Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The ZyWALL 35 is a mid-range model with four LAN and two WAN ports, and a throughput of 70Mbps.
Getting started was easy, but we worried about security. Although HTTPS is enabled, the quickstart guide mentions only an unsecure HTTP GUI interface. Although the login page does make an effort to encrypt the password, it does so predictably and a replay attack is easily accomplished. Furthermore, the form prompting for a new password passes its data back in complete cleartext, although you can disable HTTP administration from within the GUI.
IDP and anti-virus is provided through an optional module that ships on a PC card, a clever idea to extend the modest processing capabilities of the system.
However, the chassis only has one slot, which can also be used for a wireless card, so you have to choose either IDP/AV or wireless. Plugging in the module did not result in any GUI feedback, and after downloading the initial signatures (none are bundled), we could not find any sign of success – a bit more feedback is needed.
The firewall works fine and includes some denial-of-service protection, but the system is quite sensitive: initial scans logged as "flood" attacks. If the unit is sitting on a DSL connecting in a branch office, this will happen a lot, but we were pleased to see the alert.
IPsec is provided and works fine with wizards to get VPNs configured. Class-based queues control bandwidth, and anti-spam and content filtering is included.
The unit can operate in transparent mode (as a filtering bridge) or as a router, and has very easy interfaces to switch configuration. LAN ports can also be very easily reassigned to a DMZ and servers configured – not complicated tasks, but we liked the easy GUI mechanisms to accomplish them.
Logging is simple and among the best we looked at. Logs can be periodically mailed or directed to a syslog server. Within the GUI, events can be narrowed down to specific types of incidents, and while no searching is provided, the product ships with ZyXEL’s Vantage reporting tool, which gathers syslog data then offers a graphical reporting frontend.
We did find some vulnerabilities during some of our more aggressive tests – simulating attacks from insiders against the admin interface – so this would need protection. Limit the IPs with access, for example.
ZyXEL is continuing to do what it does well: bundling good enterprise features into SME and branch office products at a very attractive price.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
