HomeComputersNetworkingWired NetworkingFirewalls & Security DevicesZyXEL USG40W

ZyXEL USG40W Performance Series Unified Security Gateway

Name: ZyXEL USG40W Performance Series Unified Security Gateway
Brand: ZyXEL
SKU: ZYUSG40W
Price: 399.95 USD

BH #ZYUSG40W • MFR #USG40W

ZyXEL USG40W Performance Series Unified Security Gateway

Key Features

Built-In Single/Dual-Radio Wireless AP
802.11b/g/n Standards Compliant
Unified Security Policy
Robust VPN

The USG40W Performance Series Unified Security Gateway from ZyXEL is an all-in-one Next Generation Firewall (NGFW) designed to fulfill the Bring Your Own Device (BYOD) demands, application regulation, and budget control in small business environments. Built with single-radio and dual-radio wireless access points, the USG40W is suitable for retail and office environments. The built-in WLAN controller offers instant wireless hotspot capability and future WLAN scalability. The all-in-one design integrates everything that small businesses need, thus delivering easy, centralized management and low Total Cost of Ownership (TCO). Designed for businesses with limited IT resources, the USG helps you connect, protect, and manage with reduced complexity.

More Details

Special Order

Expected availability: 3-7 business days

$399.95

True Know-How

Ask Our Experts

800.606.6969

ZyXEL USG40W Overview

1Description
2Built-In Single-Radio and Dual-Radio Wireless Access Points
3Single Point of Management
4Security
5Unified Security Policy
6Antivirus
7Anti-Spam
8Robust VPN
9Fanless
10Integrated WLAN Controller
11Intrusion Detection and Prevention
12Content Filtering
13Dual-WAN and Mobile Broadband
14VPN Application

Enabling antivirus, anti-spam, and intrusion prevention, business networks gain deep, extensive protection against all types of malware threats. Content filtering enables businesses to deny access to websites that are malicious or not business-related. Application Intelligence technology enables businesses to block, throttle non-productive Web, applications, and also optimize Web applications that increase productivity.

It features a robust fanless design to prevent dirt and dust from entering operating environments that can cause potentially catastrophic failures. The integrated WLAN controller supports CAPWAP, and enables centralized authentication and access management of multiple APs in the network. ZyXEL's IDP system uses Deep Packet Inspection (DPI) technology that can scan multiple layers and protocols to inspect vulnerabilities invisible to simple port and protocol-based firewalls. The dual-WAN and mobile broadband provides high Internet uptime with dual-WAN and mobile broadband support.

Built-In Single-Radio and Dual-Radio Wireless Access Points

It features built-in single-radio and dual-radio wireless access points that provides Wi-Fi for small offices straight out of the box. With an integrated WLAN controller, the USG enables businesses to easily provide Wi-Fi in multiple other areas such as reception areas and meeting rooms when Wi-Fi demand grows.

Single Point of Management

Designed for businesses with limited IT resources, the USG helps you connect, protect, and manage with reduced complexity. The unified security policy design offers easy, unified, and streamlined management of all the security features, while the integrated WLAN controller provides centralized management of up to 10 APs. All this is integrated into a single solution, making it easy for users to manage VPN, wireless and security all from one device.

Security

It delivers enterprise-grade Next Generation Firewall security. It also provides deep, extensive protection, and effective control of Web applications such as Facebook, Google Apps, and Netflix with such anti-malware protection mechanisms as firewall, antivirus, anti-spam, content filtering, IDP, and application intelligence.

Unified Security Policy

Unified security policy offers object-based management and a unified configuration interface for firewall and all security-related policies. You can easily apply all policy criteria to every UTM feature, reduce configuration time, and get streamlined policy management.

Antivirus

Powered by Kaspersky SafeStream II gateway antivirus, ZyXEL USGs provide comprehensive and real-time protection against malware threats before they enter the network. The gateway can identify and block over 650,000 viruses right at the gate and provide high-speed scanning with stream-based virus scanning technology.

Anti-Spam

With a cloud-based IP reputation system, ZyXEL anti-spam can deliver accurate, zero-hour spam outbreak protection by analyzing up to the minute sender reputation data from highly diverse traffic sources. It can detect spam outbreaks in the first few minutes of emergence regardless of spam language or format.

Robust VPN

The gateway supports high-throughput IPSec, L2TP over IPSec, and SSL VPN for a wide range of site-to-client and site-to-site VPN deployments. Reinforced with the advanced SHA-2 encryption, it provides secure VPN for business communications.

