Solution Guide
Unified Threat Management
Integrated Multi-threat Guardian of Business Networks
• Fast-response, Content-agnostic Anti-spam• Industry-leading Content Filtering Technology• Gateway-level Anti-virus Defense• Intrusion Prevention and Application Control
3
Table of ContentsOne Solution for the Most Robust Protection 4
Anti-Spam 5
Content Filtering 6
Anti-Virus 8
Intrusion Detection and Prevention 10
License 11
How Safe Is Your Network?Today, network attacks have become more sophisticated and targeted. Social networking applications have also opened up more channels for data breach than ever before. With the rise of BYOD (Bring Your Own Device), threats to business networks come from both outside and inside. It is now increasingly challenging for businesses to keep up with the changing threat landscape; and this is especially true for small- and medium-sized businesses, which do not have the staff and resources of larger corporations. Small- and medium-sized businesses need a solution that is efficient, inexpensive and provides an array of techniques to combat sophisticated network attacks.
Small- to Medium-sized BusinessesUSG 300USG 1000USG 2000
ZyXEL USG Advantages Adopted by over 450,000 companies around the world Market-proven security, performance and cost-effectiveness Industry-leading anti-virus, anti-spam and content filtering technology from Kaspersky, Commtouch and Blue Coat ICSA-certified VPN and firewall technology
One Solution forthe Most Robust ProtectionZyXEL’s Unified Security Gateways offer network security that just works. With a single ZyXEL USG, businesses get all the protection that they need. They effectively safeguard business networks from every possible threat with a wide range of security functions such as anti-virus, anti-spam, VPN, content filtering, IDP and firewall. Their all-in-one design helps businesses minimize management efforts and total cost of ownership (TCO), while maximizing network security.
ZyXEL’s high-performance Unified Security Gateways have been adopted by over 450,000 companies around the world for their robust protection, performance and cost-effectiveness. With the most comprehensive set of security features and industry-leading technology, ZyXEL’s USGs keep business networks efficient, safe and productive.
4
Small BusinessesUSG 20/20WUSG 50USG 100USG 200
Anti-Virus
USG
Firew
all
IDP
VPN
ContentFiltering
Anti-Spa
m
Certifications World-class Technology Partners
5
Anti-SpamThe number of active zombies per day ranges from 5 to 10 million, with 200,000 to 500,000 new zombies activated every 24 hours. Zombies alone produce an estimated 120 billion spam messages daily. Given the astounding volume and distribution rates of today’s spam, the importance of real-time protection cannot be overestimated.
ZyXEL Unified Security Gateways leverage Commtouch anti-spam technology to provide fast and effective protection against spam outbreaks. Commtouch’s anti-spam solution provides highly accurate detection results with real-time blocking of spam in any language or format, including image-based spam.
Commtouch Anti-Spam
Commtouch anti-spam can detect spam outbreaks in the
first few minutes of emergence. Commtouch’s Zero-Hour
Virus Outbreak Protection is based on its Recurrent Pattern
Detection (RPD) technology, which identifies spam based
on their unique distribution patterns instead of scanning
messages one at a time. This content-agnostic approach
allows for faster response times and spam detection in
IP Reputation Compiles historical and up-to-the-minute sender
reputation data from highly diverse traffic sources Identifies hundreds of thousands of new zombies daily
from over tens of millions of IP addresses Classifies billions of messages per week, in real-time
Zero-Hour Outbreak Protection Blocks or delays suspect messages hours before
commercial signatures are available Fully automated real-time solution with zero human
intervention Identifies outbreaks in any language, message format,
and encoding type
any language and format—including images, HTML, non-
English characters, single and double byte character sets, etc.
Combined with its IP reputation service, which tracks traffic
from over tens of millions of IP addresses, Commtouch’s
anti-spam solution achieves unprecedented performance
and detection levels.
How RPD Works
Commtouch’s
RPD technology
enables ZyXEL
USGs to identify
new spam outbreaks
as soon as they emerge.
