Network Security

 

  • Fast and Easy Deployment
  • Fits into your existing network
  • Multiple enforcement options
  • Install and deploy within hours

     Software Features:

Firewall

  • ICSA-certified firewall (certification in progress)
  • Routing and transparent (bridge) modes
  • Stateful packet inspection
  • User-aware policy enforcement
  • SIP/H.323 NAT traversal
  • ALG support for customized ports
  • Protocol anomaly detection and protection
  • Traffic anomaly detection and protection
  • Flooding detection and protection
  • DoS/DDoS protection

IPv6 Support

  • IPv6 Ready gold logo (certification in progress)
  • Dual stack
  • IPv4 tunneling (6rd and 6to4 transition tunnel)
  • IPv6 addressing
  • DNS
  • DHCPv6
  • Bridge
  • VLAN
  • PPPoE
  • Static routing
  • Policy routing
  • Session control
  • Firewall and ADP
  • IPSec VPN
  • Intrusion Detection and Prevention (IDP)
  • Application intelligence and optimization
  • Content filtering
  • Anti-virus, anti-malware
  • Anti-spam

IPSec VPN

  • ICSA-certified IPSec VPN (certification in progress)
  • Encryption: AES (256-bit), 3DES and DES
  • Authentication: SHA-2 (512-bit), SHA-1 and MD5
  • Key management: manual key, IKEv1 and IKEv2 with EAP
  • Perfect forward secrecy (DH groups) support 1, 2, 5
  • IPSec NAT traversal
  • Dead peer detection and relay detection
  • PKI (X.509) certificate support
  • VPN concentrator
  • Simple wizard support
  • VPN auto-reconnection
  • VPN High Availability (HA): load-balancing and failover
  • L2TP over IPSec
  • GRE and GRE over IPSec
  • NAT over IPSec
  • ZyXEL VPN client provisioning

SSL VPN

  • Supports Windows and Mac OS X
  • Supports full tunnel mode
  • Supports 2-step authentication
  • Customizable user portal

Intrusion Detection and Prevention (IDP)

  • Routing and transparent (bridge) mode
  • Signature-based and behavior-based scanning
  • Automatic signature updates
  • Customizable protection profile
  • Customized signatures supported
  • SSL (HTTPS) inspection support

Application Intelligence and Optimization

  • Granular control over the most important applications
  • Identifies and controls over 3,000 applications and behaviors
  • Supports over 15 application categories
  • Application bandwidth management
  • Supports user authentication
  • Real-time statistics and reports
  • SSL (HTTPS) inspection support

Anti-Spam

  • Transparent mail interception via SMTP and POP3 protocols
  • Configurable POP3 and SMTP ports
  • Sender-based IP reputation filter
  • Recurrent Pattern Detection (RPD) technology
  • Zero-hour virus outbreak protection
  • X-Header support
  • Blacklist and whitelist support
  • Supports DNSBL checking
  • Spam tag support
  • Statistics report

WLAN Management

  • Wireless L2 isolation
  • Scheduled Wi-Fi service
  • Dynamic Channel Selection (DCS)
  • Client steering for 5GHz priority and sticky client prevention
  • Auto healing provides a stable and reliable coverage
  • IEEE 802.1x authentication
  • Captive portal Web authentication
  • Customizable captive portal page
  • RADIUS authentication
  • Wi-Fi Multimedia (WMM) wireless QoS
  • CAPWAP discovery protocol

Mobile Broadband

  • WAN connection failover via 3G and 4G* USB modems
  • Auto fallback when primary WAN recovers
  • 4G USB modem support available in future firmware upgrades

Networking

  • Routing mode, bridge mode and hybrid mode
  • Ethernet and PPPoE
  • NAT and PAT
  • VLAN tagging (802.1Q)
  • Virtual interface (alias interface)
  • Policy-based routing (user-aware)
  • Policy-based NAT (SNAT)
  • Dynamic routing (RIPv1/v2 and OSPF)
  • DHCP client/server/relay
  • Dynamic DNS support
  • WAN trunk for more than 2 ports
  • Per host session limit
  • Guaranteed bandwidth
  • Maximum bandwidth
  • Priority-bandwidth utilization
  • Bandwidth limit per user
  • Bandwidth limit per IP

One Network

  • ZON Utility
  • IP configuration
  • Web GUI access
  • Firmware upgrade
  • Password configuration
  • Smart Connect
  • Discover neighboring devices
  • One-click remote management access to the neighboring ZyXEL devices

Authentication

  • Local user database
  • Microsoft Windows Active Directory integration
  • External LDAP/RADIUS user database
  • XAUTH, IKEv2 with EAP VPN authentication
  • Web-based authentication
  • Forced user authentication (transparent authentication)
  • IP-MAC address binding
  • SSO (Single Sign-On) support (Download SSO Agent)

Device High Availability (HA)

  • Active-passive failover mode
  • Device failure detection and notification
  • Supports ICMP and TCP ping check
  • Link monitoring
  • Configuration auto-sync

System Management

  • Role-based administration
  • Multiple administrator logins
  • Multi-lingual Web GUI (HTTPS and HTTP)
  • Command line interface (console, Web console, SSH and telent)
  • SNMP v2c (MIB-II)
  • System configuration rollback
  • Firmware upgrade via FTP, FTP-TLS and Web GUI
  • Dual firmware images