ZyXEL Communications USG-20, Datasheet

Page: 2 / 4

ZyWALL USG
20/20W/50
Unified Security Gateway
ZyWALL USG
20/20W/50
Unified Security Gateway
ICSA-certified Firewall
• Zone-based access control list
• Security zones
• Stateful packet inspection
• DoS/DDoS protection
• User-aware policy enforcement
• ALG supports custom ports
Hybrid VPN
• Encryption: AES/3DES/DES
• Authentication: SHA-1/MD5
• Key management: manual key/IKE
• Perfect forward secrecy: DH group 1/2/5
• NAT over IPSec VPN
• Dead peer detection/relay detection
• PKI (X.509) certificate support
• Certificate enrollment (CMP/SCEP)
• Xauth authentication
• L2TP over IPSec support
SSL VPN
• SecuExtender (full tunnel mode)
• Unified policy enforcement
• Supports two-factor authentication
• Customizable user portal
Bandwidth Management
• Bandwidth priority
• Policy-based traffic shaping
• Maximum/guaranteed bandwidth
• Bandwidth borrowing
Anti-Virus*
• Support Kaspersky Anti-Virus
• Stream-based Anti-Virus engine
• Zone base AV protection
• HTTP/FTP/SMTP/POP3/IMAP4 protocol support
• Automatic signature updates
• No file size limitation
• Blacklist/whitelist support
Intrusion Detection and Prevention
(IDP)*
• Routing and transparent (bridge) mode
• Zone-based IDP inspection
• Customizable protection profile
• Protect over 2000 attack
• Automatic signature updates
• Custom signatures
• Protocol anomaly detection and protection
• Traffic anomaly detection and protection
• Flooding detection and protection
• DoS/DDoS protection
Application Patrol*
• Application, IM/P2P, stream base media, VoIP
granular access control
• Detail access control of IM (chat, file transfer,
video)
• Application and IM/P2P bandwidth control
• User authentication support
• IM/P2P signature auto update
• Support more than 15 catalogs IM and P2P
• Real-Time statistical reports
• Maximum/guaranteed bandwidth
Anti-Spam
• Zone to zone protection
• Transparently intercept mail via SMTP/POP3
protocols
• Blacklist/whitelist support
• Support DNSBL checking
• Statistics report
Content Filtering
• URL blocking, keyword blocking
• Exempt list (blacklist and whitelist)
• Blocks java applet, cookies and active X
• Dynamic URL filtering database (powered by
BlueCoat)**
User Licenses
• Unlimited
Networking
• Routing mode/bridge mode/mixed mode
• Layer 2 port grouping
• Ethernet/PPPoE/PPTP
• Tagged VLAN (802.1Q)
• Virtual interface (alias interface)
• Policy-based routing (user-aware)
• Policy-based NAT (SNAT/DNAT)
• RIP v1/v2
• OSPF
• DHCP client/server/relay
• Built-in DNS server
• Dynamic DNS
Authentication
• Internal user database
• Microsoft Windows active directory
• External LDAP/RADIUS user database
• ZyWALL OTP (One Time Password)***
• Forced user authentication (transparent
authentication)
System Management
• Role-based administration
• Multiple administrator login
• Multi-lingual web GUI (HTTPS/HTTP)
• Object-based configuration
• Command line interface (console/web
console/SSH/TELNET)
• Comprehensive local logging
• Syslog
• E-mail alert
• SNMP v2c (MIB-II)
• Real-time traffic monitoring
• System configuration rollback
• Text-based configuration file
• Firmware upgrade via FTP/FTP-TLS/web GUI
• Advanced reporting (Vantage Report)
• Centralized network management (Vantage
CNM)
3G Support
• Advanced wireless security transmission with
WEP encryption and WPA/WPA2 support
*: Only for ZyWALL USG 50 and requires a valid subscription
**: Requires a valid subscription
***: Sold separately
Features