Fanless

It features a robust fanless design to prevent dirt and dust from entering operating environments that can cause potentially catastrophic failures. The fanless design offers zero-noise cooling and non-overheating features to ensure silent operation in small or quiet office environments.

Integrated WLAN Controller

The integrated WLAN controller supports CAPWAP, and enables centralized authentication and access management of multiple APs in the network. The USG can manage two APs by default, and up to ten APs with license upgrade.

Intrusion Detection and Prevention

ZyXEL's IDP system uses Deep Packet Inspection (DPI) technology that can scan multiple layers and protocols to inspect vulnerabilities invisible to simple port and protocol-based firewalls. The system eliminates false positives with a database of malware signatures and provides effective protection against intrusions from unknown back doors.

Content Filtering

ZyXEL content filtering helps screen access to websites that are not business related or malicious. With a massive, cloud-based database of over 140 billion URLs that are continuously analyzed and tracked, ZyXEL provides highly accurate, broad, and instant protection against malicious Web content.

Dual-WAN and Mobile Broadband

It provides high Internet uptime with dual-WAN and mobile broadband support. The dual-WAN works with two Ethernet WAN connections for active-active load balancing or active-passive failover. Comprehensive mobile broadband USB modems are also supported for WAN backup.

VPN Application

The branch offices, partners, and home users can deploy USG ZyWALLs for site-to-site IPSec VPN connections. Branch offices can additionally deploy IPSec VPN HA (load balancing and failover) for always online VPN connectivity. Remote users can securely access company resources with their computers or smartphones via SSL, IPSec, and L2TP over IPSec VPN. The headquarter USG/ZyWALL can also establish an IPSec VPN connection with Microsoft Azure for secured access to a variety of cloud-based applications.

UPC: 760559121495

ZyXEL USG40W Specs

Hardware

Ports	3 x LAN/DMZ (RJ-45) 1 x WAN (RJ-45) 1 x OPT (RJ-45) 1 x USB 1 x Console
AP Controller Version	1.0
Managed AP Number	Default: 2 Maximum: 10
Power Input	12 VDC, 2.0 A maximum
Power Consumption	17.0 W maximum
Certifications	EMC: FCC Part 15 (Class B), CE EMC (Class B), C-Tick (Class B), and BSMI Safety: LVD (EN60950-1), BSMI
MTBF	386,931.7 hours

Wireless Specifications

Standard Compliance	802.11b/g/n
Wireless Frequency	2.4 GHz
Radio	1
SSID	8
Transmit Power	US (FCC) 2.4 GHz: 24.3 dBm, 2 x antennas EU (ETSI) 2.4 GHz: 17 dBm, 2 x antennas
Number of Antennas	2.4 GHz: 2T2R MIMO (detachable, SMA-R)
Antenna Gain	3 dBi
Data Rate	802.11 b/g: 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, and 54 Mb/s 802.11n: Up to 300 Mb/s in MCS15 (40 MHz; GI = 400 ns)
Receive Sensitivity	2.4 GHz: 11 Mb/s ≤ -87 dBm 54 Mb/s ≤ -77 dBm HT20, MCS15 ≤ -71 dBm HT40, MCS15 ≤ -68 dBm

System Capacity and Performance

SPI Firewall Throughput	400 Mb/s
VPN Throughput	100 Mb/s
IDP Throughput	55 Mb/s
AV Throughput	50 Mb/s
UTM Throughput (AV and IDP)	50 Mb/s
Unlimited User Licenses	Yes
TCP Concurrent Sessions	20,000 maximum
Concurrent IPsec VPN Tunnels	10
New TCP Session Rate	3,000
Concurrent SSL VPN Users	7
SSL VPN User Number	2
Customizable Zones	Yes
IPv6 Support	Yes
VLAN Interface	8

