BUSQUEDA
CONTACTENOS
DONDE COMPRAR
MAPA DEL SITIO
INICIO
Your Location» GLOBAL

ZyWALL USG 2000

Unified Security Gateway

The ZyWALL USG 2000 is an ultra high performance, deep packet inspection security platform for enterprises. It incorporates a firewall, IDP, content filtering, anti-virus, anti-spam, and VPN in one box. This multi-layered security safeguards your business's customer and company records, intellectual property, and critical resources from external and internal threats.

VPN
  • ICSA-certified IPSec VPN
  • SSL VPN
  • L2TP VPN
Anti-Virus:
  • ZyXEL Anti-Virus
  • Kaspersky Anti-Virus
  • IDP
  • Web security(Security Web access): ZyXEL Security
  • Browsering
  • Application firewall
  • Scalable UTM/VPN Performance
  • IM/P2P Management
  • Anti-Spam
  • Bandwidth Management
Buscador de Productos
 

Leading High-Performance UTM solution
The ZyWALL USG 2000 employs hardware-acceleration technologies in one box. Powered by high-performance SecuASIC technology and a hardware-based encryption accelerator, the ZyWALL USG 2000 delivers leading high-performance, multi-layer threat protections for small business and enterprises alike. Better yet, all ZyWALL USG Series products supports Gigabit Ethernet interfaces.

Robust Hybrid VPN (IPSec and SSL)
The ZyWALL USG 2000 provides secure access from remote locations to corporate resources through the Internet for organizations of any size. Through IPSec VPN, companies can secure connections among branch offices, partner sites and headquarters. Road warriors and telecommuters can also use SSL or L2TP VPN to securely access the company network without having to install VPN software.
With flexible and easy connections, mobile employees, vendors and partners are enabled to securely access network resources for improved working efficiency.

Application Firewall
More and more network applications could slip malicious software into your office. The potentially malicious software, such as IM and P2P tools, could cause bandwidth waste or even system damage. With application patrol and bandwidth management features, you can control traffic block or rate limit for online chat or file transfer activities to avoid malicious software from finding its way into your organization.

Web Security (Secure Web Access): ZyXEL Web Bowering
Today, most network threats are likely from within the office, since employees would visit any insecure Web when they're surfing the net. Some Web sites may contain malicious software like Trojan, spyware or warm, and the software would take their tolls; therefore avoiding internal users to surf dangerous Web sites becomes an important task. ZyXEL's Web Bowering feature can quickly search the sites containing malicious software and notify users to keep away from them.

Non-Stop Internet Access with Multiple WAN and 3G as backup
The ZyWALL USG Series not only supports multiple WAN ports but also supports USB 3G or PCMCIA 3G cards. This enables it to provide "active-active" load sharing or "active-passive" failover configuration to deliver highly reliable network connectivity. To minimize the impact of single-point failures, the ZyWALL USG 2000 supports device HA (High Availability) to assure network availability.

ICSA Firewall, IPSec Certification
With ICSA-certified SPI Firewall and IPSec VPN, the ZyWALL USG 2000 enables organizations to take complete control over their network infrastructure and to provide the most up-to-date protection against network threats.

Comprehensive Report System
The built-in report system of ZyWALL USG 2000 offers a comprehensive set of real-time and historical reports including firewall, virus and intrusion attacks, bandwidth usage, Web site usage and user activities. With Vantage Report (VRPT), a Web-based reporting system, administrators can easily collect traffic data and analyze a distributed network for organizations to be aware of suspicious activities and to ensure better business productivity.

  
 

Features

Firewall

  • ICSA Labs certificate
  • Routing and transparent (bridge) mode
  • Zone-Based Access Control List
  • Stateful Packet Inspection
  • NAT, PAT
  • Policy base NAT
  • VLAN tagging
  • User-Aware Policy Enforcement
  • SIP/H.323 NAT traversal
  • ALG Supports Custom Ports

Virtual Private Network (VPN)

  • ICSA labs Certificate IPSec VPN
  • PPTP, L2TP, IPSec
  • Algorithm: AES/3DES/DES
  • Authentication: SHA-1/MD5
  • Key Management: Manual Key/IKE
  • Perfect Forward Secrecy: DH Group 1/2/5
  • IPSec NAT Traversal
  • Dead peer Detection/Relay Detection
  • PKI (X.509) Certificate Support
  • Hub and Spoke VPN Support
  • Simple wizard support 
  • Auto reconnect VPN        

SSL VPN

  • Clientless Secure Remote Access
  • Support Reverse Proxy Mode and Full Tunnel Mode 
  • Unified Policy Enforcement
  • Supports Two-factor Authentication
  • Customizable User Portal

Intrusion Detection and Prevention(IPS)

  • Routing and transparent (Bridge) mode
  • Zone-Based IDP Inspection
  • Customizable Protection Profile
  • Automatic Signature Updates
  • Custom Signatures
  • Protocol anomaly detection and protection
  • Traffic Anomaly Detection and Protection
  • Flooding Detection and Protection
  • DoS/DDoS Protection

Anti-Virus

  • ZyXEL Anti-Virus or Kaspersky Anti-Virus
  • Stream-Based Anti-Virus engine
  • Zone base AV protection
  • HTTP/FTP/SMTP/POP3/IMAP4 protocal support
  • Automatic Signature Updates
  • No File Size Limitation
  • Blacklist/Whitelist Support

