Petr Koudelka Security product manager

Petr Koudelka Security product manager

Rozdě Rozdělení lení produktů produktů dle uřč uřčen řčení ení Enterprise

ZyWALL Target Market

500+ users

Mid-Large

ZyWALL USG 1000

(100-500 users)

ZyWALL USG 300

SMB (50-100 users)

ZyWALL 35 UTM

SB

ZyWALL 5 UTM

(<50 users)

ZyWALL 2WG

SOHO ZyWALL 2 Plus

ZyWALL P1

Produkty nejsou omezeny na počet připojených PC, ale musí být dle počtu zařízení pouze výkonově dimenzované !!!

ZyWALL P1 Panel LEDs:

129mm

PWR: Power status WAN: WAN status VPN: VPN status Managed: Vantage CNM status LAN: LAN status

Interface: Reset: Reset button WAN Port : 10/100 Auto Sensing LAN Port : 10/100 Auto Sensing USB Port : Powered by USB Power: 12VDC Switching type

16mm

81mm

Personal Firewall + 1 VPN, Powered by USB or power supply, WAN and LAN 10/100 Ethernet

91-009-018001B

iCard, 1-year AV+ IDP for P1

91-995-028001B

iCard, 2-year AV+ IDP for P1

91-995-094001B

ZyWALL 2 Plus

LEDs:

Interface:

• PWR,

• Console: RS-232 on RJ-45 Port,

• ACT,

• Dial Backup: RS-232 on RJ-45 Null Modem Port,

• 4-Ports LAN,

• 4-ports LAN/DMZ: 10/100M auto MDI/MDIX

• WAN

• WAN: 10/100M auto MDI/MDIX

Firewall + 5 IPSec VPN, WAN, 4-port 10/100 Ethernet

91-009-029001B

iCard, 1year Content Filter Silver

91-995-003002G

ZyWALL 2WG Interface

LEDs: PWR, LAN/DMZ, WAN, AUX, WLAN CARD (3G Extension Card Slot)

Interface: WAN: 10/100 Auto MDI/MDIX 4-port LAN/DMZ switch: 10/100 Auto MDI/MDIX, configurable as LAN or DMZ WLAN, AUX, Console, Extension slot

ZyWALL 2 WG

Firewall + 5 IPSec VPN, WAN, 4-port 10/100 Ethernet, WLAN 802.11 a/b/g, extension slot "3G/GPRS"

iCard, 1year Content Filter

iCard, 1year Content Filter 2WG

91-009-035001B

91-995-045001B

Plá Plán podpory 3G karet

POZOR podporu vždy ověřte s danou verzí firmware a zařízením 4.04(AQI.1) Sierra Wireless AC580 AC595 AC850 AC860 AC875 AC880 AC881 Novatel PC720 EX720 (express) U740 Huawei EC321 EC360 EC500 E612 E620 E630 Option GT HSDPA 7.2 Ready GT Max 3.6

ZyWALL 5 UTM LEDs:

Interface:

PWR SYS ACT (Status of Dial Backup Function) CARD (Status of Extension Card Slot)

WAN: 10/100 Auto MDI/MDIX 4-port LAN/DMZ switch: 10/100 Auto MDI/MDIX, configurable as LAN or DMZ

Dial-Backup: RS-232 M

Console: RS-232 F

Extension Card Slot: ZyWALL TURBO Card *: ZyWALL Turbo – AV+IDP Accelerator

ZyWALL 5

Firewall + 10 IPSec VPN, WAN, 4port 10/100 Ethernet, extension slot "WiFi, GPRS/3G, Turbo card"

91-009-014001B

ZyWALL 5 UTM

ZyWALL 5*1, Turbo*1, 3 + 12 months AV/IDP license

91-009-014011B

ZyWALL Turbo suite 1 Silver

ZyWALL Turbo suite incl. turbo card, 1year AV+ IDP silver for ZyWALL 5

91-995-004005B

ZyWALL Turbo suite 2 Silver

ZyWALL Turbo suite incl.turbo card, 2year AV+ IDP silver for ZyWALL 5

91-995-005005B

iCard, 1-year AV+ IDP Silver

iCard, 1-year AV+ IDP Silver for ZyWALL 5

91-995-004002G

iCard, 2-year AV+ IDP Silver

iCard, 2-year AV+ IDP Silver for ZyWALL 5

91-995-046001B

iCard, 1-year Anti-Spam Silver

iCard, 1-year Anti-Spam license Silver for ZyWALL 5

91-995-006002G

iCard, 2-year Anti-Spam Silver

iCard, 2-year Anti-Spam license Silver for ZyWALL 5

91-995-007002G

iCard, 1year Content Filter Silver

Content filtering - ZyWALL 2plus/5

91-995-003002G

Plá Plán podpory 3G karet

POZOR podporu vždy ověřte s danou verzí firmware a zařízením 4.04(XD.0) Sierra Wireless AC595 AC850 AC860 AC875 Huawei E612 E620 Option GT HSDPA 7.2 Ready

