ZyXEL ZyWALL USG 50 review
This little appliance packs in the security features, but these up the price and the anti-spam is ineffective
Review Date: 9 Sep 2011
Reviewed By: Dave Mitchell
Price when reviewed: £185 (£222 inc VAT)
Features & Design
Value for Money
Now on a third-generation hardware platform, ZyXEL’s new ZyWALL USG 50 offers small businesses a complete security solution at an apparently low price. It’s designed for small offices of up to ten users, although this is a limitation of the hardware; it isn’t because of a per-user licensing scheme.
The appliance gets the benefit of Gigabit Ethernet all round, with four LAN ports and two for WAN connections – it can perform load balancing or failover across them. The two USB ports support a very small selection of 3G adapters that can be used for failover.
The USG 50 offers a heap of security measures, but many are optional extras. Extra licences are required for antivirus, content filtering, IDP and application patrol, and although subscriptions are reasonable, they will double your outlay for the appliance in one year.
The web interface has been redesigned, with the new dashboard using widgets for various status readouts. We found initial installation easy enough, and the web interface offers wizards for single and dual-ISP scenarios.
We recommend setting up objects next, as these define users, groups, addresses, services and schedules, and are used in the majority of security policies. Plenty of user authentication schemes are supported, although the appliance’s local database should be sufficient.
Security policies are applied to zones representing different groupings of physical ports. Zones are used by firewall rules to define inbound and outbound routes through the appliance. These also apply to the antivirus and IDP components, and for the former you can decide whether to scan HTTP, FTP, POP3, SMTP and IMAP4 protocols.
For performance testing, we used the lab’s Ixia Optixia XM2 chassis equipped with two Xcellon-Ultra NP blades. Using IxLoad to simulate ten web clients, we recorded a throughput of 131Mbits/sec with the firewall enabled and 30Mbits/sec with AV and IDP also active. During the tests, appliance CPU usage was seen to settle at 98%, showing that ten clients is a realistic limit.
Anti-spam is included as standard, but don’t get excited: all you can do is create black and white lists for message subject keywords, and apply up to five DNSBL servers. Using five DNSBL servers, including Spamhaus and Spamcop, we tested with live mail over a two week period and saw it stop less than 5% of spam.
ZyXEL’s application control can manage a wide range including IM, P2P and VoIP. For Windows Live Messenger we could stop users logging in or block them from using video, chat and file transfer; while for BitTorrent and FTP we could allow access but apply bandwidth restrictions.
Web filtering is provided by Blue Coat’s Cloud Service, and uses filter policies applied to objects such as systems, subnets and users. It provides over 70 different categories, and we found it extremely efficient.
The ZyWall USG 50 offers an impressive range of security measures, although most are optional and will push up the price. ZyXEL’s anti-spam is of limited value, so we recommend checking out Netgear’s ProSecure UTM5; it offers an effective anti-spam service, a similar level of features and is easier to install.
Author: Dave Mitchell
- Microsoft refuses to hand over customer emails
- Microsoft yanks Windows 8.1 update after crash reports
- Microsoft backtracks on blocking out-of-date Java
- Gartner: time to start planning your Windows 7 upgrade
- Still on IE8? You've got 18 months to upgrade
- Who's buying Chromebooks? American schools
- Microsoft targets Windows in next Patch Tuesday
- Microsoft to block old ActiveX controls in security push
- Samsung and Apple call off all legal disputes, except in the US
- Microsoft ordered to hand over European data
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums
- How to turn off Google Location Tracking
- 20 years of PC Pro: our greatest review mistakes
- 20 years of PC Pro: our first A-List
- Wikipedia's "right to be forgotten" protest hits the wrong note
- 3D printing hits the high street for plastic selfies
- 20 years of PC Pro: What amazed us in our first issue
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?
- How to set up a wireless hotspot for your business: give customers free or paid for internet access
- Five worst SMB security threats... and how to solve them
- Doing business in a social era
- How to configure SysLookup for your network
- The 18 best Outlook tips for increasing productivity: become an Outlook expert with these lesser-known tips
- Office: should you buy it, rent it - or dump it?
- Small server vs cloud: which is best for SMBs?
- The best mobile apps for business
- Windows XP: Microsoft’s ticking time bomb
- gTLDs: what your business should know about new domain names
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office