Du er her

ZyWALL USG 100

Spar
16.00%

3,125.00 Kr

(Ink. moms)

Designet til brug i små og mellem virksomheder.

USG serien er den 3-generation af ZyXEL's ZyWALL serie.
USG 100 er en kræftfuld firewall, med indbygget deep packet inspection.
Firewall'en er designet til små og mellem virksomheder. (10~25PC'er)
Den har indbygget SPI Firewall, Anti-Virus, (IDP), Content Filtering, Anti-Spam, og VPN (IPSec/SSL/L2TP).
Op til 50 samtidig IPSec VPN tunnler, samt 2 SSL VPN (Op til 5 med licens).

Brug for hjælp med opsætning, ring til vores support på 20307545.

Beskrivelse Features Specifications

Beskrivelse

Unified Security Gateway for Small and Medium-sized Companies

Secure connectivity

Given the prevalence and importance of information technology (IT) systems today and the nature and scale of both the opportunities and risks associated with significant deployments of new networking technologies, organizations are forced to evaluate solutions to build up a safer infrastructure to secure online transactions, in which involve exchange of valuable information. The infrastructure should be tailored to meet operation requirements for expanding remote sites as well as mobile teleworkers.

Network resilience

ISP links broken, hardware and software failure on the gateway, dead VPN tunnels—these are severe challenges IT staff face when designing the network infrastructure. In short, we need to take fault tolerance on the network path into consideration when build up a highly available network infrastructure for non-stop operations.

Proactive protection

The evolving Web environment not only makes managing appropriate surfing and bandwidth use more difficult, but also introduces new security threats for the filtering functionality to pinpoint on. The ZyWALL USG Content Filter leverages the next-generation Web filtering technology by combining URL filtering and anti-malware technologies into a collaborative cloud defense architecture powered by BlueCoat, which is capable of protecting user productivity while blocking malware downloads and Web threats.

Manageability

With ZyWALL USG and Vantage CNM (Centralized Network Management), users can achieve the following objects to reduce operational costs:

Easy VPN management and diagnostic capability
Complete security policies and UTM management
Active monitoring, alerting and comprehensive graphic reports

Policy compliance

With numerous file-sharing (P2P) and Instant Messaging (IM) applications, it is easier for company employees to share files and chat online during work hours. Rapid file sharing not only compromises network safety with the sharing of questionable files containing malicious viruses, but may also violate copyright issues and create legal hassles.

Features

Firewall

ICSA-certified firewall
Routing and transparent (bridge) mode
Zone-based access control list
Stateful packet inspection
User-aware policy enforcement
SIP/H.323 NAT traversal
ALG supports custom ports

SSL VPN

Clientless secure remote access
Support reverse proxy mode and full tunnel mode
Unified policy enforcement
Supports two-factor authentication
Customizable user portal

Intrusion Detection and Prevention(IDP)

Routing and transparent (bridge) mode
Zone-based IDP inspection
Customizable protection profile
Protect over 2000 attack
Automatic signature updates
Custom signatures
Protocol anomaly detection and protection
Traffic anomaly detection and protection
Flooding detection and protection
DoS/DDoS protection

Anti-Virus

Support Kaspersky and ZyXEL Anti-Virus
Stream-based Anti-Virus engine
Zone base AV protection
HTTP/FTP/SMTP/POP3/IMAP4 protocol support
Automatic signature updates
No file size limitation
Blacklist/whitelist support

Application Patrol

Application, IM/P2P, stream base media, VoIP granular access control
Detail access control of IM (chat, file transfer, video)
Application and IM/P2P bandwidth control
User authentication support
IM/P2P signature auto update
Support more than 15 catalogs IM and P2P
Real-Time statistical reports
Maximum/guaranteed bandwidth

Anti-Spam

Zone to zone protection
Transparently intercept mail via SMTP/POP3 protocols
Blacklist/whitelist support
Support DNSBL checking
Spam tag support
Statistics report

High Availability

Active-Passive mode
Device failure detection and notification
Support ICMP and TCP ping check
Link monitoring
Auto-Sync configurations

Content Filtering

Social networking control
Web security—Security threat category (powered by BlueCoat)
URL blocking, keyword blocking
Profile base setting
Exempt list (blacklist and whitelist)
Blocks java applet, cookies and active X
Dynamic URL filtering database (powered by BlueCoat)
Unlimited user licenses support
Customize warning messages and redirect URL

Networking

Routing mode/bridge mode/mixed mode
Layer 2 port grouping
Ethernet/PPPoE
NAT/PAT
Tagged VLAN (802.1Q)
Virtual interface (alias interface)
Policy-based routing (user-aware)
Policy-based NAT (SNAT)
Dynamic routing (RIP v1/v2, OSPF)
DHCP client/server/relay
Dynamic DNS support
WAN Trunk more than 2 port
Per host session limit
Guaranteed bandwidth
Maximum bandwidth
Priority-bandwidth utilization

