March 01, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Solid UTM functionality with added control over web content, P2P and IM
- Weaknesses: Initial zone configuration is slightly difficult
- Verdict: A good UTM priced right for the smaller organisation
The ZyWall USG300 combines core UTM functionality with a couple of extra features. This appliance includes standard features such as firewall, IPS and gateway virus protection, and also has a web content filter as well as the cabability to block and control instant messaging and peer-to-peer applications. The gateway anti-virus engine scans critical protocols such as HTTP, FTP, SMTP, POP3 and IMAP4.
We found this product to be fairly difficult to configure. Configuration is guided by a setup wizard, but this only goes so far. Once the wizard was complete, we still had to do some tweaking to the firewall, DNS, and zone settings to get everything running properly.
However, on the policy configuration side, things were quite easy to set up, and most of the policy was already preconfigured and ready to go. Many of the policy tweaks that we did consisted of a simple tick in a box and that was it. We also found the web-based GUI to be well organised and easy to navigate.
This product did quite well throughout our tests. The IPS and firewall worked extremely well together to block all our attacks, and we even tested the peer-to-peer blocking, with good results. This product can also integrate with Active Directory, making policy distribution easy as well.
Documentation for this product includes a quick-start guide, a user manual and a couple of reference cards for the command-line interface and configuration. The quick-start guide briefly defines the appliance's ports and interfaces before illustrating the initial configuration with the setup wizard. The user manual provides a high amount of detail on settings, configurations and features, complete with many screenshots and examples.
ZyXel offers free domestic technical support and free firmware upgrades for the life span of the product line. Phone and email support is available during office hours, and the website contains a support area with downloads, documentation and a knowledge base.
At just over £1,000, this product represents great value for money for small to medium environments that are looking for solid comprehensive protection at a good price.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry