system. It switches between electric and gas for heat depending on the outside temperature (electrical heat is very efficient in fall/winter given our relative fuel costs). The HVAC guys had all sorts of suggestions on how to tweak out additional savings by adjusting various parameters (temp for fuel cross-over, +/- range allowed in home, etc.) and were very excited about the possibilities. I just wanted the control unit to figure out what some reasonable settings were and to monitor performance.

This is similar to Meraki's remote management for wireless APs. http://meraki.com/products_services/cloud_controllers/enterp...

Yeah. This is the kind of thing I'm talking about except for consumers who have a few devices in their homes.

PfSense or m0n0wall for something basic, you supply the hardware.

There is untangle.com also, they may have something closer to what you are looking for.

Upvoted for untangle. This seems like a business version of what I envisioned.

The distros are nice, but my relatives aren't going to get past the homepage. The product I want isn't for me so much as for the people whose routers I've set-up/managed over the years.

And how much would you like to pay per month???

$5? $10? I'm not asking for hands-on support. All I want is a nice web interface with a bunch of wizard-like, goal-oriented config tools.

Grab an old PC and go with PfSense, or you can use Vyatta. Both are open source. What would be awesome is if we could all just get rid of NAT completely with IPV6, and never have to worry about port forwarding or anything like that again!

A fanless EPIA 500 with OpenBSD on a CF card.