Application Patrol

  • Application, IM/P2P, stream base media, VoIP Granular Access Control
  • Detail access control of IM (Chat, file transfer, video)
  • Application and IP/P2P bandwidth control
  • User authentication support 
  • IM/P2P signature auto update
  • Support more than 15 catalogs IM and P2P 
  • Real-Time Statistical Reports
  • Maximum/Guaranteed Bandwidth

Anti-Spam

  • Zone to Zone Protection
  • Transparently intercept mail via SMTP/POP3 protocols
  • Blacklist/Whitelist support
  • Support DNSBL checking
  • Junk mail tag support
  • Statistics report

High Availability

  • Active-Passive Mode
  • Device Failure Detection and notification
  • Support ICMP and TCP ping check
  • Link status Monitor
  • Auto-Sync Configurations  
  • VPN HA (Redundant Remote VPN Gateways)

Content Filtering

  • Web security (Security Web access): ZyXEL Security Browsering
  • URL Blocking, Keyword Blocking
  • Profile base setting
  • Exempt List (Blacklist and Whitelist)
  • Blocks Java Applet, Cookies and Active X
  • Dynamic URL Filtering Database (Powered by BlueCoat)*
  • Unlimited user Licenses support
  • Customize warning messages

Networking

  • Routing Mode/Bridge Mode/Mixed Mode
  • Layer 2 Port Grouping
  • Ethernet/PPPoE
  • Tagged VLAN (802.1Q)
  • Virtual Interface (Alias Interface)
  • Policy-Based Routing (User-Aware)
  • Policy-Based NAT (SNAT/DNAT) 
  • Dynamic routing(RIP v1/v2, OSPF, IP Multicasting (IGMP v1/v2) 
  • DHCP Client/Server/Relay
  •  Built-in DNS Server
  • Dynamic DNS Support
  • Multiple WAN Load Balancing more than 2 port
  • Per host session limit
  • Guaranteed bandwidth
  • Maximum bandwidth
  • Ingress traffic policing
  • Priority-bandwidth utilization

Authentication

  • Local User Database
  • Microsoft Windows Active Directory integrate 
  • External LDAP/RADIUS User Database
  • Xauth over RADIUS for IPSec IPV
  • ZyWALL OTP (One Time Password)**
  • Forced User Authentication (Transparent Authentication)
  • IP/MAC address binding

System Management

  • Role-Based Administration
  • Multiple Administrator Login
  • Multi-Lingual Web GUI (HTTPS/HTTP)
  • Out-of-band Management (AUX)
  • Object-Based Configuration
  • Command Line Interface (Console/Web Console/SSH/TELNET)
  • SNMP v2c (MIB-II)
  • System Configuration Rollback
  • Firmware upgrade via FTP/FTP-TLS/Web GUI

Logging/Monitoring

  • Comprehensive Local Logging
  • Syslog (send to up to 4 servers)
  • E-mail Alert (send to up to 2 servers)
  • Real-Time Traffic Monitoring
  • Built-in Daily Report
  • Advanced Reporting (Vantage Report)
  • Centralized Network Management (Vantage CNM) Manageable

 

Specifications

Standards Compliance

  • HSF (Hazardous Substance Free): RoHS and WEEE
  • EMC: FCC Part 15 Class A, CE-EMC Class A, C-Tick Class A, VCCI Class A
  • Safety: CSA International (ANS/UL60950-1, CSA60950-1, EN60950-1, IEC60950-1)

Performance and Capacity

  • SPI Firewall Throughput: 2 Gbps
  • IPSec VPN (AES) Throughput: up to 400 Mbps
  • UTM Throughput up to 400 Mbps
  • Max. Concurrent NAT Sessions: 1,000,000
  • Max. IPSec VPN Tunnels: up to 2,000
  • Max. SSL VPN Tunnels: up to 750
  • New Session Rate: 25,000 (sessions/sec)

Hardware Specifications

  • Memory: 2 GB RAM/256 MB Flash
  • Interfaces: 6 10/100/1000BASE-T RJ-45 interfaces and 2 Dual-Personality GbE interfaces (RJ-45 or SFP open slot)
  • Console: 1 D-Sub 9-pin Female (RS232C)
  • AUX: 1 D-Sub 9-pin Male (RS232C)
  • LED: PWR1, PWR2, SYS, AUX, CARD, HDD
  • Power Switch
  • Reset Pinhole
  • Buzzer Reset Button
  • SEM Slot: 1 (Security Extension Module)
  • Card Slot: 1 (CardBus)
  • USB***: 2 (USB Host, 2.0)
  • HDD Slot***: 1 (SATA, 2.5")

Physical Specifications

  • 19-inch, 2-RU (rack-mount kit included)
  • Dimensions: 430 (W) x 487 (D) x 89 (H) mm
  • Weight: 10.5 kg

Power Requirements

  • Input Voltage: 100-240 V, 50-60 Hz, 3-6 A
  • Power Rating: 200 W

Environmental Specifications

  • Operating Temperature: 0ºC ~ 40ºC/32ºF ~ 104ºF
  • Storage Temperature: -30ºC ~ 60ºC/-22ºF ~ 140ºF
  • Humidity: 5% ~ 90% (non-condensing)

Certifications

  • ICSA Certified Firewall
  • ICSA Certified IPSec VPN

 

*: Requires a vaild subscription.
**: Sold separately
***: These hardware accessories will be supported in future firmware release
 

(For Open Source Announcements, please refer to the ZyWALL USG 2000 User's Guide. And to obtain the GPL open source code, please contact ZyXEL tech support support@zyxel.com )

 
IR ARRIBA