The Ethernet ports are arranged to provide one LAN connection, two WAN connections, and four DMZ connections. Setup can be done using a terminal emulation program and the serial port if required, but the preferred method is to make a network connection between a PC and the device's LAN port. The ZyWALL can be configured using a web browser.
The ZyWALL internet connection provides a single user account option, which enables several users to share one internet account. Operating in a similar way to NAT, it replaces the local client's source address with its own and replaces the source port number with one chosen from a pool. When replies are received, these are replaced with the original port numbers.
A useful feature is a status bar indicating how much space is left for firewall rules. The default setup has rules that allow access from the LAN to the internet and the DMZ, but will block traffic from the internet and the DMZ to the LAN. This last rule would need to be changed if a server in the DMZ needed access to a server on the LAN, like a "public" web server linked to an internal database server. The firewall blocked and logged our port scanning attempts.
The administration interface provides online help that relates to the information displayed on the screen. More detailed information is provided on the documentation provided on the accompanying CD. The only printed material is a short quick-start guide.
The system generates logs and can send alerts via email for certain situations. An added feature allows thresholds to be set for denial-of-service attack detection.