This is a lower version of ZyXEL 70. The functionalities and features are
same as that of ZyXEL 70, except that ZyXEL 35 can only handle lesser concurrent
connections. It is basically targeted to small business or SOHO networks. There
are two WAN and four LAN/DMZ ports, like ZyXEL 70 this also has one console port
and dial-up port for backup. Owing to its two WAN ports it can be used for
gateway or WAN link failover and load balancing. Having a dial-up backup port it
has an added advantage in case of a WAN link failure. Also, if both WAN ports go
down you are still left with an option of dialing in the device and configuring
bit. Like ZyXEL 70, this also has a turbo card and has optional support for
wireless network. Turbo card enables the anti-virus and anti-spam options on
this device. Configuration of this device was not so easy as compared to others.
One noticeable change seen compared to others is that in ZyXEL there was no
username field, you only have to provide the password to log into the web
interface. This appliance didn't have any setup wizard like the others, which
makes the device slightly difficult to configure as compared to others.
|
Tests and results
On the performance front the device performed same as that of ZyXEL 70. We
started the test by downloading viruses in a sequence over HTTP and FTP. To test
the anti-spam performance, we downloaded approximately 1000 spams from our mail
server. At the first attempt the quantity of spam detected was very less
compared to others. But after we enabled an option called 'Use external
Database,' the no. of spams increased.
For checking the performance of IDS/IPS of this device, we ran a couple of
vulnerability scans and the results were good. In our test with Nessus this UTM
performed well compared to others. The Nessus report showed zero warnings and
zero holes for this device. Then we tried to jam its LAN port by flooding the
device with five different clients from its private network. Internet access got
blocked and it was not able to detect and block the attack. We tested the device
for denial-of-service attack and for this we ran the test from the public
network and attacked its Public IP. The attack failed and the device kept
working without any errors or performance loss. We also ran a set of sniffing
attacks-the device was able to detect it, but was not able to detect the actual
source from where the attack was generating. And it was also not able to block
the attack.
Bottomline: Considering its features, it is good for SOHO users and is
perfect for the budget conscious buyers.