Unified Security Gateway

Model: ZyWALL USG 100

Network Security for Offices of up to 25 People

The Internet can be a dangerous place. It seems new threats to network security and employee efficiency emerge with each passing day. Malware can incapacitate workstations, and DoS attacks can bring your entire network screeching to a halt. Even applications such as P2P, IM, and Social networks can eat bandwidth and cripple employee productivity.

The ZyWALL USG100 is a Unified Security Gateway designed to provide complete, enterprise-level advanced security solutions to Small/Medium Businesses (SMB), recommended for up to 25 PC users. Its flexible configuration helps network administrators set up the network and enforce security policies more efficiently.

The ZyWALL USG100 features a 180Mbps throughput ICSA certified SPI Firewall, and is designed with security features including IPSec, SSL, and L2TP1 VPN; a granular, easily manageable Content Filter; choice of ZyXEL or Kaspersky Anti-Virus; Anti-Spam; and IDP (Intrusion Detection and Prevention) for maximum network security. It also provides bandwidth management for QoS of VoIP, videoconferencing, and other important applications, as well as multiple-WAN Failover and Load Balancing. IPSec, SSL, and L2TP1 VPN functionality allows telecommuters and home workers quick and easy access to corporate resources with most any device or network setup.

Built with powerful Integrated High Performance Security architecture designed for Gigabit connections, a VPN Throughput of 90Mbps, a UTM throughput of 24Mbps, up to 20,000 max sessions and 50 concurrent IPSec VPN tunnels, the USG100 has the power to monitor and protect your network without sacrificing network performance. And with a 5 year, industry-leading hardware warranty, you’ll be able to count on your USG100 to watch over your network’s safety well into the future.

With 5x Gigabit LAN/DMZ and 2x Gigabit WAN interfaces you can load balance and failover multiple ISP links, allowing you to safeguard even the largest high-bandwidth environments.

 

  • Comprehensive threat protection with firewall, VPN, anti-virus2, content filtering2, anti-spam, and intrusion detection and prevention2 to secure networks against front line threats.
  • User-aware policy engine can set bandwidth or network access based on user login.
  • Network resilience with multiple WANs, 3G cellular support, and device high availability
  • 5-Year industry leading hardware warranty to support ZyXEL’s commitment to quality and customer satisfaction

With the ZyWALL USG100, you can rest easy knowing that your network is safe, secure, and wholly under your control

 

5-year warranty

ICSA-certified Firewall

  • Zone-Based Access Control List
  • Security Zones
  • Stateful Packet Inspection
  • DoS/DDoS Protection
  • User-Aware Policy Enforcement
  • ALG Supports Custom Ports

Intrusion Detection and Prevention

  • In-line Mode (Routing/Bridge)
  • Zone-Based IDP Inspection
  • Customizable Protection Profile
  • Signature-based Deep Packet Inspection
  • Automatic Signature Updates**
  • Custom Signatures
  • Traffic Anomaly Detection and Protection
  • Flooding Detection and Protection
  • Protocol Anomaly Detection and Protection:HTTP/ICMP/TCP/UDP

Anti-Virus

  • ICSA-Certified ZyXEL Anti-Virus or Kaspersky Anti-Virus
  • Stream-Based Anti-Virus
  • Covers Top Active Viruses in the Wild List
  • Scans HTTP/FTP/SMTP/POP3/IMAP4
  • Automatic Signature Updates**
  • No File Size Limitation
  • Blacklist/Whitelist Support

Hybrid VPN

  • ICSA-certified IPSec VPN
    • Encryption: AES/3DES/DES
    • Authentication: SHA-1/MD5
    • Key Management: Manual Key/IKE
    • Perfect Forward Secrecy: DH Group 1/2/5
    • NAT over IPSec VPN
    •  Dead peer Detection/Relay Detection
    • PKI (X.509) Certificate Support
    • Certificate Enrollment (CMP/SCEP)
    • Xauth Authentication
    • L2TP over IPSec Support
  • SSL VPN
    • Clientless Secure Remote Access(Reverse Proxy Mode)
    • SecuExtender (Full Tunnel Mode)
    •  Unified Policy Enforcement
    • Supports Two-factor Authentication
    • Customizable User Portal

Application Patrol

  • IM/P2P Granular Access Control
  • Apply Schedules, Bandwidth Management
  • User-Aware
  • IM/P2P Up-to-Date Support (based on IDP signatures)**
  • Real-Time Statistical Reports