ZyWALL 35 UTM LEDs:

Interface:

PWR SYS ACT (Status of Dial Backup Function) CARD (Status of Extension Card Slot)

WAN 1, WAN 2 : 10/100 Auto MDI/MDIX 4-port LAN/DMZ switch : 10/100 Auto MDI/MDIX, configurable as LAN or DMZ

Dial-Backup: RS-232 M

Console: RS-232 F

Extension Card Slot: ZyWALL TURBO Card *: ZyWALL Turbo - SMART Accelerator

ZyWALL 35

Firewall + 35 IPSec VPN, 2-port WAN, 4-port 10/100 Ethernet, extension slot "WiFi, Turbo card"

91-009-010001B

ZyWALL 35 UTM

ZyWALL 35*1, Turbo*1, 3+12 months AV/IDP license

91-009-010011B

ZyWALL Turbo suite 1 Gold

ZyWALL Turbo suite incl. turbo card, 1year AV+ IDP gold for ZyWALLs 35/70

91-995-004004B

ZyWALL Turbo suite 2 Gold

ZyWALL Turbo suite incl.turbo card, 2year AV+ IDP gold for ZyWALLs 35/70

91-995-005004B

iCard, 1-year AV+ IDP Gold

iCard, 1-year AV+ IDP Gold for ZyWALLs 35/70

91-995-040001B

iCard, 2-year AV+ IDP Gold

iCard, 2-year AV+ IDP Gold for ZyWALLs 35/70

91-995-036001B

iCard, 1-year Anti-Spam Gold

iCard, 1-year Anti-Spam license Gold for ZyWALLs 35/70

91-995-041001B

iCard, 2-year Anti-Spam Gold

iCard, 2-year Anti-Spam license Gold for ZyWALLs 35/70

91-995-035001B

iCard, 1year Content Filter Gold

Content filtering - ZyWALLs 35/70

91-995-033001B

ZyWALL USG 300 LEDs:

Interface:

PWR SYS AUX (status of Dial Backup/Dial-In) CARD1 (status of Extension Card Slot1) CARD2 (status of Extension Card Slot2)

(7) Gigabit Ethernet: 10/100/1000, Configurable Port Role (2) USB: 2.0, for printer, storage…etc

Extension Card Slot: Future Upgrade 1. 3G Cellular Card 2. WLAN Card

Interface: Dial-Backup/Dial-In OOB: DB-9 M Console: DB-9 F

Power: 100~240VAC

ZyWALL USG 300

Firewall + 200 VPN L2TP/IPSec, up to 10 SSL, 7 Gbps multiple WAN,LAN,DMZ ports, expansion

91-009-034001B

slot iCard, 1-year CF ZyWALL USG 300

iCard 1-year Content filtering for ZYWALL USG 300

91-995-084001B

iCard, 2-years CF ZyWALL USG 300

iCard 2-years Content filtering for ZYWALL USG 300

91-995-085001B

iCard, 1-year AV ZyWALL USG 300

iCard, 1-year AV Kaspersky ZyWALL USG 300

91-995-080001B

iCard, 2-years AV ZyWALL USG 300

iCard, 2-years AV Kaspersky ZyWALL USG 300

91-995-081001B

iCard, 1-year IDP ZyWALL USG 300

iCard, 1-year IDP ZyWALL USG 300

91-995-082001B

iCard, 2-years IDP ZyWALL USG 300

iCard, 2-years IDP ZyWALL USG 300

91-995-083001B

iCard SSL VPN 2 TO 10 TUNNELS ZYWALL USG 300

iCard 2 to 10 SSL VPN tunnels for ZyWALL USG 300

91-995-079001B

ZyWALL USG 1000 LEDs: PWR SYS ACT (Status of Dial Backup) HDD (Status of HDD Slot)

Interface: Gigabit Port: 5 gigabit ports USB: 2 USB ports (future enhancement) Extension Card Slot (future enhancement) Dial-Backup: RS-232M, Console: RS-232F HDD Slot (future enhancement)

