ZyXEL ZyWALL USG 50 review
This little appliance packs in the security features, but these up the price and the anti-spam is ineffective
Review Date: 9 Sep 2011
Reviewed By: Dave Mitchell
Price when reviewed: £185 (£222 inc VAT)
Features & Design
Value for Money
Now on a third-generation hardware platform, ZyXEL’s new ZyWALL USG 50 offers small businesses a complete security solution at an apparently low price. It’s designed for small offices of up to ten users, although this is a limitation of the hardware; it isn’t because of a per-user licensing scheme.
The appliance gets the benefit of Gigabit Ethernet all round, with four LAN ports and two for WAN connections – it can perform load balancing or failover across them. The two USB ports support a very small selection of 3G adapters that can be used for failover.
The USG 50 offers a heap of security measures, but many are optional extras. Extra licences are required for antivirus, content filtering, IDP and application patrol, and although subscriptions are reasonable, they will double your outlay for the appliance in one year.
The web interface has been redesigned, with the new dashboard using widgets for various status readouts. We found initial installation easy enough, and the web interface offers wizards for single and dual-ISP scenarios.
We recommend setting up objects next, as these define users, groups, addresses, services and schedules, and are used in the majority of security policies. Plenty of user authentication schemes are supported, although the appliance’s local database should be sufficient.
Security policies are applied to zones representing different groupings of physical ports. Zones are used by firewall rules to define inbound and outbound routes through the appliance. These also apply to the antivirus and IDP components, and for the former you can decide whether to scan HTTP, FTP, POP3, SMTP and IMAP4 protocols.
For performance testing, we used the lab’s Ixia Optixia XM2 chassis equipped with two Xcellon-Ultra NP blades. Using IxLoad to simulate ten web clients, we recorded a throughput of 131Mbits/sec with the firewall enabled and 30Mbits/sec with AV and IDP also active. During the tests, appliance CPU usage was seen to settle at 98%, showing that ten clients is a realistic limit.
Anti-spam is included as standard, but don’t get excited: all you can do is create black and white lists for message subject keywords, and apply up to five DNSBL servers. Using five DNSBL servers, including Spamhaus and Spamcop, we tested with live mail over a two week period and saw it stop less than 5% of spam.
ZyXEL’s application control can manage a wide range including IM, P2P and VoIP. For Windows Live Messenger we could stop users logging in or block them from using video, chat and file transfer; while for BitTorrent and FTP we could allow access but apply bandwidth restrictions.
Web filtering is provided by Blue Coat’s Cloud Service, and uses filter policies applied to objects such as systems, subnets and users. It provides over 70 different categories, and we found it extremely efficient.
The ZyWall USG 50 offers an impressive range of security measures, although most are optional and will push up the price. ZyXEL’s anti-spam is of limited value, so we recommend checking out Netgear’s ProSecure UTM5; it offers an effective anti-spam service, a similar level of features and is easier to install.
Author: Dave Mitchell
- IDC: iPad intertia opens door for Windows tablets
- Office 365 goes social with "Oslo" news feed
- Windows XP: upgrading 30,000 PCs in 30 days
- LibreOffice: ignore Microsoft's "nonsense" on government's open source plans
- Intel Xeon E7 v2 servers support 6TB of RAM
- Microsoft promises video calls between Skype and Lync
- Office for iPad due before July
- Windows 7 on business PCs gets an extension
- Windows apps land on Chromebooks with VMware
- Office 365 gets two-factor authentication
- Move over Delia: IBM Watson is cooking tonight
- Eric Schmidt on the double-edged smartphone: friend and foe
- Getty joins the race to the bottom
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Nokia XL review: first look
- Samsung Galaxy S5 review: first look
- Nokia X review: first look
- Small server vs cloud: which is best for SMBs?
- The best mobile apps for business
- Windows XP: Microsoft’s ticking time bomb
- gTLDs: what your business should know about new domain names
- Can Microsoft survive? A look at servers and tools
- Can Microsoft survive? The future of Office
- A real-world guide to business VoIP
- Sack your PA: how to stay on top of your work life
- Power lies with the internet giants, not the governments
- Software subscriptions return us to a life of servitude
- Windows Server 2012 R2: how the Datacenter edition could change SMBs
- Invoices and VAT: how to set up your documents correctly
- Nexus 5 vs Samsung Galaxy S4 Active: the best phone for avoiding screen burn
- How much is a social user worth?
- The key to choosing a secure password
- Thunderbolt Bridge: a fast Mac migration tool
- Should you advertise on Twitter?
- How to track a lost smartphone
- Self-publishing success: the best way to sell your book
- 1.6TB SSD: why would you need one?