- All-new platform: "3rd" generation ZyWALL
- 22x faster than previous-generation ZyWALL firewalls
- New generation UTM solution
- Robust hybrid VPN (IPSec and SSL)
- Application firewall
- Web security (Security Web access): ZyXEL safe browsing
- Non-stop Internet access with multiple WAN and 3G backups
- ICSA firewall, IPSec certification
- Comprehensive report system
- Best-of-breed security solution
- Free Anti-spam service
- ZyXEL Security Distribution Network (ZSDN)

The ZyWALL USG (Unified Security Gateway) 200 is the "third generation" ZyWALL featuring an all-new platform. It provides the performance 22 times faster than the previous-generation ZyWALL firewalls, as well as a deep packet inspection security solution for small businesses to enterprises alike. It embodies a Stateful Packet Inspection (SPI) firewall, Anti-Virus, Intrusion Detection and Prevention (IDP), Content Filtering, Anti-Spam, and VPN (IPSec/SSL/L2TP) in one box. This multilayered security safeguards your organization's customer and company records, intellectual property, and critical resources from external and internal threats.

Firewall

• ICSA-certified firewall
• Routing and transparent (bridge) mode
• Zone-based access control list
• Stateful packet inspection
• NAT, PAT
• Policy base NAT
• VLAN tagging
• User-aware policy enforcement
• SIP/H.323 NAT traversal
• ALG supports custom ports

Virtual Private Network (VPN)

• ICSA-certified IPSec VPN
• PPTP, L2TP, IPSec
• Algorithm: AES/3DES/DES
• Authentication: SHA-1/MD5
• Key management: Manual key/IKE
• Perfect forward secrecy: (DH group) supprt 1, 2, 5
• IPSec NAT traversal
• Dead peer detection/relay detection
• PKI (X.509) certificate support
• Centralize VPN Support
• Simple wizard support
• Auto reconnect VPN

SSL VPN

• Clientless secure remote access
• Support reverse proxy mode and full tunnel mode
• Unified policy enforcement
• Supports two-factor authentication
• Customizable user portal

Intrusion Detection and Prevention(IDP)

• Routing and transparent (bridge) mode
• Zone-based IDP inspection
• Customizable protection profile
• Protect over 2000 attack
• Automatic signature updates
• Custom signatures
• Protocol anomaly detection and protection
• Traffic anomaly detection and protection
• Flooding detection and protection
• DoS/DDoS protection

Anti-Virus

• Support Kaspersky and ZyXEL Anti-Virus
• Stream-based Anti-Virus engine
• Zone base AV protection
• HTTP/FTP/SMTP/POP3/IMAP4 protocal support
• Automatic signature updates
• No file size limitation
• Blacklist/whitelist support

Application Patrol

• Application, IM/P2P, stream base media, VoIP granular access control
• Detail access control of IM (Chat, file transfer, video)
• Application and IP/P2P bandwidth control
• User authentication support
• IM/P2P signature auto update
• Support more than 15 catalogs IM and P2P
• Real-Time statistical reports
• Maximum/guaranteed bandwidth

Anti-Spam

• Zone to zone protection
• Transparently intercept mail via SMTP/POP3 protocols
• Blacklist/whitelist support
• Support DNSBL checking
• Spam tag support
• Statistics report

High Availability

• Active-Passive mode
• Device failure detection and notification
• Support ICMP and TCP ping check
• Link monitoring
• Auto-Sync configurations
• VPN HA (redundant remote VPN gateways)

Content Filtering

• Web security: ZyXEL safe browsering
• URL blocking, keyword blocking
• Profile base setting
• Exempt list (blacklist and whitelist)
• Blocks java applet, cookies and active X
• Dynamic URL filtering database (powered by BlueCoat)
• Unlimited user licenses support
• Customize warning messages and redirect URL

Networking

• Routing mode/bridge mode/mixed mode
• Layer 2 port grouping
• Ethernet/PPPoE
• Tagged VLAN (802.1Q)
• Virtual interface (alias interface)
• Policy-based routing (user-aware)
• Policy-based NAT (SNAT)
• Dynamic routing(RIP v1/v2, OSPF)
• DHCP client/server/relay
• Dynamic DNS support
• WAN Trunk more than 2 port
• Per host session limit
• Guaranteed bandwidth
• Maximum bandwidth
• Priority-bandwidth utilization

Authentication

• Local user database
• Microsoft Windows active directory integrate
• External LDAP/RADIUS user database
• Xauth over RADIUS for IPSec IPV
• Forced user authentication (transparent authentication)
• IP/MAC address binding

System Management

• Role-based administration
• Multiple administrator login
• Multi-Lingual Web GUI (HTTPS/HTTP)
• Out-of-band management (AUX)
• Object-based configuration
• Command line interface (console/web console/SSH/TELNET)
• SNMP v2c (MIB-II)
• System configuration rollback
• Firmware upgrade via FTP/FTP-TLS/Web GUI

Logging/Monitoring

• Comprehensive local logging
• Syslog (send to up to 4 servers)
• E-mail alert (send to up to 2 servers)
• Real-Time traffic monitoring
• Built-in daily report
• Advanced reporting (Vantage Report)
• Centralized Network Management (Vantage CNM) manageable

System Performance

• Firewall Throughput^*1: 150 Mbps
• VPN Throughput (AES)^*2: 75 Mbps
• UTM Throughput (AV+IDP)^*3: 45 Mbps
• Unlimited User Licenses
• Max. Sessions^*4: 40,000
• Max. Concurrent IPSec VPN Tunnels: 100
• Max. Concurrent SSL VPN Users: 10
• Customizable Zone

Hardware Specifications

• 10/100/1000 Interfaces (Copper):  4 x LAN/DMZ, 2 x WAN, 1 x OPT (All GbE)
• USB ports: 2
• Card Slot: 1

Power Requirements

• Input Voltage: 100 - 240 V, 50 - 60 Hz, 1.2 A
• Power Rating: 20 W Max

Physical Specifications

• Dimensions: 242 (W) x 175 (D) x 35.5 (H) mm
• Weight: 1.2 kg

Environmental Specifications

• Operating temperature: 0ºC to 50ºC
• Storage temperature: -30ºC to 60ºC
• Operating humidity: 5% to 90% (non-condensing)