ZyXEL ZyWALL 1050 review
ZyXEL began this year by offering an unusual range of UTM (unified threat management) appliances, with the ZyWALL 35 UTM being a cost-effective security all-rounder. The latest ZyWALL 1050 ups the stakes, as it’s aimed at businesses comprising over 100 users. It provides NAT/SPI firewall duties, IPsec VPNs and optional web content filtering, plus intrusion prevention services (IPS).
The 1050 has five Gigabit Ethernet ports, which can be anything you like, so each can be set up as a LAN, WAN, backup WAN or DMZ port. It didn’t take long to install the 1050, and we placed it between out test LAN and internet connection, where it performed routing. The web interface sees some design improvements and a wizard helps to set up the initial connections, while another wizard aids in securing them against intrusion. A useful feature is port grouping, where member ports are represented by a single Ethernet interface, which could be used to provide a high-speed connection with another network.
Two ports can be designated as WAN links and placed in trunks for load balancing and failover. There’s also a serial port for attaching a modem for dial-up backup. A key target application is as a site-to-site VPN concentrator, since the 1050 supports 1,000 VPN tunnels out of the box and can function as a hub for multiple spokes. It can also handle VoIP, and its ALG (application layer gateway) dynamically opens up SIP and H.323 ports on the firewall for the duration of a call.
Objects such as hosts, subnets, schedules and services make rule creation a lot easier. Changes to an object are automatically propagated to all rules that use them. Access restrictions can be based on users and groups, while the appliance supports LDAP and RADIUS servers, and has its own internal user database. However, for the latter to work, you must force users to log on to the appliance first. Content filtering is a hosted service offering more than 50 categories, and is controlled with a range of access policies and schedule objects. We found it worked well during testing. We could apply different usage policies based on IP address, subnets and specific users. However, we did find that selecting all available categories pretty much closed down all internet access. The IDS feature employs Layer 7 inspection to pinpoint dubious traffic and uses a signature database, which can be updated as often as every hour.
So far, so good, but as with the previous ZyWALL products there are a lot of features in the pipeline that aren’t available yet. ZyXEL does call the 1050 a UTM appliance, but anti-virus scanning won’t be available until next year and will be activated with a future firmware upgrade. The HDD slot on the front panel is designed to provide a quarantine area for the anti-spam feature, but this is also a future upgrade. Both the extension card slots at the front and underneath have no specific purpose yet, and the two USB ports aren’t currently supported either.
The ZyWALL 1050 is undoubtedly easy to install and use, and offers good firewall protection plus excellent IPsec VPN support. The content filtering is also a valuable feature, but if you want full UTM features you’re going to have to wait until the updates arrive.