The Commtouch engine in the ZyXEL USG queries and
retrieves spam classifications from the Commtouch
Detection Center in real-time. The result is instant, content-
agnostic protection from new outbreaks without any lag
in updates.
6
Content FilteringThe Internet is filled with threats to business networks. Social networking applications have provided new channels for data breach; while threats like malware, phishing and bots are constantly evolving and compromising legal websites. Businesses need an effective solution to prevent employees from surfing malicious websites unknowingly, resulting in data breach, business downtime and potential loss of money.
ZyXEL Unified Security Gateways leverage industry-leading content filtering technology from Commtouch and Blue Coat to screen access to websites that are deemed objectionable, not business related, or malicious. Commtouch and Blue Coat content filtering services feature comprehensive, cloud-based databases with field-proven speed and identification accuracy. These best-of-breed services enable ZyXEL USGs to provide business networks effective protection against ever-evolving malware, phishing and botnet traffic.
Commtouch Content Filtering
Commtouch’s content filtering solution utilizes its Data
Cloud infrastructure to provide highly relevant Web
coverage with uncompromising accuracy and zero-hour
security. With Commtouch’s solution, ZyXEL USGs can
provide real-time protection from emerging Web threats,
help businesses enforce HR regulation, and block or monitor
sites to maximize employee productivity.
Data Cloud Infrastructure Global and diversified data sources
process billions of transactions daily Massive, centralized database stores
all the URL classifications a customer
needs Lightweight, economical local
clients receive and store only the
data customers need, when they
need it, eliminating resource-
intensive updates
Accuracy & Coverage Customer-oriented classification
triggered by every new site
customers browse Routine analysis of site dynamics
and user behavior determines scan
granularity Continuous tracking ensures exact
classification of each URL at every
moment
Zero-Hour Security Predictive threat detection
recognizes harmful sites before
users are exposed Zero-hour competencies leveraged
from all Commtouch security
products across the Detection
Center axis Commtouch Security Alliance
augments
7
How It Works
Upon receiving a request for Web access, the ZyXEL Unified
Security Gateway uses the Commtouch content filtering
engine to check the URL classification. The content filtering
engine first checks its local cache for URL values, which
typically resolves more than 99% of queries. If necessary,
the content filtering engine queries Commtouch’s cloud-
based database for relevant updates. The ZyXEL Unified
Security Gateway then blocks, allows or strips content
according to the classification it receives from Commtouch’s
content filtering engine.
Blue Coat Content Filtering
ZyXEL Unified Security Gateways also offer content filtering
services provided by Blue Coat Systems. Blue Coat’s content
filtering solution categorizes billions of web pages in more
than 50 languages into 85 useful categories that can be
easily managed by IT administrators. When deployed with
ZyXEL Unified Security Gateways, Blue Coat’s content
filtering solution helps businesses enforce corporate
security policies across the network more effectively and
improve employee productivity.
ZyXEL USG
8
Anti-VirusAlthough most computers in enterprises today are protected by endpoint anti-virus software, signature updates and software patches cannot keep up with the speed at which viruses and malware spread. An additional layer of anti-virus protection at the network gateway can solve these problems. Network-based anti-virus compliments existing endpoint anti-virus software and provides faster, more responsive protection against malware outbreaks.
ZyXEL Unified Security Gateways feature Kaspersky Anti-Virus (KAV) and ZyXEL Anti-Virus (ZAV) services that offer fast-response virus protection at the gateway. These anti-virus solutions feature centralized, cloud-based signature databases that provide real-time signature updates for instant protection against new threat outbreaks. Utilizing stream-based virus scanning technology, Kaspersky and ZyXEL Anti-Virus solutions inspect traffic without needing to cache incoming files. This technology enables ZyXEL USGs to deliver high-speed virus detection regardless of file size—blocking viruses before they reach computers or mobile devices in the network.
