1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 8
Page 36 / 944 Scroll up to view Page 31 - 35
Chapter 1 Introducing the ZyWALL
ZyWALL USG 50 User’s Guide
36
The ZyWALL does not stop or start the system processes when you apply
configuration files or run shell scripts although you may temporarily lose access to
network resources.
Page 37 / 944
ZyWALL USG 50 User’s Guide
37
C
HAPTER
2
Features and Applications
This chapter introduces the main features and applications of the ZyWALL.
2.1
Features
The ZyWALL’s security features include VPN, firewall, anti-virus, content filtering,
IDP (Intrusion Detection and Prevention), ADP (Anomaly Detection and
Protection), and certificates. It also provides bandwidth management, NAT, port
forwarding, policy routing, DHCP server and many other powerful features.
The rest of this section provides more information about the features of the
ZyWALL.
High Availability
To ensure the ZyWALL provides reliable, secure Internet access, set up one or
more of the following:
Multiple WAN ports and configure load balancing between these ports.
One or more 3G (cellular) connections.
Virtual Private Networks (VPN)
Use IPSec, SSL to provide secure communication between two sites over the
Internet or any insecure network that uses TCP/IP for communication. The
ZyWALL also offers hub-and-spoke IPSec VPN.
Flexible Security Zones
Many security settings are made by zone, not by interface, port, or network. As a
result, it is much simpler to set up and to change security settings in the ZyWALL.
You can create your own custom zones. You can add interfaces and VPN tunnels to
zones.
Page 38 / 944
Chapter 2 Features and Applications
ZyWALL USG 50 User’s Guide
38
Firewall
The ZyWALL’s firewall is a stateful inspection firewall. The ZyWALL restricts access
by screening data packets against defined access rules. It can also inspect
sessions. For example, traffic from one zone is not allowed unless it is initiated by
a computer in another zone first.
Intrusion Detection and Prevention (IDP)
IDP (Intrusion Detection and Protection) can detect malicious or suspicious
packets and respond instantaneously. It detects pattern-based attacks in order to
protect against network-based intrusions. See
Section 30.6.2 on page 490
for a
list of attacks that the ZyWALL can protect against. You can also create your own
custom IDP rules.
Anomaly Detection and Prevention (ADP)
ADP (Anomaly Detection and Prevention) can detect malicious or suspicious
packets and respond instantaneously. It can detect:
Anomalies based on violations of protocol standards (RFCs – Requests for
Comments)
Abnormal flows such as port scans.
The ZyWALL’s ADP protects against network-based intrusions. See
Section 31.3.4
on page 518
and
Section 31.3.5 on page 521
for more on the kinds of attacks that
the ZyWALL can protect against. You can also create your own custom ADP rules.
Bandwidth Management
Bandwidth management allows you to allocate network resources according to
defined policies. This policy-based bandwidth allocation helps your network to
better handle applications such as Internet access, e-mail, Voice-over-IP (VoIP),
video conferencing and other business-critical applications.
Content Filter
Content filtering allows schools and businesses to create and enforce Internet
access policies tailored to the needs of the organization.
You can also subscribe to category-based content filtering that allows your
ZyWALL to check web sites against an external database of dynamically-updated
ratings of millions of web sites. You then simply select categories to block or
monitor, such as pornography or racial intolerance, from a pre-defined list.
Page 39 / 944
Chapter 2 Features and Applications
ZyWALL USG 50 User’s Guide
39
Anti-Virus Scanner
With the anti-virus packet scanner, your ZyWALL scans files transmitting through
the enabled interfaces into the network. The ZyWALL helps stop threats at the
network edge before they reach the local host computers.
Anti-Spam
The anti-spam feature can mark or discard spam. Use the white list to identify
legitimate e-mail. Use the black list to identify spam e-mail. The ZyWALL can also
check e-mail against a DNS black list (DNSBL) of IP addresses of servers that are
suspected of being used by spammers.
Application Patrol
Application patrol (App. Patrol) manages instant messenger (IM), peer-to-peer
(P2P) applications like MSN and BitTorrent. You can even control the use of a
particular application’s individual features (like text messaging, voice, video
conferencing, and file transfers). Application patrol has powerful bandwidth
management including traffic prioritization to enhance the performance of delay-
sensitive applications like voice and video. You can also use an option that gives
SIP priority over all other traffic. This maximizes SIP traffic throughput for
improved VoIP call sound quality.
2.2
Applications
These are some example applications for your ZyWALL. See also
Chapter 7 on
page 109
for configuration tutorial examples.
Page 40 / 944
Chapter 2 Features and Applications
ZyWALL USG 50 User’s Guide
40
2.2.1
VPN Connectivity
Set up VPN tunnels with other companies, branch offices, telecommuters, and
business travelers to provide secure access to your network. You can also set up
additional connections to the Internet to provide better service.
Figure 5
Applications: VPN Connectivity
2.2.2
SSL VPN Network Access
You can configure the ZyWALL to provide SSL VPN network access to remote
users.

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top