Unified Security Gateway Zywall Usg 20

 Without VATWith VAT
Base Price:€204,40€247,32
Recupel:+ €0,04+ €0,05
Part Number: 91-009-072001B
Language: UK
Minimum Order Quantity: 1


The ZyWALL USG (Unified Security Gateway) 20 is the "third generation" ZyWALL featuring an all-new platform. It provides greater performance protection as well as a deep packet inspection security solution for small businesses to enterprises alike. It embodies a Stateful Packet Inspection (SPI) firewall, Content Filtering, Anti-Spam, and VPN (IPSec/SSL/L2TP) in one box. This multilayered security safeguards your organization's customer and company records, intellectual property, and critical resources from external and internal threats.


Secure connectivity

  • Given the prevalence and importance of information technology (IT) systems today and the nature and scale of both the opportunities and risks associated with significant deployments of new networking technologies, organizations are forced to evaluate solutions to build up a safer infrastructure to secure online transactions, in which involve exchange of valuable information. The infrastructure should be tailored to meet operation requirements for expanding remote sites as well as mobile teleworkers.

Proactive protection

  • Malicious virus, worm, exploits could cripple corporate networks and halt business transactions. In addition to severe financial loss, you also risk leakage of confidential information.
    As mass-mailing software companies mushroom on the Internet, your network is bombarded with massive amounts of junk mails (spam). Without intelligent detection and proactive blocking, users have to go through the tedious and time-consuming task of sieving through the overflowing mailbox, and such scenario leads to serious productivity loss.

Policy compliance

  • With numerous file-sharing (P2P) and Instant Messaging (IM) applications, it is easier for company employees to share files and chat online during work hours. Rapid file sharing not only compromises network safety with the sharing of questionable files containing malicious viruses, but may also violate copyright issues and create legal hassles.

Network resilience

  • ISP links broken, hardware and software failure on the gateway, dead VPN tunnels-these are severe challenges IT staff face when designing the network infrastructure. In short, we need to take fault tolerance on the network path into consideration when build up a highly available network infrastructure for non-stop operations.


  • With Vantage CNM (Centralized Network Management), users can achieve the follow objects:
    • Easy VPN management and diagnostic capability
    • Complete security policies and UTM management
    • Low TCO of massive deployment and device maintenance
    • Active monitoring, alerting and comprehensive graphic reports
  • The solution provides an efficient centralized management system for enterprises of any size to reduce operational costs regardless of the number of branch offices or remote locations.


  • With the adoption of ZyXEL's USG 20, the follow costs can be saved:
  • Device hardware maintenance fee: ZyXEL provides a one more year hardware warranty out of factory.
  • Free Software upgrade: now ZyXEL provides free software upgrade for you to enjoy complete protection without additional expanse.




  • ICSA-certified firewall
  • Routing and transparent (bridge) mode
  • Zone-based access control list
  • Stateful packet inspection
  • NAT, PAT
  • Policy base NAT
  • VLAN tagging
  • User-aware policy enforcement
  • SIP/H.323 NAT traversal
  • ALG supports custom ports

Virtual Private Network (VPN)

  • ICSA-certified IPSec VPN
  • PPTP, L2TP, IPSec
  • Algorithm: AES/3DES/DES
  • Authentication: SHA-1/MD5
  • Key management: Manual key/IKE
  • Perfect forward secrecy: (DH group) supprt 1, 2, 5
  • IPSec NAT traversal
  • Dead peer detection/relay detection
  • PKI (X.509) certificate support
  • Centralize VPN Support
  • Simple wizard support 
  • Auto reconnect VPN        
  • VPN HA (redundant remote VPN gateways) 


  • Clientless secure remote access
  • Support reverse proxy mode and full tunnel mode 
  • Unified policy enforcement
  • Supports two-factor authentication
  • Customizable user portal

Application Patrol

  • Application, IM/P2P, stream base media, VoIP granular access control
  • Detail access control of IM (Chat, file transfer, video)
  • Application and IP/P2P bandwidth control
  • User authentication support 
  • IM/P2P signature auto update
  • Support more than 15 catalogs IM and P2P 
  • Real-Time statistical reports
  • Maximum/guaranteed bandwidth


  • Zone to zone protection
  • Transparently intercept mail via SMTP/POP3 protocols
  • Blacklist/whitelist support
  • Support DNSBL checking
  • Spam tag support
  • Statistics report

Content Filtering

  • Social networking control
  • Web security - ZyXEL safe browsering
  • URL blocking, keyword blocking
  • Profile base setting
  • Exempt list (blacklist and whitelist)
  • Blocks java applet, cookies and active X
  • Dynamic URL filtering database (powered by BlueCoat)
  • Unlimited user licenses support
  • Customize warning messages and redirect URL


  • Routing mode/bridge mode/mixed mode
  • Layer 2 port grouping
  • Ethernet/PPPoE
  • Tagged VLAN (802.1Q)
  • Virtual interface (alias interface)
  • Policy-based routing (user-aware)
  • Policy-based NAT (SNAT) 
  • Dynamic routing(RIP v1/v2, OSPF) 
  • DHCP client/server/relay
  • Dynamic DNS support
  • WAN Trunk more than 2 port
  • Per host session limit
  • Guaranteed bandwidth
  • Maximum bandwidth 
  • Priority-bandwidth utilization


  • Local user database
  • Microsoft Windows active directory integrate 
  • External LDAP/RADIUS user database
  • Xauth over RADIUS for IPSec IPV
  • Forced user authentication (transparent authentication)
  • IP/MAC address binding

System Management

  • Role-based administration
  • Multiple administrator login
  • Multi-Lingual Web GUI (HTTPS/HTTP)
  • Out-of-band management (AUX)
  • Object-based configuration
  • Command line interface (console/web console/SSH/TELNET)
  • SNMP v2c (MIB-II)
  • System configuration rollback
  • Firmware upgrade via FTP/FTP-TLS/Web GUI


  • Comprehensive local logging
  • Syslog (send to up to 4 servers)
  • E-mail alert (send to up to 2 servers)
  • Real-Time traffic monitoring
  • Built-in daily report
  • Advanced reporting (Vantage Report)
  • Centralized Network Management (Vantage CNM) manageable


  • Unified Security Gateway for SB (1~5 PC Users)
  • All Gigabit Ethernet interface hardware design
  • High-performance multi-layer threat protection
  • Hybrid VPN (IPSec and SSL) secures connection
  • 3G USB dongle as the backup WAN

System Capacity & Performance

  • SPI Firewall Throughput*1: 100 Mbps
  • VPN Throughput (3DES)*2: 30 Mbps*4  
  • Unlimited User Licenses
  • Max. Sessions*6: 6,000
  • New Session Rate: 900
  • Max. Concurrent IPSec VPN Tunnels: 2
  • Max. Concurrent SSL VPN Users: 1
  • Included SSL VPN Users: 1
  • Customizable Zone

Hardware Specifications

  • 10/100/1000 Interfaces (Copper): 4 x LAN/DMZ, 1 x WAN
  • USB ports: 1

Power Requirements

  • Input Voltage: 100 - 240 V AC, 50 - 60 Hz, 1.2 A
  • Power Rating: 15 W Max

Physical Specifications

  • Dimensions: 215.75 (W) x 140 (D) x 33 (H) mm
  • Weight: 0.38 kg

Environmental Specifications

  • Operating temperature: 0ºC to 40ºC
  • Storage temperature: 0ºC to 40ºC
  • Operating humidity: 20% to 95% (non-condensing)