Zyxel ZyWALL 110, ZyWALL 310, ZyWALL 1100 User Manual

ZyWALL 110/310/1100 and USG20(W)-VPN

VPN Firewall

Networking brings convenience and efficiency to business environments;
however it introduces significant security and safety concerns at the
same time. Today, businesses or branch offices really need a complete yet
affordable solution that not only bridges communications between two
or more remote sites, but also connects multiple VPNs and ensures data
security to prevent the network from threats.

Benefits

Safer, more reliable VPN connections

Faster processors today have vastly boosted the capabilities of attackers
to decrypt VPN tunnels. Legacy VPN cryptographic algorithms like Message
Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA-1) are no longer sufficient
to guarantee secure outbound communications. With supports to the more
advanced Secure Hash Algorithm 2 (SHA-2), the VPN Firewall provides the
safest VPN connections in its class to ensure maximum security for business
communications.

The complete range of Zyxel VPN Firewalls deliver reliable, non-stop VPN
services with dual-WAN failover and fallback support. With two WAN
connections—one primary and one for redundancy—the Zyxel VPN Firewall
automatically switches to the backup connection should the primary link fail,
and automatically switches back to the primary connection once it is back
online.

Robust hybrid VPN (IPSec/
SSL/L2TP over IPSec)

Facebook WiFi, Intelligence
social media authentication

Auto-provisioned client-to-site
IPsec setup with Easy VPN

More secure VPN connections
with SHA-2 cryptographic

Device HA Pro dedicated
heartbeat port ensures smart
handover

Hotspot management for
authentication, access control
and billing

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

COMMUNITY

BIZ FORUM

To support dynamic, mobile business operations in today’s
BYOD (bring your own device) business environments, the
VPN Firewalls offer unlimited business mobility with Layer-2
Tunneling Protocol (L2TP) VPN for mobile devices. The
VPN Firewall supports L2TP/IPSec VPN on a wide variety
of mobile Internet devices running the iOS, Android and
Windows mobile platforms.

Zero-configuration remote access

Virtual private networks provide businesses a secure
and convenient way of sharing company resources with
partners, customers, or employees on business trips. Yet
typical VPN solutions are hard for non-technical users
to configure, which greatly reduces their usability and
convenience. The Zyxel VPN Firewalls feature Easy VPN to
provide auto-provisioned client-to-site IPSec VPN setup. A
wizard is available with the Zyxel IPSec VPN client-software
that automatically retrieves the VPN configuration file
from the remote Zyxel VPN Firewall and completes the
IPSec VPN setup in 3 simple steps. Zyxel’s Easy VPN lowers
administration effort and allows partner, customers, or
traveling employees to access company servers, email, or
data centers easily and securely.

Best TCO for access expansion

People expect network access regardless of time or
location. As a result, hotspots are in demand in an ever­expanding assortment of locations. The Zyxel VPN firewalls
integrated with Zyxel AP Controller technology enables
users from a centralized user interface. In addition,
Zyxel Hotspot Management delivers a unified solution
for business networks with user-friendly tools like Billing
System, Walled Garden, Multiple Authentication, 3rd Party
Social Login and User Agreement. With ZyWALL series
businesses can now deploy or expand a managed WiFi
network with minimal effort.

Swift and secure firmware upgrades

Locating firmware updates — not to mention identifying
correct versions for your device and managing their
installation — can be a complex and confusing ordeal. The
Zyxel VPN Firewall solves this with its new Cloud Helper
service. Cloud Helper provides a simple step to look for up­to-date firmware information. New firmware is immediately
made available upon release from our official database to
ensure its authenticity and reliability.

Simplified management procedure

Managing complex configuration settings can be confusing
and time-consuming. Zyxel USG 20-VPN and USG20W­VPN provides an “easy mode” setting in the GUI for
entry-level and SOHO users. Easy mode provides an icon­based feature set and attractive dashboard to simplify
management and monitoring of the device. Application
and function settings also have integrated wizards for user­friendly setup. Zyxel USG 20-VPN and USG20W-VPN easy
mode helps entry-level users and SOHO users effortlessly
take advantage of high-speed and secure networking.

