Once an object is created, you apply it in a profile and then attach that profile to a rule to manage network traffic.įor example, to configure an IPsec tunnel, first you create an IPv4 address object matching the subnet of the far end router’s LAN. Creating an object is a common first step in configuring the USG40. Objects are created for interface zones, user management, access points, application control, IPv4 addresses, network services, manageable schedules, authentication servers, authentication methods, certificates, WAN profiles, ISP authentication and SSL applications. The USG40 uses an object oriented configuration model. Below is a screenshot of the dashboard.Īt the top of the dashboard, you can see virtual images providing a real-time view of the front (shown below) and rear of the device. When you log in, you’re presented with a useful dashboard that displays Device Information, Security Service and License Status, System Status, System Resource utilization and statistics for Content Filtering, Viruses, Intrusions, and Security Policies. A virtual console connection is also accessible via the GUI. In addition to the GUI, the USG40 can be managed from the command line via Telnet, SSH and direct console connection. The USG40 has a similar menu structure and GUI to the USG20 and ZyWALL 110. Firmware upgrade via FTP, FTP-TLS and Web GUI.Command line interface (console, Web console, SSH and TELNET).3-tier configuration: object-based, profile-based, policy-based.Forced user authentication (transparent authentication).XAUTH, IKEv2 with EAP VPN authentication.Microsoft Windows Active Directory integration.Customizable warning messages and redirection URL.Dynamic, cloud-based URL filtering database.Blocks java applets, cookies and ActiveX.Recurrent Pattern Detection (RPD) technology.Transparent mail interception via SMTP and POP3 protocols.HTTP, FTP, SMTP, POP3 and IMAP4 protocol support.Identifies and blocks over 650,000 viruses.Kaspersky SafeStream II gateway anti-virus.Supports over 15 application categories.Identifies and controls over 3,000 applications and behaviors.Signature-based and behavior-based scanningĪpplication Intelligence and Optimization.Traffic anomaly detection and protection (ADP).Protocol anomaly detection and protection (ADP).Policy criteria: zone, source and destination IP address, user, time.UTM features: anti-virus, anti-spam, IDP, content filtering, application intelligence, firewall (ACL).VPN High Availability (HA): load-balancing and failover.Authentication: SHA-2 (512-bit), SHA-1 and MD5.Encryption: AES (256-bit), 3DES and DES.ZyXEL AP Controller (APC) 1.0 compliant.IPv4 tunneling (6rd and 6to4 transition tunnel).
WAN connection failover via 3G and 4G USB modems.OPT port can be used for DUAL WAN or LAN.
0 kommentar(er)