Kaspersky Anti-Virus
Kaspersky Anti-Virus features a broad database of virus,
Trojan, worm and spyware signatures, which enable ZyXEL
Unified Security Gateways to block malware threats right
at the gate. The Kaspersky Anti-Virus signature database
is updated daily, with additional “urgent” updates issued
dynamically to provide fast-response protection against
malware outbreaks. Together with ZyXEL USGs, Kaspersky
Anti-Virus provides robust anti-virus protection without
sacrificing network performance. This solution uses stream-
Unparalleled Performance High-speed scanning with hardware acceleration High throughput regardless of file size Low-latency detection during malware outbreaks Wire-speed virus scanning with stream-based anti-virus
engine
Robust Protection Efficient gateway-level defense against widespread
viruses, worms, Trojans and spyware Real-time malware statistics from Kaspersky Lab Daily and urgent signature updates for protection against
malware outbreaks
based traffic scanning technology, which, unlike traditional
anti-virus solutions, eliminates the need to cache incoming
traffic. This scanning method requires very little memory for
packet sequencing and reassembly, thereby providing high-
speed threat detection regardless of file size. With Kaspersky
Anti-Virus, ZyXEL USGs offer businesses excellent network
throughputs and efficient gateway-level protection from
dangerous malware threats and outbreaks.
9
How It Works
When inbound network traffic passes through the ZyXEL
Unified Security Gateway, the embedded Kaspersky Anti-
Virus engine inspects the traffic at wire-speed based on
the signatures in the cloud signature database. Should
viruses, Trojans, worms or spyware be detected, the
Kaspersky Anti-Virus engine will decontaminate the traffic
before sending it to end-users. The Kaspersky Security
Network provides the cloud signature database with daily
and “urgent” signature updates (up to several times a day)
for real-time protection against malware outbreaks.
ZyXEL Anti-Virus
ZyXEL Unified Security Gateways also offer self-developed ZyXEL Anti-Virus (ZAV) services. ZyXEL Anti-Virus features stream-
based virus scanning technology and a large database of 15,000 malware signatures. Combined with existing endpoint anti-
virus software, ZyXEL Anti-Virus provides comprehensive, multilayered protection against threats.
KSN
Part
ner
Signatures
Checked tra�c
Cleaned tra�c
Unchecked tra�c
Signatures matching
Unsafe tra�c
KasperskySecurityNetwork
Internet
End-users
10
Intrusion Detection and PreventionWeb applications provide channels for data breach that are largely invisible to traditional port- and protocol-based firewalls. Many IM, P2P and social networking applications can dynamically hop ports or reuse other ports to avoid inspection and control. It is therefore a real challenge for IT staff to protect business networks from new Web threats and manage Web applications to benefit business operations.
ZyXEL Unified Security Gateways feature Intrusion Detection and Prevention (IDP) systems that compliment firewalls by providing proactive defense against Web threats and effective control over Web application usage. ZyXEL’s IDP engine can accurately inspect network activity and behavior regardless of port or protocol to provide more comprehensive protection against application exploits and granular control over Web applications.
Deep Packet Inspection
ZyXEL’s IDP engine is able to perform deep packet inspection
of multiple layers in the network by combining traffic
and protocol anomaly detection and packet inspection
technologies. ZyXEL’s traffic and protocol anomaly detection
technologies provide effective protection against unknown
attacks. They can detect traffic patterns that deviate from
common usage and violations of protocol usage against
published RFCs. ZyXEL’s packet inspection technology, on
the other hand, minimizes false positives by scanning for
attack patterns against a database of 2,500 application
and malware signatures. Scanning every packet of all
network traffic, ZyXEL’s IDP system is able to deliver more
comprehensive attack prevention for a new generation of
Web threats.
