Solution Guide

Unified Threat Management

Integrated Multi-threat Guardian of Business Networks

• Fast-response, Content-agnostic Anti-spam• Industry-leading Content Filtering Technology• Gateway-level Anti-virus Defense• Intrusion Prevention and Application Control

2

3

Table of ContentsOne Solution for the Most Robust Protection 4

Anti-Spam 5

Content Filtering 6

Anti-Virus 8

Intrusion Detection and Prevention 10

License 11

How Safe Is Your Network?Today, network attacks have become more sophisticated and targeted. Social networking applications have also opened up more channels for data breach than ever before. With the rise of BYOD (Bring Your Own Device), threats to business networks come from both outside and inside. It is now increasingly challenging for businesses to keep up with the changing threat landscape; and this is especially true for small- and medium-sized businesses, which do not have the staff and resources of larger corporations. Small- and medium-sized businesses need a solution that is efficient, inexpensive and provides an array of techniques to combat sophisticated network attacks.

Small- to Medium-sized BusinessesUSG 300USG 1000USG 2000

ZyXEL USG Advantages Adopted by over 450,000 companies around the world Market-proven security, performance and cost-effectiveness Industry-leading anti-virus, anti-spam and content filtering technology from Kaspersky, Commtouch and Blue Coat ICSA-certified VPN and firewall technology

One Solution forthe Most Robust ProtectionZyXEL’s Unified Security Gateways offer network security that just works. With a single ZyXEL USG, businesses get all the protection that they need. They effectively safeguard business networks from every possible threat with a wide range of security functions such as anti-virus, anti-spam, VPN, content filtering, IDP and firewall. Their all-in-one design helps businesses minimize management efforts and total cost of ownership (TCO), while maximizing network security.

ZyXEL’s high-performance Unified Security Gateways have been adopted by over 450,000 companies around the world for their robust protection, performance and cost-effectiveness. With the most comprehensive set of security features and industry-leading technology, ZyXEL’s USGs keep business networks efficient, safe and productive.

4

Small BusinessesUSG 20/20WUSG 50USG 100USG 200

Anti-Virus

USG

Firew

all

IDP

VPN

ContentFiltering

Anti-Spa

m

Certifications World-class Technology Partners

5

Anti-SpamThe number of active zombies per day ranges from 5 to 10 million, with 200,000 to 500,000 new zombies activated every 24 hours. Zombies alone produce an estimated 120 billion spam messages daily. Given the astounding volume and distribution rates of today’s spam, the importance of real-time protection cannot be overestimated.

ZyXEL Unified Security Gateways leverage Commtouch anti-spam technology to provide fast and effective protection against spam outbreaks. Commtouch’s anti-spam solution provides highly accurate detection results with real-time blocking of spam in any language or format, including image-based spam.

Commtouch Anti-Spam

Commtouch anti-spam can detect spam outbreaks in the

first few minutes of emergence. Commtouch’s Zero-Hour

Virus Outbreak Protection is based on its Recurrent Pattern

Detection (RPD) technology, which identifies spam based

on their unique distribution patterns instead of scanning

messages one at a time. This content-agnostic approach

allows for faster response times and spam detection in

IP Reputation Compiles historical and up-to-the-minute sender

reputation data from highly diverse traffic sources Identifies hundreds of thousands of new zombies daily

from over tens of millions of IP addresses Classifies billions of messages per week, in real-time

Zero-Hour Outbreak Protection Blocks or delays suspect messages hours before

commercial signatures are available Fully automated real-time solution with zero human

intervention Identifies outbreaks in any language, message format,

and encoding type

any language and format—including images, HTML, non-

English characters, single and double byte character sets, etc.

Combined with its IP reputation service, which tracks traffic

from over tens of millions of IP addresses, Commtouch’s

anti-spam solution achieves unprecedented performance

and detection levels.

How RPD Works

Commtouch’s

RPD technology

enables ZyXEL

USGs to identify

new spam outbreaks

as soon as they emerge.

The Commtouch engine in the ZyXEL USG queries and

retrieves spam classifications from the Commtouch

Detection Center in real-time. The result is instant, content-

agnostic protection from new outbreaks without any lag

in updates.

