Big Security for Small Businesses -Unified Security Gateway ZyWALL USG300
The ZyWALL USG300 is a Unified Security Gateway designed to provide complete, enterprise-level advanced security solutions to Small and Home Office networks, recommended for up to 75 PC users. Its flexible configuration is designed to help network administrators efficiently set up, manage, and enforce network security policies.
The USG300 features a 300Mbps throughput ICSA certified SPI Firewall, and is designed with state of the art security features including a granular, easily manageable Content Filter; choice of ZyXEL or Kaspersky Anti-Virus; Anti-Spam; and IDP (Intrusion Detection and Prevention) for maximum network security. It also provides bandwidth management for QoS of VoIP, videoconferencing, and other important applications, as well as multiple-WAN Failover and Load Balancing. IPSec, SSL, and L2TP* VPN functionality allows telecommuters and home workers quick and easy access to corporate resources with most any device or network setup.
Built with powerful Integrated High Performance Security architecture designed for Gigabit connections, a VPN throughput of 130Mbps, a UTM throughput of 80Mbps, up to 60,000 max sessions and 200 concurrent IPSec VPN tunnels, the USG300 has the power to monitor and protect even high-throughput networks without sacrificing performance.
With 7 flexible Gigabit ports, you’ll be able to decide how many LAN, DMZ, or WANs are best for your personal configuration. You can load balance and failover multiple ISP links or simply keep malware from being introduced to your intranet. The USG300 puts the choice in your hands.
- Comprehensive threat protection with firewall, VPN, anti-virus**, content filtering**, anti-spam, and intrusion detection and prevention** to secure networks against front line threats.
- Robust hybrid VPN (IPSec, SSL, and L2TP*)
- Easily connect with mobile devices
- IPv6 Support
- QoS options for latency-sensitive applications
- Compatible with Vantage Reporting and Management software
- 30day trial of the antivirus software
* Enabled by ZLD3.0 firmware upgrade
** Yearly subscription required
Flexible, secure VPN options
The USG300 is designed to allow secure VPN connections no matter what device or network settings are being used. IPSec VPN support allows secure connections to branch offices, partners, and headquarters; road warriors and telecommuters can use SSL to securely access the company network without having to install VPN software.
Easy Mobile Access
The new ZLD3.0 firmware upgrade enables L2TP support on all USG devices, making it easy for Android, iOS, and other mobile devices to establish VPN tunnels to remote networks directly from their native settings.
Comprehensive frontline threat protection
The USG300 employs a comprehensive suite of security systems to proactively protect networks from threats before they ever reach networked devices.
- ZyXEL’s anti-spam service eliminates spam, phishing, virus, and malware e-mail threats before they ever reach company inboxes while ensuring legitimate messages don’t get lost in the deluge.
- Administrators can choose between BlueCoat and Commtouch web filtering services to allow administrators to quickly and easily block websites both by category and by specific URL in order to protect networks from inappropriate web traffic, as well as to prevent viruses and spyware from forcing computers on a protected network to ‘phone home,’ saving bandwidth and preventing security breaches.
- ZyXEL’s signature-based Intrusion Detection and Prevention service allows network administrators granular control over the network functionality of specific applications while providing an added layer of defense from the most dangerous Trojans and backdoor applications on the internet today. With support for up to 2,500 signatures for the most common threats, IDP provides a powerful defense against threats to your network – both from the outside and from within.
- Gateway virus protection acts as a first line of defense from the worst viruses and malware on the internet. A 24/7 service with constant updates, administrators can choose between ZyXEL’s ICSA-Certified anti-virus or Kaspersky’s award winning virus protection system to keep the most dangerous viruses and malware from ever reaching a protected network.
- The USG300’s Content Filtering service is an integrated security system powered by an administrator’s choice of BlueCoat or Commtouch filtering services. The service is designed to allow administrators to quickly and easily block websites both by category and by specific URL in order to protect networks from inappropriate web traffic, as well as to prevent viruses and spyware from forcing computers on a protected network to ‘phone home,’ saving bandwidth and preventing security breaches.
With the advent of the new ZLD3.0 firmware, the USG300 is fully compatible with both IPv4 and IPv6 networks. Full backward compatibility allows VPN tunnels to be created between networks newly upgraded to IPv6 and older IPv4 networks, ensuring a seamless transition and painless network upgrades.
The USG300’s network optimization functionality makes it far more than a network security device. Support for multiple WANs allows the USG to load-balance and fail-over, protecting networks from congestion and downtime. Bandwidth management options let administrators to prioritize latency-sensitive applications like VoIP and videoconferencing, ensuring high-quality connections without lag or performance issues.
