Strengths: Solid UTM functionality with added control over web content, P2P and IM
Weaknesses: Initial zone configuration is slightly difficult
Verdict: A good UTM priced right for the smaller organisation
The ZyWall USG300 combines core UTM functionality with a couple of extra features. This appliance includes standard features such as firewall, IPS and gateway virus protection, and also has a web content filter as well as the cabability to block and control instant messaging and peer-to-peer applications. The gateway anti-virus engine scans critical protocols such as HTTP, FTP, SMTP, POP3 and IMAP4.
We found this product to be fairly difficult to configure. Configuration is guided by a setup wizard, but this only goes so far. Once the wizard was complete, we still had to do some tweaking to the firewall, DNS, and zone settings to get everything running properly.
However, on the policy configuration side, things were quite easy to set up, and most of the policy was already preconfigured and ready to go. Many of the policy tweaks that we did consisted of a simple tick in a box and that was it. We also found the web-based GUI to be well organised and easy to navigate.
This product did quite well throughout our tests. The IPS and firewall worked extremely well together to block all our attacks, and we even tested the peer-to-peer blocking, with good results. This product can also integrate with Active Directory, making policy distribution easy as well.
Documentation for this product includes a quick-start guide, a user manual and a couple of reference cards for the command-line interface and configuration. The quick-start guide briefly defines the appliance's ports and interfaces before illustrating the initial configuration with the setup wizard. The user manual provides a high amount of detail on settings, configurations and features, complete with many screenshots and examples.
ZyXel offers free domestic technical support and free firmware upgrades for the life span of the product line. Phone and email support is available during office hours, and the website contains a support area with downloads, documentation and a knowledge base.
At just over £1,000, this product represents great value for money for small to medium environments that are looking for solid comprehensive protection at a good price.