ZyXEL USG60 Performance Series Unified Security Gateway

BH #ZYUSG60 • MFR #USG60
ZyXEL
ZyXEL USG60 Performance Series Unified Security Gateway
Key Features
  • Supports 802.11b/g/n Standard Compliance
  • Unified Security Policy
  • Robust VPN
  • Fanless Design
The USG60 Performance Series Unified Security Gateway from ZyXEL is an all-in-one Next Generation Firewall (NGFW) designed to fulfill the Bring Your Own Device (BYOD) demands, application regulation, and budget control in small business environments. Its all-in-one design integrates everything that small businesses need, thus delivering an easy, centralized management and low Total Cost of Ownership (TCO). It features a robust fanless design to prevent dirt and dust from entering operating environments that can cause potentially catastrophic failures.

Application Intelligence technology enables businesses to block, throttle non-productive Web, applications, and also optimize Web applications that increase productivity. Content-filtering enables businesses to deny access to websites that are malicious or not business-related. Enabling antivirus, anti-spam, and intrusion prevention, business networks gain deep, extensive protection against all types of malware threats. Designed for businesses with limited IT resources, the USG helps you connect, protect, and manage with reduced complexity.
Special Order
Expected availability: 3-7 business days
$499.00
Sales and export of this item to China, Russia, and Venezuela are prohibited.
Boruch Berman, B&H Expert

True Know-How

Ask Our Experts

800.606.6969

ZyXEL USG60 Overview

  • 1Description
  • 2Single Point of Management
  • 3Security
  • 4Unified Security Policy
  • 5Antivirus
  • 6Anti-Spam
  • 7Robust VPN
  • 8Fanless
  • 9Integrated WLAN Controller
  • 10Intrusion Detection and Prevention
  • 11Content-Filtering
  • 12Dual-WAN and Mobile Broadband
  • 13VPN Application

The USG60 Performance Series Unified Security Gateway from ZyXEL is an all-in-one Next Generation Firewall (NGFW) designed to fulfill the Bring Your Own Device (BYOD) demands, application regulation, and budget control in small business environments. Its all-in-one design integrates everything that small businesses need, thus delivering an easy, centralized management and low Total Cost of Ownership (TCO). It features a robust fanless design to prevent dirt and dust from entering operating environments that can cause potentially catastrophic failures.

Application Intelligence technology enables businesses to block, throttle non-productive Web, applications, and also optimize Web applications that increase productivity. Content-filtering enables businesses to deny access to websites that are malicious or not business-related. Enabling antivirus, anti-spam, and intrusion prevention, business networks gain deep, extensive protection against all types of malware threats. Designed for businesses with limited IT resources, the USG helps you connect, protect, and manage with reduced complexity.

Single Point of Management

Designed for businesses with limited IT resources, the USG helps you connect, protect, and manage with reduced complexity. The unified security policy design offers easy, unified, and streamlined management of all the security features, while the integrated WLAN controller provides centralized management of up to 10 APs. All this is integrated into a single solution, making it easy for users to manage VPN, wireless and security all from one device.

Security

It delivers enterprise-grade Next Generation Firewall security. It also provides deep, extensive protection, and effective control of Web applications such as Facebook, Google Apps, and Netflix with such anti-malware protection mechanisms as firewall, antivirus, anti-spam, content filtering, IDP, and application intelligence.

Unified Security Policy

Unified security policy offers object-based management and a unified configuration interface for firewall and all security-related policies. You can easily apply all policy criteria to every UTM feature, reduce configuration time, and get streamlined policy management.

Antivirus

Powered by Kaspersky SafeStream II gateway antivirus, ZyXEL USGs provide comprehensive and real-time protection against malware threats before they enter the network. The gateway can identify and block over 650,000 viruses right at the gate and provide high-speed scanning with stream-based virus scanning technology.

Anti-Spam

With a cloud-based IP reputation system, ZyXEL anti-spam can deliver accurate, zero-hour spam outbreak protection by analyzing up to the minute sender reputation data from highly diverse traffic sources. It can detect spam outbreaks in the first few minutes of emergence regardless of spam language or format.

Robust VPN

The gateway supports high-throughput IPSec, L2TP over IPSec, and SSL VPN for a wide range of site-to-client and site-to-site VPN deployments. Reinforced with the advanced SHA-2 encryption, it provides secure VPN for business communications.

Fanless

It features a robust fanless design to prevent dirt and dust from entering operating environments that can cause potentially catastrophic failures. The fanless design offers zero-noise cooling and non-overheating features to ensure silent operation in small or quiet office environments.