System FAN: 4 Fans

Power FAN

Power: 100~240VAC

ZyWALL USG 1000

Firewall + 1000 L2TP/IPSec VPN, up to 50 SSL, 5 Gbps multiple WAN, LAN, DMZ ports, extension slot

91-009-052001B

iCard, 1-year CF ZyWALL USG 1000

iCard 1-year Content filtering for ZYWALL USG 1000

91-995-072001B

iCard, 2-years CF ZyWALL USG 1000

iCard 2-years Content filtering for ZYWALL USG 1000

91-995-073001B

iCard, 1-year AV ZyWALL USG 1000

iCard, 1-year AV Kaspersky ZyWALL USG 1000

91-995-078001B

iCard, 2-years AV ZyWALL USG 1000

iCard, 2-years AV Kaspersky ZyWALL USG 1000

91-995-093001B

iCard, 1-year IDP ZyWALL USG 1000

iCard, 1-year IDP ZyWALL USG 1000

91-995-076001B

iCard, 2-years IDP ZyWALL USG 1000

iCard, 2-years IDP ZyWALL USG 1000

91-995-077001B

iCard SSL VPN 5 TO 25 TUNNELS ZYWALL USG 1000

iCard 5 to 25 SSL VPN tunnels for ZyWALL USG 1000

91-995-075001B

iCard SSL VPN 5 TO 50 TUNNELS ZYWALL USG 1000

iCard 5 to 50 SSL VPN tunnels for ZyWALL USG 1000

91-995-092001B

iCard SSL VPN 25 TO 50 TUNNELS ZYWALL USG 1000

iCard 25 to 50 SSL VPN tunnels for ZyWALL USG 1000

91-995-074001B

ZyWALL SSL 10

LEDs: PWR SYS

RS-232

Interface: WAN : 10/100 Auto MDI/MDIX 4x LAN: 10/100 Auto MDI/MDIX

ZyWALL SSL 10

Firewall + 10 VPN SSL tunnels

91-009-033001B

Upgrade for SSL 10

iCard, SSL VPN, for ZyWALL SSL10, 10 to 25 tunnel

91-995-031001B

ZyWALL OTP (One-Time Password)
ZyWALL OTP Starter Kit •

Obsahuje 2 tokeny a 1 CD (ZyXEL/Authenex Server Software)

•

Designováno pro nové nebo malé zákazníky


ZyWALL OTP 5U •

Obsahuje 5 tokenů a 1 CD (ZyXEL/Authenex Server Software)

•

Designováno pro zákazníka, který má již starter kit a potřebuje více tokenů pro uživatele


ZyWALL OTP 10U •

Obsahuje 10 tokenů a 1 CD (ZyXEL/Authenex Server Software)

•

Designováno pro zákazníka, který má již starter kit a potřebuje více tokenů pro uživatele

ZyWALL OTP Starter Kit

2 tokens for new/potential customers to test and use

91-009-044001B

ZyWALL OTP 5U

5 tokens to those who need more tokens for more users

91-009-044002B

ZyWALL OTP 10U

10 tokens to those who need more tokens for more users

91-009-044003B

ZyWALL IPSec client Specification: Encryption DES, 3DES, and AES Hash Algorithms HMAC-MD5, HMAC-SHA-1, Diffie Hellman Group Support DH1, 2, 5, 14 Authentication Mechanisms Preshared keys, X.509, X-Auth, SmartCard&Token Key Management IKE (Internet Key Exchange), ISAKMP IPSec Modes AH, ESP, Main, Aggressive, Tunnel, Transport System Requirements Disk Space - 5 MB Windows XP, Winsows Vista 32 bit

ZyWALL IPSec VPN Client

ZyWALL IPSec VPN Client - 1 Pack, GreenBow, Windows XP, Vista 32

91-996-031001B

Vantage CNM Centralized Network Management Specification Server CPU: Intel P4 2,8 GHz or higher Memory: 2GB or higher Hard Disk: 80 GB - 250 GB or higher Client CPU: Intel P3 450 MHz or higher Memory: 256MB or higher Server Operating System: Windows XP Pro (SP1/SP2) / Windows 2000 Server (SP4) / Windows 2003 Server (SP1), Windows Vista 32 bit English version Client JRE (Java Run-time Environment) version 1.5.x and high

Disable Pop-up blocker Microsoft Internet Explore 6.0/7.0 Firefox 1.5 or higher on Microsoft SVGA resolution (1024x768), 1280 x recommended

Vantage CNM - 10

Centralized Network Management 10 device access (Windows)

91-996-049001B

Vantage CNM – 25

Centralized Network Management 25 device access (Windows)

91-996-050001B

Vantage CNM – 50

Centralized Network Management 50 device access (Windows)