6

Content FilteringThe Internet is filled with threats to business networks. Social networking applications have provided new channels for data breach; while threats like malware, phishing and bots are constantly evolving and compromising legal websites. Businesses need an effective solution to prevent employees from surfing malicious websites unknowingly, resulting in data breach, business downtime and potential loss of money.

ZyXEL Unified Security Gateways leverage industry-leading content filtering technology from Commtouch and Blue Coat to screen access to websites that are deemed objectionable, not business related, or malicious. Commtouch and Blue Coat content filtering services feature comprehensive, cloud-based databases with field-proven speed and identification accuracy. These best-of-breed services enable ZyXEL USGs to provide business networks effective protection against ever-evolving malware, phishing and botnet traffic.

Commtouch Content Filtering

Commtouch’s content filtering solution utilizes its Data

Cloud infrastructure to provide highly relevant Web

coverage with uncompromising accuracy and zero-hour

security. With Commtouch’s solution, ZyXEL USGs can

provide real-time protection from emerging Web threats,

help businesses enforce HR regulation, and block or monitor

sites to maximize employee productivity.

Data Cloud Infrastructure Global and diversified data sources

process billions of transactions daily Massive, centralized database stores

all the URL classifications a customer

needs Lightweight, economical local

clients receive and store only the

data customers need, when they

need it, eliminating resource-

intensive updates

Accuracy & Coverage Customer-oriented classification

triggered by every new site

customers browse Routine analysis of site dynamics

and user behavior determines scan

granularity Continuous tracking ensures exact

classification of each URL at every

moment

Zero-Hour Security Predictive threat detection

recognizes harmful sites before

users are exposed Zero-hour competencies leveraged

from all Commtouch security

products across the Detection

Center axis Commtouch Security Alliance

augments

7

How It Works

Upon receiving a request for Web access, the ZyXEL Unified

Security Gateway uses the Commtouch content filtering

engine to check the URL classification. The content filtering

engine first checks its local cache for URL values, which

typically resolves more than 99% of queries. If necessary,

the content filtering engine queries Commtouch’s cloud-

based database for relevant updates. The ZyXEL Unified

Security Gateway then blocks, allows or strips content

according to the classification it receives from Commtouch’s

content filtering engine.

Blue Coat Content Filtering

ZyXEL Unified Security Gateways also offer content filtering

services provided by Blue Coat Systems. Blue Coat’s content

filtering solution categorizes billions of web pages in more

than 50 languages into 85 useful categories that can be

easily managed by IT administrators. When deployed with

ZyXEL Unified Security Gateways, Blue Coat’s content

filtering solution helps businesses enforce corporate

security policies across the network more effectively and

improve employee productivity.

ZyXEL USG

8

Anti-VirusAlthough most computers in enterprises today are protected by endpoint anti-virus software, signature updates and software patches cannot keep up with the speed at which viruses and malware spread. An additional layer of anti-virus protection at the network gateway can solve these problems. Network-based anti-virus compliments existing endpoint anti-virus software and provides faster, more responsive protection against malware outbreaks.

ZyXEL Unified Security Gateways feature Kaspersky Anti-Virus (KAV) and ZyXEL Anti-Virus (ZAV) services that offer fast-response virus protection at the gateway. These anti-virus solutions feature centralized, cloud-based signature databases that provide real-time signature updates for instant protection against new threat outbreaks. Utilizing stream-based virus scanning technology, Kaspersky and ZyXEL Anti-Virus solutions inspect traffic without needing to cache incoming files. This technology enables ZyXEL USGs to deliver high-speed virus detection regardless of file size—blocking viruses before they reach computers or mobile devices in the network.

