At the small or home office end of the market we have the ZyWall 100 Internet Security Gateway. When we looked at the ZyWall 50 appliance in the VPN Group Test last year, we had a few concerns, such as build quality. This issue has clearly been addressed, since the ZyWall 100 is a robust yet compact device with a simple and attractive design.
The front of the device provides a bank of easy-to-understand LEDs, while at the back there are three RJ45 ports (internal and external networks and a DMZ), and a COM port for installation and configuration. There is also a switch to reset to factory settings.
Fortunately, the problems of installation have been solved. The ZyWall 100 uses a text-based installation procedure or an easier method: a web GUI. Although the text-based installation is fairly straightforward, command-based interfaces really did go out with the ark, and we recommend the latter method. The actual configuration of the firewall following installation is also performed via a very simple web-based interface.
In its favor, the ZyWall 100 comes with some surprising features for such a small and relatively low-cost device. The actual firewall software is a stateful inspection application, with the emphasis on preventing denial-of-service attacks. The default configuration is to only allow incoming traffic in response to an outgoing request, which is perhaps the safest way for the inexperienced user.
It also provides auto-negotiation between 10 and 100Mbps for incoming traffic, and a degree of content filtering as well. You can also set up a blacklist to block specific web sites. All alerts are logged, and can be viewed centrally via a web-based GUI.
Another added bonus is that the ZyWall 100 is also an IPsec-compliant VPN at no extra cost, offering DES and triple-DES encryption. This makes it suitable for the high-end of the SOHO market, where a dedicated VPN device is probably not cost-efficient.
The documentation (in PDF format) is of a very high standard. Although aimed at users with little or no experience of IT security, it is both comprehensive and straightforward, with an excellent troubleshooting appendix.
The ZyWall 100 is a neat little product with a surprising array of features that you would not expect from a product at this end of the market. Well worth a look if you are a home user or in a small office environment, especially as it includes an IPsec-compliant VPN.