Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

ZyXel ZyWall

ZyXel's ZyWall USG1000 delivers a solid set of features, acceptable performance, and a surprising level of attack protection at a bargain price

Given its remarkably low price, the ZyWall is a terrific value. Nevertheless, we would gladly pay more for if it were a bit easier to set up and manage.

ZyXel's management interface is straightforward and distinctive. A tree of command families runs down the left side of the screen, while details are filled in through a tabbed interface on the larger right-hand side. Network settings, from interfaces to routing information and DDNS configurations, are available in the primary screen. Status information and configuration are available through the same interface; you see status in the main view, then click an icon to enter the editing process.

Remote access options are plentiful and flexible with IPSec, SSL, and L2TP VPNs available. With ZyXel's policy-based control, remote access becomes easier even if you've inherited a huge wash list of legacy remote offices. One of ZyXel's cooler options is the ZyWall P1, a portable USB-powered personal firewall and IPSec gateway. Instead of shoehorning troublesome IPSec clients onto already overloaded laptops, you can give this tiny box to your mobile users.

Small, not simple

The ZyWall gives the physical impression of being a simpler, "lightweight" UTM, but don't be fooled. First, it doesn't have wizard-based setup; you need to know what you're doing. Second, it's not terribly lightweight from the features standpoint, either. Although it doesn't come close to the Astaro's broad selection of possibilities, there's no shortage of options for protecting your network through the ZyXel interface. The shortage lies in the absence of wizards to ease the pain of bouncing among numerous screens for setup and configuration, and to keep naming and rules in the realm of best practices.

AppPatrol is an optional set of capabilities that allows you to set rules for common Internet-based applications, including VoIP, IM, streaming media, and P2P apps. Functions include restricting time of access for different groups of users, enforcing bandwidth quota against certain types of P2P applications, and prioritizing VoIP traffic to ensure best call quality over slow WAN links. These are standard features in an enterprise-class UTM device, but surprising in $3,400 product.

Anti-virus, intrusion detection and prevention, anomaly detection and prevention (abnormal protocols and flows), and content filtering are available through the Anti-X tabbed interface, with virus signatures from Kaspersky or ZyXel AV. Unlike many other UTMs on the market, ZyXel doesn't charge for anti-spam updates, so this box is an even better deal. The rest of the UTM features can be purchased either bundled or a la carte, depending upon your needs and level of paranoia.

Bargain bundle

As with just about every UTM we've ever touched, AAA functions are built in. In addition to LDAP and RADIUS back ends, Active Directory is supported -- a nice plus. The ZyWall provides an internal storage facility for PKI certificates as well.

Two ZyWalls can be set up to work together in a high-availability configuration with automatic fail-over -- a must-have in an enterprise setting. Surprisingly, the ZyWall even includes port aggregation, a throughput-maximizing feature missing from many higher-end units, including the SonicWall E7500 we tested.

The ZyWall USG1000 takes a backseat to Astaro and SonicWall in ease of setup and management, and it's far behind SonicWall and WatchGuard when it comes to performance. It stood up to the 200 VPNs we threw at it, but a couple dozen VPNs and a handful of travelers are more its speed. It would be a good choice for a branch office, large or small. Although the price might suggest that the ZyWall is a good option for very small businesses, the lack of a set of wizards for setup could spell trouble for inexperienced staff. But in the right hands, it's a terrific value.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Astaro, etwork, Kaspersky, Kaspersky Lab, SonicWall, USG, WatchGuard

Comments

1

Anonymous

Tue 23/06/2009 - 15:44

Cyberoam - UTM

Talking about Network Security, Cyberoam is also considered a very good UTM and offers all features which other UTM's offers.

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Book 3 - The Executive’s Guide to Managing Risks
    Every organisation has a mission. Most, if not all, organizations use information technology (IT) to process their information in support of their missions and reaching their business goals. Managing risks associated with the information and supporting technologies is a critical factor in successful organizational mission realisation.
    Learn more »
  • The Value of Information: Business Decisions
    Traditional data-storage approaches are geared toward delivering structured data to management and knowledge workers through business intelligence and performance management applications. But CIOs need to look at the enterprise information taxonomy in a much broader context. External and internal information has to be collected, managed, and provided to many internal and external stakeholders. In addition, storage capacity is challenged by an almost exponential growth of unstructured data, such as audio and video files.
    Learn more »
  • Printer Usage and Cost Management Strategies for the Australian Mid-market, an Unrealised Opportunity
    This whitepaper was commissioned to aid senior business and ICT decision makers of medium-sized government and corporate organisations, including marketing, finance, and technology executives to better understand the current use of print devices including copiers, printers and multi-function Page 19 Reproductions in whole or in part are prohibited. This whitepaper also provides insights into how current management practices can be improved to optimise investments and improve sustainability. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments

HP and IDG news, product videos and resources