Kaspersky Anti-Virus

Kaspersky Anti-Virus features a broad database of virus,

Trojan, worm and spyware signatures, which enable ZyXEL

Unified Security Gateways to block malware threats right

at the gate. The Kaspersky Anti-Virus signature database

is updated daily, with additional “urgent” updates issued

dynamically to provide fast-response protection against

malware outbreaks. Together with ZyXEL USGs, Kaspersky

Anti-Virus provides robust anti-virus protection without

sacrificing network performance. This solution uses stream-

Unparalleled Performance High-speed scanning with hardware acceleration High throughput regardless of file size Low-latency detection during malware outbreaks Wire-speed virus scanning with stream-based anti-virus

engine

Robust Protection Efficient gateway-level defense against widespread

viruses, worms, Trojans and spyware Real-time malware statistics from Kaspersky Lab Daily and urgent signature updates for protection against

malware outbreaks

based traffic scanning technology, which, unlike traditional

anti-virus solutions, eliminates the need to cache incoming

traffic. This scanning method requires very little memory for

packet sequencing and reassembly, thereby providing high-

speed threat detection regardless of file size. With Kaspersky

Anti-Virus, ZyXEL USGs offer businesses excellent network

throughputs and efficient gateway-level protection from

dangerous malware threats and outbreaks.

9

How It Works

When inbound network traffic passes through the ZyXEL

Unified Security Gateway, the embedded Kaspersky Anti-

Virus engine inspects the traffic at wire-speed based on

the signatures in the cloud signature database. Should

viruses, Trojans, worms or spyware be detected, the

Kaspersky Anti-Virus engine will decontaminate the traffic

before sending it to end-users. The Kaspersky Security

Network provides the cloud signature database with daily

and “urgent” signature updates (up to several times a day)

for real-time protection against malware outbreaks.

ZyXEL Anti-Virus

ZyXEL Unified Security Gateways also offer self-developed ZyXEL Anti-Virus (ZAV) services. ZyXEL Anti-Virus features stream-

based virus scanning technology and a large database of 15,000 malware signatures. Combined with existing endpoint anti-

virus software, ZyXEL Anti-Virus provides comprehensive, multilayered protection against threats.

KSN

Part

ner

Signatures

Checked tra�c

Cleaned tra�c

Unchecked tra�c

Signatures matching

Unsafe tra�c

KasperskySecurityNetwork

Internet

End-users

10

Intrusion Detection and PreventionWeb applications provide channels for data breach that are largely invisible to traditional port- and protocol-based firewalls. Many IM, P2P and social networking applications can dynamically hop ports or reuse other ports to avoid inspection and control. It is therefore a real challenge for IT staff to protect business networks from new Web threats and manage Web applications to benefit business operations.

ZyXEL Unified Security Gateways feature Intrusion Detection and Prevention (IDP) systems that compliment firewalls by providing proactive defense against Web threats and effective control over Web application usage. ZyXEL’s IDP engine can accurately inspect network activity and behavior regardless of port or protocol to provide more comprehensive protection against application exploits and granular control over Web applications.

Deep Packet Inspection

ZyXEL’s IDP engine is able to perform deep packet inspection

of multiple layers in the network by combining traffic

and protocol anomaly detection and packet inspection

technologies. ZyXEL’s traffic and protocol anomaly detection

technologies provide effective protection against unknown

attacks. They can detect traffic patterns that deviate from

common usage and violations of protocol usage against

published RFCs. ZyXEL’s packet inspection technology, on

the other hand, minimizes false positives by scanning for

attack patterns against a database of 2,500 application

and malware signatures. Scanning every packet of all

network traffic, ZyXEL’s IDP system is able to deliver more

comprehensive attack prevention for a new generation of

Web threats.

Intrusion Detection and Prevention Zone-based IDP inspection Customizable protection profiles Protection against 2,500 attacks Automatic signature updates Protocol and traffic anomaly detection and protection

Application Patrol Granular application, IM, P2P, stream base media & VoIP

access control User authentication support Supports 44 IM, P2P and common Web application

categories Real-time statistic reports

Application Patrol

Based on ZyXEL’s deep packet inspection technology, ZyXEL’s

application patrol feature provides granular control over

Web application usage. It is able to monitor and manage 44

IM, P2P and common Web application categories, and create

security policies according to application type and user

identity. With the ability to prioritize bandwidth for critical

applications and throttle or block other non-productive

apps, ZyXEL’s application patrol helps IT staff maximize the

business value of Web applications while minimizing risks.

