Every now and then, I pluck a product out of our test queue because it intrigues me. This product is one of those. I pulled out the ZyWALL USG 200 because it looked like it should be a sort of wimpy little box, but I kept hearing what a cool UTM it is. Well, it couldn't be both, so I took it up to campus (Norwich University) with me and hooked it up to our information warfare lab and proceeded to beat on it. It resisted all my efforts, so I was afraid that I had broken it. When I figured I had done all the damage I could, I zeroed it out and returned it to factory defaults (no filtering) and it was still chugging along. This little guy is everything it portends to be and I really liked it.
ZyXEL makes several other versions of this USG (ZyXEL is clear that this is a unified security gateway, not just a UTM), from a toy 25-user version to a big 200-user tool. All of these are for small- to mid-sized businesses, and their pricing is extremely attractive for businesses of that size. But what I find a lot more attractive than the pricing is the ease of use and administration. Small and medium businesses often suffer from a lack of highly trained security/network administrators. That does not prevent them from needing the same protection as the big guys. It just means that they often have to accept second best when it comes to security tools. The tools that are simple to manage may be simplistic in operation. The ZyWALL USG 200 absolutely does not fit in that category. It is full-featured, easy to use, priced right and very effective. What more could one ask for.
The issue of pricing, though, is interesting in this case. Because most network and security products for small- and medium-sized businesses are sort of one-size-fits-all, these organizations often are forced to under- or over-size their products. You won't need to do that with ZyWALL. There are four sizes for organizations with between 25 and 200 employees.
Functionality is solid. The USG includes firewall, IDS/IPS, anti-virus from Kaspersky, content filtering from Blue Coat and anti-spam. The IDS/IPS, AV and content filtering must be supported by an annual license fee - $609.99 in the case of the 200 - but the firewall and anti-spam are included in the price. And, the support and upgrade fees are free for the life of the product. The support is eight hours a day/five days a week, but includes both phone and email. The website is solid, complete with a knowledge base and FAQ.
We tested the USG 200 on our Mu Dynamics 4000. This is a heavy-duty tool for performing such things as protocol mutations in order to break through the firewall by manipulating various protocols. We mutated HTTP and HTTPS, since these are the protocols most often allowed through a DMZ firewall. We had no luck breaking through. We also ran our Core Impact penetration tool against it and got the same results. Nothing.
Setup and management is a breeze. There is none of the usual pre-configuration setup using a console and command prompt. Just hook up the box to a computer and to the internet. Give your computer the right address and go. The internet connection lets you download the required updates. When you do that, you are subscribed automatically to an alerting service. That is extremely useful, especially for organizations that don't have the resources to continually scan the web for the latest threats. It also helps keep the box updated.
The product has lots of ports, both WAN and LAN. You can architect this into just about any system you can imagine. So, if you are a bigger organization that needs branch office gateways or inter-domain security management, this is for you as well. At its price - and with the selection of ZyXEL USGs - there is no reason not to provide robust security perimeter management, even for the smallest branch office.
There are lots of neat "big product" features on the 200. For example, there is VPN connectivity, bandwidth management, available one-time password tokens, and 3G wireless connections. A lot of thinking went into this line of products and it shows. Regardless of the size of your organization, you probably have a need for at least one of these, whether it is the nice little USG 200 or its larger sibling, the USG 1000. And even the professional home office can afford the USG 100.
Good stuff, lots of features, right price.
What it does: Provides the expected UTM features of firewall, intrusion detection/prevention, anti-virus and content filtering, plus VPN, anti-spam and management of peer-to-peer and instant messenger programs.
What we liked: Small, extremely easy to set up and administer, effective perimeter protection both at the enterprise perimeter and between security zones within the enterprise.
What we didn't like: Nothing