ZyXel ZyWall: The little firewall that could
ZyXel's ZyWall USG1000 delivers a solid set of features, acceptable performance, and a surprising level of attack protection at a bargain priceFollow @infoworld
As with just about every UTM we've ever touched, AAA functions are built in. In addition to LDAP and RADIUS back ends, Active Directory is supported -- a nice plus. The ZyWall provides an internal storage facility for PKI certificates as well.
Two ZyWalls can be set up to work together in a high-availability configuration with automatic fail-over -- a must-have in an enterprise setting. Surprisingly, the ZyWall even includes port aggregation, a throughput-maximizing feature missing from many higher-end units, including the SonicWall E7500 we tested.
The ZyWall USG1000 takes a backseat to Astaro and SonicWall in ease of setup and management, and it's far behind SonicWall and WatchGuard when it comes to performance. It stood up to the 200 VPNs we threw at it, but a couple dozen VPNs and a handful of travelers are more its speed. It would be a good choice for a branch office, large or small. Although the price might suggest that the ZyWall is a good option for very small businesses, the lack of a set of wizards for setup could spell trouble for inexperienced staff. But in the right hands, it's a terrific value.
|Pros||Very inexpensive for a UTM in its class. Lots of bells and whistles, including Active Directory support and port aggregation. Blocked more attacks in our test than far more expensive UTMs. Interface will be immediately familiar to users of SOHO ZyWalls.|
|Cons||Limited throughput, especially when under attack. Lacks wizards for configuration. Responsiveness of management interface suffers under load.|
|Cost||Base price: $3,399.99. Price as tested: $3,399.99|
|Platforms||1U appliance with five Gigabit Ethernet ports, firewall, VPN, IDS/IPS, anti-malware, content filtering.|
Curtis Franklin Jr. is a senior contributing editor to the InfoWorld Test Center.