Vantage Management and Reporting
The USG300 supports the use of ZyXEL’s Vantage CNM and Vantage Reporting software, allowing centralized management and monitoring of multiple ZyWALL devices on a single network.
Vantage Reporting offers a comprehensive set of real-time and historical reports including firewall attacks, bandwidth usage, Website usage, and more - all organized into an automated, easy-to-read format that can be viewed from anywhere. Administrators can use this data to easily identify security problems and their causes and take prompt action.
Vantage CNM provides a suite of diagnostic and management tools that allows management of multiple ZyWALL devices from a centralized interface, reducing the time, cost, and complexity involved in VPN and security management. VPN monitoring allows network administrators to actively troubleshoot VPN problems as they occur, while centralized configuration of UTM functionality allows network administrators to manage license subscriptions, update devices, and isolate and repair security problems across all ZyWALL devices on a network.
ZyWALL USG Series Firewall Comparison
|Model ||USG20W ||USG20 ||USG50 ||USG100 ||USG200 ||USG300 ||USG1000 ||USG2000 |
| || || || || || || || || |
|Recommended number of PC Users ||1-5 ||1-5 ||1-10 ||10-25 ||25-50 ||50-75 ||75-200 ||200-500 |
|Unlimited User (No Per Node Limitation) || || || || || || || || |
|High Performance multi-layer threat Protection || || || || || || || || |
|Wireless || || || || || || || || |
|10/100/1000 Interfaces (ALL GbE Copper) ||4x LAN/DMZ, 1x WAN ||4x LAN/DMZ, 1x WAN ||4x LAN/DMZ, 2x WAN ||5x LAN/DMZ, 2x WAN ||5x LAN/DMZ, 2x WAN |
|7x Configurable ||5x Configurable ||6x Configurable |
System Capacity and Performance
|SPI Firewall Throughput (Mbps) (Largest Packet Size) ||150 ||150 ||180 ||180 ||250 ||300 ||400 ||2000 |
|VPN Throughput (AES)(Mbps) |
(Largest Packet Size)
|75 ||75 ||90 ||90 ||90 ||130 ||180 ||600 |
|UTM Throughput (AV+IDP) (Mbps)(Largest Packet Size) || || ||24 ||30 ||40 ||80 ||100 ||400 |
|Max Sessions ||6000 ||6000 ||10000 ||20000 ||40000 ||60000 ||500000 ||1000000 |
|Max Concurrent IPSec VPN Tunnels ||5 ||5 ||5 ||50 ||100 ||200 ||1000 ||2000 |
|Max Concurrent SSL VPN Tunnels ||1 ||1 ||5 ||5 ||10 ||25 ||250 ||750 |
|Included SSL VPN Users ||1 ||1 ||2 ||2 ||2 ||2 ||5 ||5 |
|VPN Support ||IPSec / SSL ||IPSec / SSL ||IPSec / SSL ||IPSec / SSL/L2TP ||IPSec / SSL/L2TP ||IPSec / SSL/L2TP ||IPSec / SSL/L2TP ||IPSec / SSL/L2TP |
|Multiple WAN Load Balance / Fail Over || || || || || || || || |
|iCard Antispam (Commtouch) 1 Year ||ICAS1YUSG20WC ||ICAS1YUSG20C ||ICAS1YUSG50C ||ICAS1YUSG100C ||ICAS1YUSG200C ||ICAS1YUSG300C ||ICAS1YUSG1000C ||ICAS1YUSG2000C |
|Anti-Virus (ZyXEL or Kaspersky) 1 Year || || || |
|IDP (ZyXEL) 1 Year || || ||ICID1YUSG50 ||ICID1YUSG100 ||ICID1YUSG200 ||ICID1YUSG300 ||ICID1YUSG1000 ||ICID1YUSG2000 |
|iCard Content Filtering (BlueCoat or Commtouch) 1 Year || |
|Total Security Service Kit(1 Year Kaspersky AV, 1 Year ZyXEL IDP, 1 Year BlueCoat CF bundle) || || ||ICTS1YUSG50 ||ICTS1YUSG100 ||ICTS1YUSG200 ||ICTS1YUSG300 ||ICTS1YUSG1000 ||ICTS1YUSG2000 |
|iCard SSL Upgrade Licenses(One Time) || || ||2-5 Users SSL2TO5USG50 ||2-5 Users SSL2TO5USG100 ||2-10 Users |
2-10 Users SSL2TO10USG300
5-250 Users SSL5TO250USG2000