Bandwidth Management

  • Bandwidth Priority
  • Policy-Based Traffic Shaping
  • Maximum/Guaranteed Bandwidth
  • Bandwidth Borrowing

Anti-Spam

  • Zone to Zone Protection
  • Transparently intercept mail via SMTP/POP3 protocols
  • Blacklist/Whitelist support
  • Support DNSBL checking
  • Statistics report

High Availability

  • Device HA (Active-Passive Mode)
  • Device Failure Detection
  • Link Monitoring
  • Auto-Sync Configurations
  • Multiple WAN Load Balancing
  • VPN HA (Redundant Remote VPN Gateways)

Content Filtering

  • URL Blocking, Keyword Blocking
  • Exempt List (Blacklist and Whitelist)
  • Blocks Java Applet, Cookies and Active X
  • Dynamic URL Filtering Database (Powered by BlueCoat)**

User Licenses

  • Unlimited

Networking

  • Routing Mode/Bridge Mode/Mixed Mode
  • Layer 2 Port Grouping
  • Ethernet/PPPoE/PPTP
  • Tagged VLAN (802.1Q)
  • Virtual Interface (Alias Interface)
  • Policy-Based Routing (User-Aware)
  • Policy-Based NAT (SNAT/DNAT)
  • RIP v1/v2
  • OSPF
  • IP Multicasting (IGMP v1/v2)
  • DHCP Client/Server/Relay
  • Built-in DNS Server
  • Dynamic DNS

Authentication

  • Internal User Database
  • Microsoft Windows Active Directory
  • External LDAP/RADIUS User Database
  • ZyWALL OTP (One Time Password)***
  • Forced User Authentication (Transparent Authentication)

System Management

  • Role-Based Administration
  • Multiple Administrator Login
  • Multi-Lingual Web GUI (HTTPS/HTTP)
  • Object-Based Configuration
  • Command Line Interface (Console/Web Console/SSH/TELNET)
  • Comprehensive Local Logging
  • Syslog (send to up to 4 servers)
  • E-mail Alert (send to up to 2 servers)
  • SNMP v2c (MIB-II)
  • Real-Time Traffic Monitoring
  • System Configuration Rollback
  • Text-Based Configuration File
  • Firmware upgrade via FTP/FTP-TLS/Web GUI
  • Advanced Reporting (Vantage Report)
  • Centralized Network Management (Vantage CNM)

3G Support

  • Advanced Wireless Security Transmission with WEP Encryption and WPA/WPA2 Support
  • PCMCIA: Sierra Wireless AC850*
  • USB: Huawei E220*
*: Not included. 
**: Requires a valid subscription.
***: Sold separately.
 

Certifications

  • ICSA Certified Firewall
  • ICSA Certified IPSec VPN
  • ICSA Certified Anti-Virus

Standards Compliance

  • HSF (Hazardous Substance Free): RoHS and WEEE
  • EMC: FCC Part 15 Class B, CE-EMC Class B, C-Tick Class B, VCCI Class B
  • Safety: CSA International (ANS/UL60950-1,CSA60950-1, EN60950-1, IEC60950-1)

Hardware Specifications

  • Memory size: 256 MB DDR2 RAM/256 MB Flash
  • Interface: GbE x 7 (RJ-45 with)
  • Interface: Auto-negotiation and Auto MDI/MDI-X
  • Console: RS-232 (DB9F)
  • AUX: RS-232 (DB9M)
  • LED Indicator: PWR, SYS, AUX, CARD
  • Reset Button
  • Expansion Card Slot
  • 2 USB Ports

Physical Specifications

  • Rack Mountable (rack-mount kit included)
  • Dimensions: 242 (W) x 175 (D) x 35.5 (H) mm/9.5 (W) x 6.9 (D) x 1.4 (H) inch
  • Weight: 1.2 Kg/2.6 lbs

Environmental Specifications

  • Operating temperature: 0ºC ~ 50ºC/32ºF ~ 122ºF
  • Storage temperature: -30ºC ~ 60ºC/-22ºF ~ 140ºF
  • Operating humidity: 5% ~ 90% (noncondensing)

Power Requirements

  • Input: 100 ~ 240 V; 1.2 A, 50 ~ 60 Hz
  • Output: 12 V; 3.5 A

Accessories

Aerobeam

Ethernet Switch/Adapter

IP Cameras

Network Attached Storage

Portable Wireless Router

Powerline Networks

Wireless