Authentication

Local user database
Microsoft Windows active directory integrate
External LDAP/RADIUS user database
Xauth over RADIUS for IPSec VPN
Forced user authentication (transparent authentication)
IP/MAC address binding

System Management

Role-Based administration
Multiple administrator login
Multi-Lingual web GUI (HTTPS/HTTP)
Object-based configuration
Command line interface (console/web console/SSH/TELNET)
SNMP v2c (MIB-II)
System configuration rollback
Firmware upgrade via FTP/FTP-TLS/web GUI

Logging/Monitoring

Comprehensive local logging
Syslog (send to up to 4 servers)
E-mail alert (send to up to 2 servers)
Real-Time traffic monitoring
Built-in daily report
Advanced reporting (Vantage Report)
Centralized network management (Vantage CNM) manageable

Specifikationer

Performance and Capacity

• SPI firewall throughput: 180Mbps

• VPN AES/3DES throughput: 90Mbps

• UTM throughput: 30Mbps

• Concurrent sessions: 20,000

• New session rate: 1,000 (sessions/sec)

• Simultaneous IPSec VPN tunnels: up to 50

• Simultaneous SSL VPN tunnels: 2/5 (included/max)

Security and Authentication

• Anti-Virus: Stream-based AV engine

• Dual support: ICSA-Certified Anti-Virus and Kaspersky Anti-Virus

• Supports HTTP/SMTP/POP3/IMAP4/FTP

• Automatic Signature Update

• No file size limitation

• Blacklist/Whitelist

• DoS/DDoS prevention

• ALG supports SIP/H.323, FTP, IPSec, L2TP, MSN, PPTP and RTP

• Access granularity: ip/port/location/user/group/time/network quota

• Customizable security zone

• Force user authentication (transparent authentication): user-aware access policy management

• User database: RADIUS, LDAP, Microsoft Active Directory and local user database

• Application Patrol: Portless application management

• IM/P2P application management: blocking, scheduling, rate-limiting bandwidth

• Intrusion Detection and Prevention (inline mode or bridge mode)

• Zone-based, customizable protection profile

• Traffic anomaly for scan detection and flood detection

• Protocol anomaly: HTTP/ICMP/TCP/UDP

• Malformed packet protection

• Signature-based L3-L7 deep packet inspection

• Automatic update for latest signatures

• Custom signature supported

• VoIP over VPN

• URL blocking, keyword blocking, exempt list

• Blocks Java Applet, cookies, Active X

• URL filtering by querying dynamic database

VPN

• Route-based IPSec VPN

• Hardware-Accelerated encryptions: AES, 3DES, DES

• Authentication: MD5, SHA-1

• Key management: Manual key/IKE

• PKI: PKCS #7, #10 & #12

• Certificate enrollment: CMP, SCEP

• Perfect forward secrecy: DH Group 1, 2 and 5

• NAT traversal

• NAT over IPSec

• DPD (Dead Peer Detection) and replay detection

• Split DNS tunnel

• X-auth authentication: RADIUS, LDAP, Microsoft Active Directory and local user database

• Integrated SSL VPN

• Clientless Secure Remote Access

• SecuExtender: Supports virtually all applications

• Supports RADIUS/LDAP/Microsoft AD/Local User Database

• Supports ZyWALL OTP (One Time Password)

Networking

• Routing mode and bridge mode can co-exist

• Port grouping (L2)

• Supports 802.1q tagged VLAN

• Encapsulation: Ethernet/PPPoE/PPTP

• Supports virtual interface (alias interface)

• Policy-based routing

• NAT: SNAT, DNAT

• Supports dynamic routing protocols: RIP v1/v2 and OSPF

• IP Multicasting

• DHCP client/server/relay

• Built-in DNS server

• Dynamic DNS

• NTP client

• HTTP redirect

• Policy-based traffic shaping

• Maximum bandwidth

• Bandwidth priority

Redundancy

• Device HA (High Availability)

• Device failure detection

• Auto-sync Configurations

• Supports Multiple ISP links

• Multiple WAN Load balancing

• VPN High Availability supports redundant remote VPN gateways

Management

• Intuitive Web-based GUI: https/http

• Dashboard for system status monitoring

• Role-based administration: supports multiple privileges and simultaneous logins

• Object-based architecture

• Text-based configuration file

• Full-function CLI: Accessible from console/Web Console/SSH/telnet

• Product registration and service activation from within myZyXEL.com

• Centralized & comprehensive local logging

• Log exportable: syslog (up to 4 external syslog servers)

• SNMP v2c with MIB-II

• E-mail alert

• Real-time monitoring: Traffic snapshot and SA monitor

• Firmware upgrade: FTP, FTP-TLS, WebGUI

• System configuration rollback

• Supports Vantage Report 3.1* for advanced reporting

• Supports Vantage CNM 3.0* for centralized management

*: Future release

Log ind