Intrusion Detection and Prevention Zone-based IDP inspection Customizable protection profiles Protection against 2,500 attacks Automatic signature updates Protocol and traffic anomaly detection and protection
Application Patrol Granular application, IM, P2P, stream base media & VoIP
access control User authentication support Supports 44 IM, P2P and common Web application
categories Real-time statistic reports
Application Patrol
Based on ZyXEL’s deep packet inspection technology, ZyXEL’s
application patrol feature provides granular control over
Web application usage. It is able to monitor and manage 44
IM, P2P and common Web application categories, and create
security policies according to application type and user
identity. With the ability to prioritize bandwidth for critical
applications and throttle or block other non-productive
apps, ZyXEL’s application patrol helps IT staff maximize the
business value of Web applications while minimizing risks.
11
LicenseModel Duration ZyXEL
Anti-VirusKasperskyAnti-Virus IDP Blue Coat
Content FilterCommtouch
Content FilterCommtouchAnti-Spam
USG 20001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 10001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 3001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 2001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 1001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 501 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 201 year - - - Yes Yes Yes
2 years - - - Yes Yes Yes
USG 20W1 year - - - Yes Yes Yes
2 years - - - Yes Yes Yes
Model SSL VPN IPSec VPN Client Vantage CNM Vantage Report
USG 2000
5 to 50 SSL Tunnels 1 client
5 clients
10 clients
50 clients
10 nodes
25 nodes
50 nodes
100 nodes
300 nodes
1000 nodes
1 device
5 devices
25 devices
100 devices
5 to 250 SSL Tunnels
5 to 750 SSL Tunnels
50 to 250 SSL Tunnels
50 to 750 SSL Tunnels
250 to 750 SSL Tunnels
USG 1000
5 to 25 SSL Tunnels
5 to 50 SSL Tunnels
5 to 250 SSL Tunnels
25 to 50 SSL Tunnels
25 to 250 SSL Tunnels
50 to 250 SSL Tunnels
USG 300
2 to 10 SSL Tunnels
2 to 25 SSL Tunnels
10 to 25 SSL Tunnels
USG 200
2 to 5 SSL Tunnels
2 to 25 SSL Tunnels
5 to 25 SSL Tunnels
USG 100
2 to 5 SSL Tunnels
2 to 25 SSL Tunnels
5 to 25 SSL Tunnels
USG 50 2 to 5 SSL Tunnels
USG 20 -
USG 20W -
F o r m o r e p r o d u c t i n f o r m a t i o n , v i s i t u s o n t h e w e b a t w w w . Z y X E L . c o mCopyright © 2013 ZyXEL Communications Corp. All rights reserved. ZyXEL, ZyXEL logo are registered trademarks of ZyXEL Communications Corp. All other brands, product names, or trademarks mentioned are the property of their respective owners. All specifications are subject to change without notice.
5-000-00013001 01/13
ZyXEL Communications Corp.Tel: +886-3-578-3942Fax: +886-3-578-2439Email: [email protected]://www.zyxel.com
CorporateHeadquarters
ZyXEL USANorth America HeadquartersTel: +1-714-632-0882Fax: +1-714-632-0858Email: [email protected]://us.zyxel.com
ZyXEL BelarusTel: +375 17 334 6099Fax: +375 17 334 5899Email: [email protected]://www.zyxel.by
ZyXEL BeNeLuxTel: +31 23 555 3689Fax: +31 23 557 8492Email: [email protected]://www.zyxel.nlhttp://www.zyxel.be