11

LicenseModel Duration ZyXEL

Anti-VirusKasperskyAnti-Virus IDP Blue Coat

Content FilterCommtouch

Content FilterCommtouchAnti-Spam

USG 20001 year Yes Yes Yes Yes Yes Yes

2 years Yes Yes Yes Yes Yes Yes

USG 10001 year Yes Yes Yes Yes Yes Yes

2 years Yes Yes Yes Yes Yes Yes

USG 3001 year Yes Yes Yes Yes Yes Yes

2 years Yes Yes Yes Yes Yes Yes

USG 2001 year Yes Yes Yes Yes Yes Yes

2 years Yes Yes Yes Yes Yes Yes

USG 1001 year Yes Yes Yes Yes Yes Yes

2 years Yes Yes Yes Yes Yes Yes

USG 501 year Yes Yes Yes Yes Yes Yes

2 years Yes Yes Yes Yes Yes Yes

USG 201 year - - - Yes Yes Yes

2 years - - - Yes Yes Yes

USG 20W1 year - - - Yes Yes Yes

2 years - - - Yes Yes Yes

Model SSL VPN IPSec VPN Client Vantage CNM Vantage Report

USG 2000

5 to 50 SSL Tunnels 1 client

5 clients

10 clients

50 clients

10 nodes

25 nodes

50 nodes

100 nodes

300 nodes

1000 nodes

1 device

5 devices

25 devices

100 devices

5 to 250 SSL Tunnels

5 to 750 SSL Tunnels

50 to 250 SSL Tunnels

50 to 750 SSL Tunnels

250 to 750 SSL Tunnels

USG 1000

5 to 25 SSL Tunnels

5 to 50 SSL Tunnels

5 to 250 SSL Tunnels

25 to 50 SSL Tunnels

25 to 250 SSL Tunnels

50 to 250 SSL Tunnels

USG 300

2 to 10 SSL Tunnels

2 to 25 SSL Tunnels

10 to 25 SSL Tunnels

USG 200

2 to 5 SSL Tunnels

2 to 25 SSL Tunnels

5 to 25 SSL Tunnels

USG 100

2 to 5 SSL Tunnels

2 to 25 SSL Tunnels

5 to 25 SSL Tunnels

USG 50 2 to 5 SSL Tunnels

USG 20 -

USG 20W -

F o r m o r e p r o d u c t i n f o r m a t i o n , v i s i t u s o n t h e w e b a t w w w . Z y X E L . c o mCopyright © 2013 ZyXEL Communications Corp. All rights reserved. ZyXEL, ZyXEL logo are registered trademarks of ZyXEL Communications Corp. All other brands, product names, or trademarks mentioned are the property of their respective owners. All specifications are subject to change without notice.

5-000-00013001 01/13

ZyXEL Communications Corp.Tel: +886-3-578-3942Fax: +886-3-578-2439Email: sales@zyxel.com.twhttp://www.zyxel.com

CorporateHeadquarters

ZyXEL USANorth America HeadquartersTel: +1-714-632-0882Fax: +1-714-632-0858Email: sales@zyxel.comhttp://us.zyxel.com

ZyXEL BelarusTel: +375 17 334 6099Fax: +375 17 334 5899Email: sales@zyxel.byhttp://www.zyxel.by

ZyXEL BeNeLuxTel: +31 23 555 3689Fax: +31 23 557 8492Email: sales@zyxel.nlhttp://www.zyxel.nlhttp://www.zyxel.be

ZyXEL Bulgaria(Bulgaria, Macedonia, Albania, Kosovo)Tel: +3592 4443343 Email: info@zyxel.bghttp://www.zyxel.bg

ZyXEL Czech RepublicTel: +420 241 091 350Hotline: +420 241 774 665Fax: +420 241 091 359Email: sales@cz.zyxel.comhttp://www.zyxel.cz

ZyXEL Denmark A/STel: +45 39 55 07 00Fax: +45 39 55 07 07Email: sales@zyxel.dkhttp://www.zyxel.dk

ZyXEL FinlandTel: +358 9 4780 8400Email: myynti@zyxel.fi http://www.zyxel.fi

ZyXEL FranceTel: +33 (0)4 72 52 97 97Fax: +33 (0)4 72 52 19 20Email: info@zyxel.frhttp://www.zyxel.fr

ZyXEL Germany GmbHTel: +49 (0) 2405-6909 0Fax: +49 (0) 2405-6909 99Email: sales@zyxel.dehttp://www.zyxel.de