Integrated WLAN Controller

The integrated WLAN controller supports CAPWAP, and enables centralized authentication and access management of multiple APs in the network. The USG can manage two APs by default, and up to ten APs with license upgrade.

Intrusion Detection and Prevention

ZyXEL's IDP system uses Deep Packet Inspection (DPI) technology that can scan multiple layers and protocols to inspect vulnerabilities invisible to simple port and protocol-based firewalls. The system eliminates false positives with a database of malware signatures and provides effective protection against intrusions from unknown back doors.

Content-Filtering

ZyXEL content-filtering helps screen access to websites that are not business related or malicious. With a massive, cloud-based database of over 140 billion URLs that are continuously analyzed and tracked, ZyXEL provides highly accurate, broad, and instant protection against malicious Web content.

Dual-WAN and Mobile Broadband

It provides high Internet uptime with dual-WAN and mobile broadband support. The dual-WAN works with two Ethernet WAN connections for active-active load balancing or active-passive failover. Comprehensive mobile broadband USB modems are also supported for WAN backup.

VPN Application

The branch offices, partners, and home users can deploy USG ZyWALLs for site-to-site IPSec VPN connections. Branch offices can additionally deploy IPSec VPN HA (load balancing and failover) for always online VPN connectivity. Remote users can securely access company resources with their computers or smartphones via SSL, IPSec, and L2TP over IPSec VPN. The headquarter USG/ZyWALL can also establish an IPSec VPN connection with Microsoft Azure for secured access to a variety of cloud-based applications.
UPC: 760559121501

