|At a glance|
|Product||Zyxel VPN Firewall (ZyWALL 110) [Website]|
|Summary||Fast, multi-WAN VPN firewall / router with Gigabit ports and IPsec, L2TP and SSL tunnels.|
|Pros||• High VPN throughput|
• IPsec, L2TP and SSL VPN
• USB WWAN support
• Easy to use firewall
|Cons||• Manual lacks configuration examples|
Typical Price: $490 Buy From Amazon
Updated 1/22/14: Windows 8 SSL works
ZyXEL's ZyWALL VPN Firewalls are focused, "business-grade" devices designed for high throughput VPN and secure network connectivity. Many network security devices provide multiple security features in addition to VPN tunnels and firewall such as anti virus, Intrusion Prevention/Detection, content filtering, and so on. The ZyWALL's primary function is to be VPN router and a firewall, with lots of speed! Toward that end, ZyXEL has equipped them multi-core CPUs and fine-tuned the firewall for "uncompromising performance".
The three models of the ZyWALL VPN Firewall are the 110, 310 and 1100. The 110 supports up to 100 IPsec VPN tunnels, 25 SSL VPN tunnels and is rated for firewall throughput of 1,000 Mbps. The 310 supports up to 200 IPsec VPN tunnels, 50 SSL VPN tunnels, and is rated for firewall throughput of 2,000 Mbps. The 1100 supports up to 1,000 IPsec VPN tunnels, 250 SSL VPN tunnels, and is rated for firewall throughput of 8,000 Mbps. In this review, I'm going to take a look at the ZyWALL 110.
The ZyWALL 110 measures 11.81"W x 7"D x1.73"H and is enclosed in a metal case. Brackets for rack mounting and adhesive rubber feet for desk mounting are included. The power supply on the 110 is external. There is an internal cooling fan, so it is not silent, although the fan noise isn't that loud. The front of the 110 is where you'll find all the Ethernet ports, the USB ports, and the indicator lights, as shown below.
On the rear of the 110 is the console port, a compact flash card slot, the exhaust fan vent, the power connector, and a Kensington locking port, shown below.
Looking at the main board inside the 110, shown below, you can see the case could be made smaller, as the main board only fills just over half of the case bottom. Underneath the large heatsink is a Cavium CN6230 quad-core 1GHz CPU, supported by 512 MB Flash and 1 GB RAM. The Ethernet component is a Realtek RTL8370M Gigabit Ethernet chip.
Below are key features on the ZyWALL 110 as listed on ZyXEL's VPN Firewall product page.
- (7) 10/100/1000 RJ-45 ports – 2 WAN, 1 OPT, 4 LAN/DMZ
- (2) USB ports
- Throughput rating = 1000Mbps
- Max concurrent session rating = 60,000
- SPI and Zone based firewall
- SIP/H.323 NAT Traversal
- Customizable ALG
- Unlimited user licenses
- User-aware policy controls
- Throughput rating = 300Mbps
- Max concurrent IPsec VPN tunnels = 100
- Max concurrent SSL VPN users = 25
- IPsec, SSL, L2TP VPN capability
- AES, 3DES, DES VPN encryption
- SHA2, SHA1, MD5 authentication
- Virtual Interfaces
- IPv6 support
- 802.1q VLAN (tagging)
- Policy-based Routing and NAT
- Supports RIPv1/v2, OSPF
- Session and Bandwidth controls/prioritization
- Local, LDAP and RADIUS authentication
- 3G WWAN Card support
- Device High Availability
The ZyWALL 110 GUI provides four main tabs on the left for a dashboard, monitor options, configurations, and maintenance. Below is a screen shot of the main dashboard that displays device info, system status, system resource, interface status, firewall rules, logs and USB status.
A neat feature in the Dashboard is you can hover over the image of each port on the router and you'll get a pop up window with the status, speed, and IP address on each active interface. Also of note, you can see in the screenshot in the "Latest Alert Logs" pane, someone from 126.96.36.199 is trying to hack into my ZyWALL (and failing) and it is issuing a log message of "Failed login attempt ...".
The Configuration tab is obviously where configurations are applied. Inside the configuration tab, there are nine configuration menus, each with one or more sub-menus, each with one or more tabs to display various options. In the table below, I've listed the nine configuration menus and their sub-menus.
ZyWALL 110 Menu Tree
For example, in the configuration for Objects, under User/Group, there are three tabs for User, Group, and Setting as shown below.
There is certainly a tremendous amount of configuration options in the ZyWALL 110. Clicking help will bring up searchable information about each configuration option. There is also a 562 page manual that can be downloaded from ZyXEL's website. It would be nice if there were more configuration examples in the manual, specifically for VPN configuration. In my opinion, the ZyWALL 110, even with all of its options, isn't that difficult to configure. But it might be a bit intimidating if you haven't worked on a small business router / firewall before.