91-996-051001B

Vantage CNM - 100

Centralized Network Management 100 device access (Windows)

91-996-052001B

Vantage CNM - 300

Centralized Network Management 300 device access (Windows)

91-996-053001B

Vantage CNM - 1000

Centralized Network Management 1000 device access (Windows)

91-996-054001B

• CNM obsahuje integrovanou verzi VRPT dle licence na CNM • Kooperace CNM a samostatného VRPT na stejném PC není možná • Upgrade z verze niž nižší na verzi vyšší vyšší je zdarma • Registrace se provádí na MAC adresu síťové karty PC, na který je software instalován • Licenci lze kdykoliv převést na jinou MAC adresu jiného PC • Registrované Registrované licence se sč sčítají tají: 10+25+50=85 licencí licencí

Support list based on software CNM 3.0.00.61.00

Vantage Reporter System Specification: Server:Windows XP/2000/2003 Server,Windows Vista 32 bit

Client:Browser: Microsoft IE 6.0 or later. Mozilla 1.7.12 or later, Friefox 1.0.7 or later on Microsoft. Screen resolution supported: 1024*768 Flash Player 7.0 and above Server: Number of devices CPU SPEC Memory HDD <5 Intel P4 2.6G or better 1G 10 GB < 50 Intel P4 2.6G or better 1G 2*devices 50~100 Intel P4 3.2G+ or better 1G 2*devices Client CPU: Intel P3 450 MHz or better Velikost jednoho logu je 300 bajtů. Note: Server can handle <=1500 logs/sec

VANTAGE REPORT 1DEVICE

VANTAGE REPORT 1DEVICE

91-996-029001B

VANTAGE REPORT 5 DEVICES

VANTAGE REPORT 5 DEVICES

91-996-036001B

VANTAGE REPORT 25 DEVICES

VANTAGE REPORT 25 DEVICES

91-996-037001B

VANTAGE REPORT 100 DEVICES

VANTAGE REPORT 100 DEVICES

91-996-040001B

• Upgrade z verze niž nižší na verzi vyšší vyšší je zdarma • Registrace se provádí na MAC adresu síťové karty PC, na který je software instalován • Licenci lze kdykoliv převést na jinou MAC adresu jiného PC • Registrované Registrované licence se sč sčítají tají: 1+5 1+5+25+=31 licencí licencí

Technické informace ZyWALL P1

ZyWALL 2Plus

ZyWALL 2WG

ZyWALL 5 UTM

ZyWALL 35 UTM

ZyWALL 70 UTM

ZyWALL USG 300

ZyWALL USG 1000

How many users can use device ?

1

<10

<15

<25

<100

<200

<300

<500

Firewall Troughput

80 Mbps

24 Mbps

24 Mbps

50 Mbps

60 Mbps

75 Mbps

200 Mbps

350 Mbps

VPN 3DES/AES Troughput

30 Mbps

24 Mbps

24 Mbps

25 Mbps

30 Mbps

40 Mbps

100 Mbps

150 Mbps

5 Mbps

-

-

12 Mbps

14 Mbps

18 Mbps

48 Mbps

100 Mbps AV+IDP+FW

Model Name Performance

UTM Throughput (AV+IDP+Firewall) User Licenses

NO

VLAN Tagging 802.1q

-

x

DoS/DDoS Protection

x

IDP

x

-

-

x

Anti-Spam

-

-

-

x

-

Anti-Virus

x

-

-

x

x

Content Filter

-

Concurrent Sessions

1500

3000

3000

Up to simultaneous IPSec VPN connections

1

5

5

x 6000 UTM 4000

10

10000

10000

60000

200000

35

100

200

1000

Model Name

ZyWALL P1

ZyWALL 2Plus

ZyWALL 2WG

ZyWALL 5 UTM

ZyWALL 35 UTM

ZyWALL 70 UTM

ZyWALL USG 300

ZyWALL USG 1000

Up to simultaneous L2TP IPSec VPN connections

-

200

1000

Up to simultaneous SSL VPN connections

-

10

50

7X 10/100/1000 Mbps, 2xUSB

5X 10/100/1000 Mbps, 2xUSB

x

VPN HA Physical Specification Ports (10/100 Mbps Auto sensing & MDI/MDIX)

1xLAN , 1xWAN, 1xUSB

Redundancy

4xLAN/DMZ , 1xWAN

4xLAN/DMZ , 1xWAN, 1xWLAN, 1x3G*

4xLAN/DMZ , 1xWAN, 1x3G*

Traffic Redirect , Dial Backup

4xLAN/DMZ, 2xWAN

1xLAN, 4xDMZ, 2xWAN

Multiple WAN Load Balance, Auto Fail-over, Fail-back, Dial Backup, Traffic Redirect

