by April 14, 2006 0 comments

With every passing day the quantum and type of threats to
network security are increasing. Fighting them and keeping our enterprises
secure is becoming more and more difficult. As a result, today, in a standard
setup, we see different devices such as firewalls, VPN boxes, IPS/IDS systems,
spam filters and anti viruses. Now, imagine getting all the devices,
encapsulated in a nice metal casing. Your monitoring job will surely get reduced
by leaps and bounds. This small device from ZyXEL, ZyWall 35 UTM, does exactly
the same for you. Here, UTM stands for Unified Threat Management, and there are
quite a few appliances available in this device. The model which we reviewed
here is best suited for the small and mid sizednetworks, having up to 100 users.

Rs 46,000

Meant For:
Small businesses with less than 100 nodes

Key Specs:
All in one security solution with VPN, failsafe links and content filtering 

Easy to use web based interface, modular and supports wireless with an add on card

Can’t use antivirus and wireless devices at the same time 
Contact: TelExcel, Delhi.Phone : 26964070.E-mail :
mahendra@telexcell.comRQS# E55 or SMS 130455 to 9811800601

The device is packed inside a smart metal case that can
either sit on a desk or  be mounted on server racks. There are six
10/100Mbps Ethernet ports on the front. Two of these are for Internet
connectivity,  which can do automatic load balancing and failover. The
other four connect the device to the LAN, and can also be configured as
De-Militarized Zone (DMZ) interfaces where you can setup your web or mail
servers. On its back, you will see two serial ports. Both of them have different
usages. One is used for dialing a backup number  through a modem, in case
of a WAN failure. The other is a standard RS232 port, which can be used for
local console management. 

You also have a PC card slot at the back of the device.
This can be used for either plugging in a ZyXEL ZyAIR adapter to get wireless
connectivity (unfortunately other wireless cards aren’t supported) or
alternatively can be used for connecting the ZyWALL Turbo Card (which we
received with the box ) to add antivirus and intrusion detection/prevention
services to the base security options. Plug in the Turbo Card and you’ll get
access to the antivirus scanner, which is based on Kaspersky technology, and can
detect and block viruses before they get to LAN servers or individual desktops.
You also get an optional intrusion detection and prevention (IDP) filter, to
prevent worms, trojans, spyware and other application-level infections.

The appliance runs ZyXEL’s own ZyNOS secure operating
system (which is a customized Linux version). It also has some inbuilt security
tools. These start with an ICSA-certified stateful inspection firewall, plus a
VPN (Virtual Private Network) server offering IPSec security and tunneling with
options for DES, 3DES or AES encryption.

More impressive features are Content filtering, based on
Bluecoat technology, and Mailshell anti-spam filter. Mailshell can be configured
to work with most SMTP email servers and protect against spam attacks. ZyXEL
also counts the built-in WAN failover and dial backup options among the
eight-in-one security features.

For testing the product, we ran our standard firewall
testing tools which include Nessus and Firewalk. The device passed both the
tests without showing any available vulnerability. Then we tested the IDS/IPS
system of the device through a set of spoofing and sniffing tools such as
ettercap, dsniff, arpspoof, dnsspoof, dhcpspoof and mailsnarf. Surprisingly, the
device was able to capture all the attacks and notify us immediately. We also
tested the antivirus capability by trying to send some malicious network traffic
files from one machine to another. We used TrafficIQ Pro for sending those files
over the network. The device, again, detected the attacks quite efficiently. 

Bottom Line: With a sub Rs.50,000 price and a two year
warranty, this is a very good all in one product for small offices having less
than 100 nodes. 

Anindya Roy

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.