ZyXEL Bulgaria(Bulgaria, Macedonia, Albania, Kosovo)Tel: +3592 4443343 Email: [email protected]://www.zyxel.bg
ZyXEL Czech RepublicTel: +420 241 091 350Hotline: +420 241 774 665Fax: +420 241 091 359Email: [email protected]://www.zyxel.cz
ZyXEL Denmark A/STel: +45 39 55 07 00Fax: +45 39 55 07 07Email: [email protected]://www.zyxel.dk
ZyXEL FinlandTel: +358 9 4780 8400Email: [email protected] http://www.zyxel.fi
ZyXEL FranceTel: +33 (0)4 72 52 97 97Fax: +33 (0)4 72 52 19 20Email: [email protected]://www.zyxel.fr
ZyXEL Germany GmbHTel: +49 (0) 2405-6909 0Fax: +49 (0) 2405-6909 99Email: [email protected]://www.zyxel.de
ZyXEL Hungary & SEETel: +36 1 336 1640Fax: +36 1 325 9100Email: [email protected]://www.zyxel.hu
ZyXEL ItalyTel: 800 99 26 04Fax: +39 011 274 7647Email: [email protected]://www.zyxel.it
ZyXEL NorwayTel: +47 22 80 61 80Fax: +47 22 80 61 81Email: [email protected] http://www.zyxel.no
ZyXEL PolandTel: +48 223 338 250Hotline: +48 226 521 626Fax: +48 223 338 251Email: [email protected]://www.zyxel.pl
ZyXEL RomaniaTel: +40 31 0809 888Fax: +40 31 0809 890Email: [email protected]://www.zyxel.ro
ZyXEL RussiaTel: +7 (495) 542-8920Fax: +7 (495) 542-8925Email: [email protected]://www.zyxel.ru
ZyXEL SlovakiaTel: +421 243 193 989Hotline: +421 220 861 848Fax: +421 243 193 990Email: [email protected]://www.zyxel.sk
ZyXEL SpainTel: +34 902 195 420Fax: +34 913 005 345Email: [email protected]://www.zyxel.es
ZyXEL Sweden A/STel: +46 8 55 77 60 60Fax: +46 8 55 77 60 61Email: [email protected]://www.zyxel.se
ZyXEL SwitzerlandTel: +41 (0)44 806 51 00Fax: +41 (0)44 806 52 00Email: [email protected]://www.zyxel.ch
ZyXEL Turkey A.S.Tel: +90 212 314 18 00Fax: +90 212 220 25 26Email: [email protected]://www.zyxel.com.tr
ZyXEL UK Ltd.Tel: +44 (0) 118 9121 700Fax: +44 (0) 118 9797 277Email: [email protected]://www.zyxel.co.uk
ZyXEL UkraineTel: +380 44 494 49 31Fax: +380 44 494 49 32Email: [email protected]://www.ua.zyxel.com
Europe The AmericasAsia
ZyXEL China (Shanghai)China HeadquartersTel: +86-021-61199055 Fax: +86-021-52069033 Email: [email protected] http://www.zyxel.cn
ZyXEL China (Beijing)Tel: +86-010-62602249Email: [email protected]://www.zyxel.cn
ZyXEL China (Tianjin)Tel: +86-022-87890440 Fax: +86-022-87892304 Email: [email protected] http://www.zyxel.cn
ZyXEL IndiaTel: +91-11-4760-8800Fax: +91-11-4052-3393Email: [email protected]://www.zyxel.in
ZyXEL KazakhstanTel: +7-727-2-590-699 Email: [email protected]://www.zyxel.kz
ZyXEL KoreaTel: +82-2-2636-5636Fax: +82-2-2636-6636Email: [email protected]://www.zyxel.kr
ZyXEL MalaysiaTel: +603 2282 1111Fax: +603 2287 2611Email: [email protected]://www.zyxel.com.my
ZyXEL PakistanTel: +92 213 4310194-5Fax: +92 213 4310196Email: [email protected]://www.zyxel.com.pk
ZyXEL PhilippineEmail: [email protected]://www.zyxel.com.ph
ZyXEL SingaporeTel: +65-6899-6678Fax: +65-6899-8887Email: [email protected]://www.zyxel.com.sg
ZyXEL Taiwan (Taipei)Tel: +886-2-2739-9889Fax: +886-2-2735-3220Email: [email protected]://www.zyxel.com.tw
ZyXEL ThailandTel: +66-(0)-2831-5315Fax: +66-(0)-2831-5395Email: [email protected]://www.zyxel.co.th
ZyXEL Vietnam Tel: (+848) 35202910 Fax: (+848) 35202800 Email: [email protected]://www.zyxel.com/vn/vi/