ZyXEL USG60 Specs

Hardware
Ports4 x LAN/DMZ (RJ-45)
2 x WAN (RJ-45)
2 x USB
1 x Console (DB-9)
AP Controller Version1.0
Managed AP NumberDefault: 2
Maximum: 10
Power Input12 VDC, 3.0 A maximum
Power Consumption19.0 W maximum
CertificationsEMC: FCC Part 15 (Class B), CE EMC (Class B), C-Tick (Class B), and BSMI
Safety: LVD (EN60950-1), BSMI
MTBF815,463.9 hours
System Capacity and Performance
SPI Firewall Throughput1000 Mb/s
VPN Throughput180 Mb/s
IDP Throughput120 Mb/s
AV Throughput90 Mb/s
UTM Throughput (AV and IDP)90 Mb/s
Unlimited User LicensesYes
TCP Concurrent Sessions40,000 (maximum)
Concurrent IPsec VPN Tunnels20
New TCP Session Rate3,000
Concurrent SSL VPN Users12
SSL VPN User Number2
Customizable ZonesYes
IPv6 SupportYes
VLAN Interface16
Software
FirewallICSA-certified firewall (certification in progress)
Routing and transparent (bridge) modes
Stateful packet inspection
User-aware policy enforcement
SIP/H.323 NAT traversal
ALG support for customized ports
Protocol anomaly detection and protection
Traffic anomaly detection and protection
Flooding detection and protection
DoS/DDoS protection
IPv6 SupportIPv6 Ready gold logo (certification in progress)
Dual stack
IPv4 tunneling (6rd and 6 to 4 transition tunnel)
IPv6 addressing
DNS
DHCPv6
Bridge
VLAN
PPPoE
Static routing
Policy routing
Session control
Firewall and ADP
IPSec VPN
Intrusion Detection and Prevention (IDP)
Application intelligence and optimization
Content filtering
Anti-virus, anti-malware
Anti-spam
IPsec VPNICSA-certified IPSec VPN (certification in progress)
Encryption: AES (256-bit), 3DES and DES
Authentication: SHA-2 (512-bit), SHA-1 and MD5
Key management: manual key, IKEv1 and IKEv2 with EAP
Perfect forward secrecy (DH groups) support 1, 2, 5
IPSec NAT traversal
Dead peer detection and relay detection
PKI (X.509) certificate support
VPN concentrator
Simple wizard support
VPN auto-reconnection
VPN High Availability (HA): Load-balancing and failover
L2TP over IPSec
GRE and GRE over IPSec
NAT over IPSec
ZyXEL VPN client provisioning
SSL VPN ThroughputSupports Windows and Mac OS X
Supports full tunnel mode
Supports 2-step authentication
Customizable user portal
Intrusion Detection and PreventionRouting and transparent (bridge) mode
Signature-based and behavior-based scanning
Automatic signature updates
Customizable protection profile
Customized signatures supported
Unified Security PolicyUnified policy management interface
Supported UTM features: anti-virus, antispam, IDP, content filtering, application intelligence, firewall (ACL)
3-Tier Configuration: Object-based, profile based, policy-based
Policy Criteria: Zone, source, and destination IP address, user, time
WLAN ManagementZyXEL AP Controller (APC) 1.0 compliant
Client RSSI threshold to prevent sticky clients
IEEE 802.1x authentication
Captive portal Web authentication
Customizable captive portal page
RADIUS authentication
Wi-Fi Multimedia (WMM) wireless QoS
CAPWAP discovery protocol
Mobile BroadbandWAN connection failover via 3G and 4G* USB modems
Auto fallback when primary WAN recovers
NetworkingRouting mode, bridge mode, and hybrid mode
Ethernet and PPPoE
NAT and PAT
VLAN tagging (802.1Q)
Virtual interface (alias interface)
Policy-based routing (user-aware)
Policy-based NAT (SNAT)
Dynamic routing (RIPv1/v2 and OSPF)
DHCP client/server/relay
Dynamic DNS support
WLAN trunk for more than 2 ports
Per host session limit
Guaranteed bandwidth
Maximum bandwidth
Priority-bandwidth utilization
Bandwidth limit per user
Bandwidth limit per IP
AuthenticationLocal user database
Microsoft Windows Active Directory integration
External LDAP/RADIUS user database
XAUTH, IKEv2 with EAP VPN authentication
Web-based authentication
Forced user authentication (transparent authentication)
IP-MAC address binding
SSO (Single Sign-On) support
System ManagementRole-based administration
Multiple administrator logins
Multi-lingual Web GUI (HTTPS and HTTP)
Command line interface (console, Web console, SSH, and TELNET)
SNMP v2c (MIB-II)
System configuration rollback
Firmware upgrade via FTP, FTP-TLS, and Web GUI
Dual firmware images
Logging and MonitoringComprehensive local logging
Syslog (to up to 4 servers)
Email alerts (to up to 2 servers)
Real-time traffic monitoring
Built-in daily report
Advanced reporting with Vantage Report
VPN, Management and ReportingManaged APs: Add 8 APs
SecuExtender SSL VPN Client: Add 5 clients
IPSec VPN Client: For 1/5/10/50 clients
Vantage Report: For 1/5/25/100 devices
AntivirusSupports Kaspersky anti-virus signatures
Identifies and blocks over 650,000 viruses
Stream-based anti-virus engine
HTTP, FTP, SMTP, POP3 and IMAP4 protocol support
Automatic signature updates
No file size limitation
Anti-SpamTransparent mail interception via SMTP and POP3 protocols
Configurable POP3 and SMTP ports
Sender-based IP reputation filter
Recurrent Pattern Detection (RPD) technology
Zero-hour virus outbreak protection
X-Header support
Blacklist and whitelist support
Supports DNSBL checking
Spam tag support
Statistics report
Content FilteringSocial media filtering
Malicious Website filtering
URL blocking and keyword blocking
Blacklist and whitelist support
Blocks java applets, cookies and ActiveX
Dynamic, cloud-based URL filtering database
Unlimited user license support
Customizable warning messages and redirection URL
License Information
AntivirusKaspersky: 1-year
Application Intelligence and IDP1-year
Content Filtering1-year
Anti-Spam1-year
General
CompatibilityAccess Point
NWA5120 Series (Unified Access Point)
NWA5121-NI
NWA5121-N
NWA5123-NI

NWA5000 Series (Managed Access Point)
NWA5160N
NWA5560-N
NWA5550-N

NWA3000-N Series (Unified Pro Access Point)
NWA3160-N
NWA3560-N
NWA3550-N
Functions central management, auto provisioning, and local bridge data forwarding
Operating Temperature32 to 104°F (0 to 40°C)
Storage Temperature-22 to +158°F (-30 to +70°C)
Operating Humidity10 to 90% (non-condensing)
Storage Humidity10 to 90% (non-condensing)
Dimensions (W x H x D)9.53 x 6.89 x 1.42" (242.00 x 36.00 x 175.00 mm)
Weight2.76 lb (1.25 kg)
Packaging Info
Package Weight5.2 lb
Box Dimensions (LxWxH)15.5 x 9.6 x 4.1"
See any errors on this page? Let us know

YOUR RECENTLY VIEWED ITEMS

Browsing History

Close

Close

Close