- ✓Comprehensive set of respected security tools deployed at the Internet gateway
- ✓phishing protection
- ✓good performance from the ASIC-based hardware
- ✓dual WAN ports for load balancing and failover
- ✓flexible DMZ configuration
- ✕High level of technical knowledge required to get the most out of this appliance
- ✕doesn’t eliminate the need for additional desktop security
Network security can almost be a full-time job these days, especially if you have lots of users to look after. To start with there’s the firewall to manage and, increasingly, one or more VPN servers for secure remote access. Not to mention all those antivirus, anti-spam, anti-spyware and content management tools, now considered essential in the fight against Internet intruders. However, there are products that can help reduce the workload, such as the ZyWALL UTM range from ZyXEL, which provides most of what you need in a single, easy to manage, box.
UTM stands for Unified Threat Management, and there are actually several appliances in the ZyWALL UTM family ranging from a small-office/home office model to larger appliances for bigger companies. The ZyWALL 35 UTM reviewed here sits in the middle of the range and can handle networks of up to 100 users.
Like its siblings, the ZyWALL 35 is ASIC-based for maximum throughput, with the hardware housed in a smart metal case that can either sit on a desk or be rack mounted. There are six 10/100Mbps Ethernet ports on the front, two of which are for Internet attachment with automatic load balancing and failover facilities built-in as standard. The other four connect the device to the LAN, which may seem a little over the top but they can also be configured as DMZ (De-Militarized Zone) interfaces for public-facing Internet Web and email servers.
A couple of serial ports are also built in. One -- which you’ll rarely if ever use -- is for local console management, while the other is for the attaching a modem for dial backup support in the event of a WAN failure.
Finally there’s a PC Card slot, which can be used for one of two purposes. You can plug in a ZyXEL ZyAIR adapter to get wireless connectivity (unfortunately other wireless cards aren’t supported). Alternatively, you can swap that for the ZyWALL Turbo Card (normally included with the appliance) to add antivirus and intrusion detection/prevention services to the base security options, together with an on-board accelerator to provide the necessary processing power these services require. Most users are likely to choose the Turbo Card, handling wireless networks separately, if required.
The appliance runs ZyXEL’s own ZyNOS secure operating system with, depending on how you count them, up to eight security tools on offer. These start with an ICSA-certified stateful inspection firewall, plus a VPN (Virtual Private Network) server offering IPSec security and tunnelling with a choice of DES, 3DES or AES encryption. Unfortunately it only supports site-to-site setup, calling for a separate server to handle mobile workers, or a personal VPN appliance like the ZyWALL P1, also from ZyXEL.
Plug in the Turbo Card and you’ll then get access to the antivirus scanner, which is based on Kaspersky technology and can detect and block viruses before they get to LAN servers or individual desktops. You also get an optional intrusion detection and prevention (IDP) filter, to prevent worms, trojans, spyware and other application-level infections, including those spread via instant messaging and peer-to-peer networking.
Content filtering, based on technology from Bluecoat, is another standard option, and a Mailshell anti-spam filter is yet another. The Mailshell filter can be configured to work with most SMTP email servers and will protect against both ordinary spam and phishing attacks. ZyXEL also counts the built-in WAN failover and dial backup options among the eight-in-one security features, together with the ability to manage bandwidth allocation using the appliance.Additional subscriptions are required for the security services after initial trial periods have expired: you'll pay £199 per year for content filtering, £140 per year for anti-spam and £245 per year for antivirus.
Regardless of how you count them, the ZyWALL 35 UTM provides a comprehensive set of security tools. Indeed, you get just about everything you could need to protect a small business network. However, some small companies will need help with deployment.
Not that it’s any harder to configure than most other network security products, with everything done via a Web-based GUI that's is well designed and easy to navigate. There‘s also plenty of help on hand in terms of wizards and supporting documentation. However, a fair amount of technical knowledge is assumed, and you’ll need a good idea of what the various tools can do, their limitations and plenty of time to tinker and experiment with the settings on offer. This is especially true if you intend to use any of the more advanced features.
On the plus side, automatic updates are available for the options that need them and in the limited tests we were able to conduct, the ZyWALL 35 UTM proved effective at blocking common security threats. You will, however, still need desktop protection for home workers and mobile users who access the Internet in other ways.
Overall, the ZyWALL 35 UTM is a well-rounded solution with a lot to offer smaller organisations, and is well worth considering as the key part of any security policy.