Software

Firewall	ICSA-certified firewall (certification in progress) Routing and transparent (bridge) modes Stateful packet inspection User-aware policy enforcement SIP/H.323 NAT traversal ALG support for customized ports Protocol anomaly detection and protection Traffic anomaly detection and protection Flooding detection and protection DoS/DDoS protection
IPv6 Support	IPv6 Ready gold logo (certification in progress) Dual stack IPv4 tunneling (6rd and 6 to 4 transition tunnel) IPv6 addressing DNS DHCPv6 Bridge VLAN PPPoE Static routing Policy routing Session control Firewall and ADP IPSec VPN Intrusion Detection and Prevention (IDP) Application intelligence and optimization Content filtering Anti-virus, anti-malware Anti-spam
IPsec VPN	ICSA-certified IPSec VPN (certification in progress) Encryption: AES (256-bit), 3DES and DES Authentication: SHA-2 (512-bit), SHA-1 and MD5 Key management: manual key, IKEv1 and IKEv2 with EAP Perfect forward secrecy (DH groups) support 1, 2, 5 IPSec NAT traversal Dead peer detection and relay detection PKI (X.509) certificate support VPN concentrator Simple wizard support VPN auto-reconnection VPN High Availability (HA): Load-balancing and failover L2TP over IPSec GRE and GRE over IPSec NAT over IPSec ZyXEL VPN client provisioning
SSL VPN Throughput	Supports Windows and Mac OS X Supports full tunnel mode Supports 2-step authentication Customizable user portal
Intrusion Detection and Prevention	Routing and transparent (bridge) mode Signature-based and behavior-based scanning Automatic signature updates Customizable protection profile Customized signatures supported
Unified Security Policy	Unified policy management interface Supported UTM features: anti-virus, antispam, IDP, content filtering, application intelligence, firewall (ACL) 3-Tier Configuration: Object-based, profile based, policy-based Policy Criteria: Zone, source, and destination IP address, user, time
WLAN Management	ZyXEL AP Controller (APC) 1.0 compliant Client RSSI threshold to prevent sticky clients IEEE 802.1x authentication Captive portal Web authentication Customizable captive portal page RADIUS authentication Wi-Fi Multimedia (WMM) wireless QoS CAPWAP discovery protocol
Mobile Broadband	WAN connection failover via 3G and 4G* USB modems Auto fallback when primary WAN recovers
Networking	Routing mode, bridge mode, and hybrid mode Ethernet and PPPoE NAT and PAT VLAN tagging (802.1Q) Virtual interface (alias interface) Policy-based routing (user-aware) Policy-based NAT (SNAT) Dynamic routing (RIPv1/v2 and OSPF) DHCP client/server/relay Dynamic DNS support WLAN trunk for more than 2 ports Per host session limit Guaranteed bandwidth Maximum bandwidth Priority-bandwidth utilization Bandwidth limit per user Bandwidth limit per IP
Authentication	Local user database Microsoft Windows Active Directory integration External LDAP/RADIUS user database XAUTH, IKEv2 with EAP VPN authentication Web-based authentication Forced user authentication (transparent authentication) IP-MAC address binding SSO (Single Sign-On) support
System Management	Role-based administration Multiple administrator logins Multi-lingual Web GUI (HTTPS and HTTP) Command line interface (console, Web console, SSH, and TELNET) SNMP v2c (MIB-II) System configuration rollback Firmware upgrade via FTP, FTP-TLS, and Web GUI Dual firmware images
Logging and Monitoring	Comprehensive local logging Syslog (to up to 4 servers) Email alerts (to up to 2 servers) Real-time traffic monitoring Built-in daily report Advanced reporting with Vantage Report
VPN, Management and Reporting	Managed APs: Add 8 APs SecuExtender SSL VPN Client: Add 5 clients IPSec VPN Client: For 1/5/10/50 clients Vantage Report: For 1/5/25/100 devices

License Information

Antivirus	Kaspersky: 2-year
Application Intelligence and IDP	2-year
Content Filtering	1-year
Anti-Spam	2-year

General

Compatibility	Access Point NWA5120 Series (Unified Access Point) NWA5121-NI NWA5121-N NWA5123-NI NWA5000 Series (Managed Access Point) NWA5160N NWA5560-N NWA5550-N NWA3000-N Series (Unified Pro Access Point) NWA3160-N NWA3560-N NWA3550-N Functions central management, auto provisioning, and local bridge data forwarding
Operating Temperature	32 to 104°F (0 to 40°C)
Storage Temperature	-22 to +158°F (-30 to +70°C)
Operating Humidity	10 to 90% (non-condensing)
Storage Humidity	10 to 90% (non-condensing)
Dimensions (W x H x D)	8.50 x 1.30 x 5.63" (216.00 x 33.00 x 143.00 mm)
Weight	1.63 lb (3.59 kg)

Packaging Info

Package Weight	3.75 lb
Box Dimensions (LxWxH)	14.9 x 8.6 x 3"

See any errors on this page? Let us know

YOUR RECENTLY VIEWED ITEMS

Browsing History