Zyxel One Network experience

Aiming for relieving our customers from repetitive
operations of deploying and managing a network, Zyxel
One Network is designed to simplify the configuration,
management, and troubleshooting, allowing our customers
to focus on the business priorities. Zyxel One Network
presents an easy-to-use tool, Zyxel One Network Utility
(ZON Utility), to realize speed network setup. Zyxel Smart
Connect allows Zyxel networking equipment to be aware
and recognize each other and further facilitating the
network maintenance via one-click remote functions
such as factory reset or power cycling. Zyxel One Network
redefines the network integration across multiple
networking products from switch to WiFi AP and to
Gateway.

Stay secure and Up-to-Date with OneSecurity

Zyxel provides frequent and timely updates in response
to the latest security threats and advisories through
OneSecurity — our free online service portal. OneSecurity
offers informative network security resources and the
know-how to assist businesses and IT administrators in
keeping their network operations safe in the digital age.
Information and resources can be found with one click via
the GUI of Zyxel UTM Firewall series and ZyWALL series
products. IT staff can quickly and easily catch up on the
latest threats, and then proceed to walkthroughs and
troubleshooting protocols with the help of easy-to-follow
FAQs — all provided to help users secure their networks
and simplify management of our UTM products.

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

2

VPN Firewall Quick Finder

Model USG20(W)-VPN ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG2200-VPN

Description SB SB SMB SMB MB

Firewall Throughput (Mbps) 350 1,600 5,000 6,000 25,000

Max. Concurrent Sessions 20,000 150,000 500,000 1,000,000 1,500,000

VPN throughput (Mbps) 90 400 650 800 2,500

Max. Concurrent IPSec
VPN Tunnels

Content filtering (CF 2.0)

Amazon VPC

*2

Device HA Pro - Ye s

Hotspot Management

*1

Facebook WiFi Yes Ye s Ye s Ye s Ye s

*1: With Zyxel service license to enable or extend the feature capacity
*2: ZyWALL/USG still be able to support by CLIs

10 100 300 1,000 3,000

*1

Ye s Ye s Ye s Ye s Ye s

Ye s Ye s Ye s Ye s Ye s

*1

Ye s

*1

Activate once
registered

- Ye s Ye s Ye s Ye s

Activate once
registered

Subscription Services

The Zyxel VPN Firewall Series provides a complete feature set to perfectly fit different business requirements as well as
to enable the maximum performance and security with an all-in-one appliance. Comprehensive network modularity also
empowers IT professionals to customize the system to meet their individual needs.

Notes:

1. USG20(W)-VPN provides Anti-Spam & Content Filtering only

2. Hotspot Management supports for ZyWALL 110, USG110, or above in firmware ZLD4.25 or later.

Anti-Virus Anti-Spam Intrusion Detection

& Prevention

Application Patrol Content Filtering 2.0

Hotspot

Management

Device HA Pro

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 3

Key Applications

VPN application

• High-speed, high-security communications between local
servers, remote devices and cloud-hosted applications
with deployments of the ZyWALL Firewalls.

• Secure, reliable VPN connectivity with IPSec VPN load
balancing and failover features delivers high-availability
services for exceptional uptime.

• Easy-to-use, secure remote access via SSL, IPSec and
L2TP over IPSec VPN.

• The headquarter ZyWALL Series can also establish an
IPSec VPN connection with Amazon VPC for secured
access to leverage the benefits of cloud-base and to
expend on premise networks that extend into the cloud
center.

Amazon VPC

Branch

Office

Headquarters

ZyWALL 110

VPN Firewall

IPSec VPN Client

for Windows OS

Travelling
Employee

SSL VPN Client for

Windows/Mac OS

Travelling
Employee

IPSec VPN HA

IPSec VPN

IPSec VPN

SSL VPN

Travelling
Employee

ZyWALL 1100

VPN Firewall

IPSec VPN

L2TP over
IPSec VPN

USG20W-VPN

VPN Firewall

Hotspot management

• High speed internet access

• Tier of service

• Log record for regulatory compliance

• Premium security control

• Various Network access control (free or paid access,
social login)

*: Hotspot Management supports for ZyWALL 110, USG110, or above in

firmware ZLD4.25 or later.

Remote

Desktop

System

IPSec VPN

In-House
Staff

Network

Extend

BI

Web

Apps

Inventory

Server

OA, ERP,

CRM System

DMZ Resources

ZyWALL 310

VPN Firewall

SP350E

Service

Gateway

Printer

Access

Point

Login Login

Guest Network Staff Network

Hotspot Management

File

Sharing

Email

Server

Partner Office

Switch

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

4