Device Redundancy

-

x

Extension Card Slot

-

-

x – 3G card

x – 3G card, WLAN card, Turbocard

x– WLANcard, Turbocard

x– WLANcard, Turbocard

2 xcard bus

card bus, USB, MiniPCI, 2,5" HDD

RS-232 console

-

x

x

x

x

x

x

x

Bridge

x

-

-

x

x

x

x

x

Bandwidth Management

-

x

x

x

x

x

x

x

*optional support 3G card

UTM = AS + AV + IDP + CF Bandwidth Mgmt

Web Filters

Servers

VPNUTM / Firewall

AntiAnti-Virus

Load Balance

IDS / IDP

Users

AntiAnti-Spam

UTM (Unified Threat Management)

IDP 3*

3* 1* 3* * Mě ěsíců ů zdarma na vyzkoušení

Internet

Anti-Virus/IDP Acceleration Card with ZyXEL SecuASIC Technology for ZyWALL 5, 35 and 70

Servers Users

Internet

SSL VPN tunnel External Database

ZyWALL SSL VPN RADIUS Internet Remote Users

Zabezpeč čení jednorázovým heslem: Získá-li někdo nelegálně Vaše přihlašovací údaje k přístupu na firemní síť NEVADÍ !!! Přístup je navíc chráněn generováním jednorázového přístupového číselného hesla, které se dá použít jen jednou.

NAT Gateway – nemáte žádný firewall, SSL 10 bude Vaším firewallem

ZyWALL SSL VPN Employee on Home Computer

LAN Zone

(with NAT and Firewall) WAN

LAN

Internet Employee Laptop In Airport Kiosk or In Hotel

Email Server

Encrypted

Decrypted File Share

Authorized Partner Authorized Customer

BI System

OA, ERP System CRM System

Web-based Application Server Application (Inventory, Store..)

Remote Desktop Network Extend

Gateway’s DMZ Zone – pokud firewall již ž máte, SSL 10 bude doplň ňkem zabezpeř ření Vašich síť ťových dat – ZyWALL zabezpeč čuje IDP/AV

ZyWALL UTM provides Anti-Virus/IDP inspection on SSL-VPN traffic

LAN Zone

ZyWALL UTM

Employee on Home Computer WAN

LAN Email Server

BI System

Internet Employee Laptop In Airport Kiosk or In Hotel

DMZ

Encrypted

Decrypted

File Share

OA, ERP System CRM System

DMZ Zone WAN Authorized Partner Authorized Customer

ZyWALL SSL VPN

Web-based Application Server Application (Inventory, Store..)

Remote Desktop Network Extend

3G Security Router – druhá konektivita není v dosahu metalicky, ale je k dispozici GPRS nebo UMTS • 3G Data Card Access - Primary WAN - Backup WAN • WIFI Security

- Dual WAN (LB)

- WEP/WPA/WPA2 - 802.1x EAP Auth.

Internet AC 850

Internet ZyWALL 3W 2WG / 5

ZyWALL 70 UTM

Remote Office Central Office/ HQ

3G Security Router – není k dispozici v dosahů ů žádná metalická, WiFi ani optická konektivita

AC 850

Residential

ZyWALL 2WG/5 • 3G Data Card Access - Primary WAN

Internet AC 850

Residential

ZyWALL 2WG/5

Management sítě ě Branch Office

Internet Security Appliance

Internet Dept. 1

Company C

IT Manager Dept. 2 Vantage CNM Server

Internet Security Appliance

Personal Security Appliance

Telecommuter

Centralizované logování a vyhodnocení záznamů ů

ZyWALL A

Vantage CNM & Online Query from Reporting Server Client with IE Syslog

Internet ZyWALL B Syslog

VPN Tunnel is Up VPN Tunnel is Down

License & SKU of VRPT Install --Prompt to ask entering license during login

Enable License

Enable Trial

Trial Expired

Trial -- Full Function •1device •15 days trial

Enable License

-- Full Function -- no time limitation

1/5/25/100/ device

Trial Expired -- No Function is allowed

Enable License

License & SKU of CNM Install --Prompt to ask entering license during login

Enable Trial

Trial Expired

Trial -- Full Function •100 device •90 days trial

Enable License

Enable License

-- Full Function -- no time limitation

10/25/50/100/300/1000 device

Trial Expired -- No Function is allowed

Enable License


Questions?