ZyXEL Hungary & SEETel: +36 1 336 1640Fax: +36 1 325 9100Email: info@zyxel.huhttp://www.zyxel.hu

ZyXEL ItalyTel: 800 99 26 04Fax: +39 011 274 7647Email: sales@zyxel.ithttp://www.zyxel.it

ZyXEL NorwayTel: +47 22 80 61 80Fax: +47 22 80 61 81Email: salg@zyxel.no http://www.zyxel.no

ZyXEL PolandTel: +48 223 338 250Hotline: +48 226 521 626Fax: +48 223 338 251Email: info@pl.zyxel.comhttp://www.zyxel.pl

ZyXEL RomaniaTel: +40 31 0809 888Fax: +40 31 0809 890Email: info@zyxel.rohttp://www.zyxel.ro

ZyXEL RussiaTel: +7 (495) 542-8920Fax: +7 (495) 542-8925Email: info@zyxel.ruhttp://www.zyxel.ru

ZyXEL SlovakiaTel: +421 243 193 989Hotline: +421 220 861 848Fax: +421 243 193 990Email: sales@sk.zyxel.comhttp://www.zyxel.sk

ZyXEL SpainTel: +34 902 195 420Fax: +34 913 005 345Email: sales@zyxel.eshttp://www.zyxel.es

ZyXEL Sweden A/STel: +46 8 55 77 60 60Fax: +46 8 55 77 60 61Email: sales@zyxel.sehttp://www.zyxel.se

ZyXEL SwitzerlandTel: +41 (0)44 806 51 00Fax: +41 (0)44 806 52 00Email: info@zyxel.chhttp://www.zyxel.ch

ZyXEL Turkey A.S.Tel: +90 212 314 18 00Fax: +90 212 220 25 26Email: bilgi@zyxel.com.trhttp://www.zyxel.com.tr

ZyXEL UK Ltd.Tel: +44 (0) 118 9121 700Fax: +44 (0) 118 9797 277Email: sales@zyxel.co.ukhttp://www.zyxel.co.uk

ZyXEL UkraineTel: +380 44 494 49 31Fax: +380 44 494 49 32Email: sales@ua.zyxel.comhttp://www.ua.zyxel.com

Europe The AmericasAsia

ZyXEL China (Shanghai)China HeadquartersTel: +86-021-61199055 Fax: +86-021-52069033 Email: sales@zyxel.cn http://www.zyxel.cn

ZyXEL China (Beijing)Tel: +86-010-62602249Email: sales@zyxel.cnhttp://www.zyxel.cn

ZyXEL China (Tianjin)Tel: +86-022-87890440 Fax: +86-022-87892304 Email: sales@zyxel.cn http://www.zyxel.cn

ZyXEL IndiaTel: +91-11-4760-8800Fax: +91-11-4052-3393Email: info@zyxel.inhttp://www.zyxel.in

ZyXEL KazakhstanTel: +7-727-2-590-699 Email: info@zyxel.kzhttp://www.zyxel.kz

ZyXEL KoreaTel: +82-2-2636-5636Fax: +82-2-2636-6636Email: sales@zyxel.krhttp://www.zyxel.kr

ZyXEL MalaysiaTel: +603 2282 1111Fax: +603 2287 2611Email: sales@zyxel.com.myhttp://www.zyxel.com.my

ZyXEL PakistanTel: +92 213 4310194-5Fax: +92 213 4310196Email: sales@zyxel.pkhttp://www.zyxel.com.pk

ZyXEL PhilippineEmail: sales@zyxel.com.phhttp://www.zyxel.com.ph

ZyXEL SingaporeTel: +65-6899-6678Fax: +65-6899-8887Email: sales@zyxel.com.sghttp://www.zyxel.com.sg

ZyXEL Taiwan (Taipei)Tel: +886-2-2739-9889Fax: +886-2-2735-3220Email: sales_tw@zyxel.com.twhttp://www.zyxel.com.tw

ZyXEL ThailandTel: +66-(0)-2831-5315Fax: +66-(0)-2831-5395Email: info@zyxel.co.thhttp://www.zyxel.co.th

ZyXEL Vietnam Tel: (+848) 35202910 Fax: (+848) 35202800 Email: sales_vn@zyxel.com.twhttp://www.zyxel.com/vn/vi/