Zyxel USG-50, ZYWALL 50, USG-20, USG-20W, ZYWALL 20W specifcations

The ZyWALL USG 20/20W/50 Series is a high-performance, deep packet inspection

Anti-Spam features in one box. The multi-layered security safeguards your organization’s

customers and company records, intellectual property as well as critical resources from

external and internal threats.

Key Features and Benefits

High-performance gateway with all Gigabit Ethernet interface.

The ICSA-certified, stateful inspection firewall protects the network and

vital Internet services like e-mail, Web browsing, server services and file

transfers.

Use IPSec VPN to secure connections to branch offices, partners and

headquarters. Road warriors and telecommuters can use SSL or L2TP

VPN to securely access the company network without having to install

VPN software.

Bandwidth Management lets users prioritize time-sensitive applications

like VoIP and video conferencing.

The Anti-Spam feature can tag or discard unsolicited commercials or

junk e-mails.

User-aware configuration allows users to control access to applications

or resources and apply security scans by user or user group.

Multiple WAN ports let you use multiple ISP links and load balancing to

enhance traffic throughput, optimize bandwidth usage and help

ensuring continuous uptime if a link goes down.

USB ports are provided for 3G WAN connections.

ZyWALL USG

ZyWALL USG
20/20W/50

20/20W/50

Unified Security

Unified Security
Gateway

Gateway

Features

ZyWALL USG

ZyWALL USG
20/20W/50

20/20W/50

Unified Security Gateway

Unified Security Gateway

ICSA-certified Firewall

• Zone-based access control list

• Security zones

• Stateful packet inspection

• DoS/DDoS protection

• User-aware policy enforcement

• ALG supports custom ports

Hybrid VPN

• Encryption: AES/3DES/DES

• Authentication: SHA-1/MD5

• Key management: manual key/IKE

• Perfect forward secrecy: DH group 1/2/5

• NAT over IPSec VPN

• Dead peer detection/relay detection

• PKI (X.509) certificate support

• Certificate enrollment (CMP/SCEP)

• Xauth authentication

• L2TP over IPSec support

SSL VPN

• SecuExtender (full tunnel mode)

• Unified policy enforcement

• Supports two-factor authentication

• Customizable user portal

Bandwidth Management

• Bandwidth priority

• Policy-based traffic shaping

• Maximum/guaranteed bandwidth

• Bandwidth borrowing

Anti-Virus*

• Support Kaspersky Anti-Virus

• Stream-based Anti-Virus engine

• Zone base AV protection

• HTTP/FTP/SMTP/POP3/IMAP4 protocol support

• Automatic signature updates

• No file size limitation

• Blacklist/whitelist support

Intrusion Detection and Prevention

(IDP)*

• Routing and transparent (bridge) mode

• Zone-based IDP inspection

• Customizable protection profile

• Protect over 2000 attack

• Automatic signature updates

• Custom signatures

• Protocol anomaly detection and protection

• Traffic anomaly detection and protection

• Flooding detection and protection

• DoS/DDoS protection

Application Patrol*

• Application, IM/P2P, stream base media, VoIP

granular access control

• Detail access control of IM (chat, file transfer,

video)

• Application and IM/P2P bandwidth control

• User authentication support

• IM/P2P signature auto update

• Support more than 15 catalogs IM and P2P

• Real-Time statistical

• Maximum/guaranteed bandwidth

reports

Anti-Spam

• Zone to zone protection

• Transparently intercept mail via SMTP/POP3

protocols

• Blacklist/whitelist support

• Support DNSBL checking

• Statistics report

Content Filtering

• URL blocking, keyword blocking

• Exempt list (blacklist and whitelist)

• Blocks java applet, cookies and active X

• Dynamic URL filtering database (powered by

BlueCoat)**

User Licenses

• Unlimited

Networking

• Routing mode/bridge mode/mixed mode

• Layer 2 port grouping

• Ethernet/PPPoE/PPTP

• Tagged VLAN (802.1Q)

• Virtual interface (alias interface)

• Policy-based routing (user-aware)

• Policy-based NAT (SNAT/DNAT)

• RIP v1/v2

• OSPF

• DHCP client/server/relay

• Built-in DNS server

• Dynamic DNS

Authentication

• Internal user database

• Microsoft Windows active directory

• External LDAP/RADIUS user database

• ZyWALL OTP (One Time Password)***

• Forced user authentication (transparent

authentication)

System Management

• Role-based administration

• Multiple administrator login

• Multi-lingual web GUI (HTTPS/HTTP)

• Object-based configuration

• Command line interface (console/web

console/SSH/TELNET)

• Comprehensive local logging

• Syslog

• E-mail alert

• SNMP v2c (MIB-II)

• Real-time traffic monitoring

• System configuration rollback

• Text-based configuration file

• Firmware upgrade via FTP/FTP-TLS/web GUI

• Advanced reporting (Vantage Report)

• Centralized network management

CNM)

(Vantage

3G Support

• Advanced wireless security transmission with

WEP encryption and WPA/WPA2 support

*: Only for ZyWALL USG 50 and requires a valid subscription

**: Requires a valid subscription

***: Sold separately