Zyxel ZyWALL VPN1000 | ZyxelGuard.com

Overview:

In order to meet strategic needs, enterprises or their affiliates need complete yet cost-effective VPN solutions to span across two or more remote sites or connect multiple VPNs while protecting data security network from threats. Specially designed for various VPN applications, Zyxel’s ZyWALL VPN50/100/ 300 comply with GDPR regulations and features a robust VPN gateway with the ability to access enterprise information across the corporate sites and connect business partners, cloud providers as well as telecommuters.

Easy setup tunnel to Amazon Virtual Private Cloud, Amazon VPC
Facebook WiFi, Intelligence social media authentication
Robust hybrid VPN (IPSec/ SSL/L2TP over IPSec)
One-year free Content Filtering and Geo Enforcer services
Device HA Pro dedicated heartbeat port ensures smart handover
Hotspot management for authentication, access control and billing

Benefits:

High secure VPN applications

The Zyxel ZyWALL VPN50/100/300/1000 provides comprehensive types of VPN connection for your business and supports Amazon Virtual Private Cloud (AWS VPC) for nowadays VPN environment. Moreover, the business grade ZyWALL VPN family equipped with IPSec VPN Hardware engine for high efficiency VPN tunnel and VPN load balance/failover with stronger VPN algorithm (IKEv2 & SHA-2) that ensure the VPN reliability and security for business communications.

Non-stop service

The ZyWALL VPN50/100/300/1000 delivers high-performance network security to help businesses satisfy the demand for always-on communications. For mission critical deployments, the ZyWALL VPN series provides activepassive device High-Availability (HA) service to support device or connection failover.

Multi-WAN load balancing/failover
The ZyWALL VPN series features multi-WAN load balancing/failover and a comprehensive mobile broadband USB modem support list for WAN backup operations. The ZyWALL VPN series also supports IPSec load balancing and failover, providing additional resilience for mission-critical VPN failover with VTI Interface deployments.

One-year free security services

The ZyWALL VPN series with Content Filtering prevents users from accessing malicious or malware sites or inappropriate content such as violent or porn related. With the Geo Enforcer, IP addresses can be mapped to geographical locations to block hacker probing from specific countries or to prevent users from visiting certain data sources. These could help small and medium business to stay away from web threats or social networking sites that could potentially decrease productivity.

One-year free security services

Comprehensive connectivity

Today’s business requires a solution that provides secure connectivity and easy access management, and it also requires uninterrupted connection to the business needs of the device.

AP controller
The ZyWALL VPN series combining AP Controller technology enables users to manage APs from a centralized user interface. Businesses can deploy or expand a managed WiFi network with minimal effort.
Hotspot management
Zyxel’s hotspot management services include billing systems, walled gardens, multiple authentication options, third-party community logins and user agreements, providing site owners with all the functional solutions for managing all network hotspots from one place.
Facebook WiFi
The ZyWALL VPN series integrates with Facebook WiFi to help small shops, stores and restaurants not only provide customers with easy Internet connectivity, but also increase the popularity of your business on Facebook.

Subscription Services

The Zyxel VPN50/100/300/1000 provides a complete feature set to perfectly fit different business requirements as well as to enable the maximum performance for security, hotspot, and connectivity. Comprehensive network modularity also empowers IT professionals to customize the system to meet their individual needs. Notes: Hotspot Management supports for VPN1000 and VPN300

Subscription Services

Features:

Firewall

ICSA-certified corporate firewall
Routing and transparent (bridge) modes
Stateful packet inspection
User-aware policy enforcement
SIP/H.323 NAT traversal
ALG support for customized ports
Protocol anomaly detection and protection
Traffic anomaly detection and protection
Flooding detection and protection
DoS/DDoS protection

IPv6 Support

Dual stack
IPv4 tunneling (6rd and 6to4 transition tunnel)
IPv6 addressing
DNS
DHCPv6
Bridge
VLAN
PPPoE
Static routing
Policy routing
Session control
Firewall and ADP
IPSec VPN
Content Filtering

IPSec VPN

Authentication: SHA-2 (512-bit), SHA-1 and MD5
Encryption: AES (256-bit), 3DES and DES
Supports generating SHA2 Certificate
Support route-based VPN Tunnel Interface (VTI)
Key management: manual key, IKEv1 and IKEv2 with EAP
Perfect forward secrecy (DH groups) support 1, 2, 5, 14
IPSec NAT traversal
Dead peer detection and relay detection
PKI (X.509) certificate
VPN concentrator
Simple wizard support
VPN auto-reconnection
VPN High Availability (HA): loadbalancing and failover
L2TP over IPSec
GRE and GRE over IPSec
NAT over IPSec
Support iOS L2TP/IKE/IKEv2 VPN Client provision

SSL VPN

HTTP, FTP, SMTP, POP3 and IMAP4 protocol support
Automatic signature updates
No file size limitation
Supports Windows and Mac OS X
Supports full tunnel mode
Supports 2-step authentication
Customizable user portal

Device High Availability Pro (HA Pro)

Device failure detection and notification
Supports ICMP and TCP ping check
Link monitoring
Configuration auto-sync
Dedicated Heartbeat Link
Smart handover
NAT/Firewall/VPN Sessions synchronization

Networking

Routing mode, bridge mode and hybrid mode
Ethernet and PPPoE
NAT and PAT
VLAN tagging (802.1Q)
Virtual interface (alias interface)
Policy-based routing (user-aware)
Policy-based NAT (SNAT)
Dynamic routing (RIPv1/v2 and OSPF)
DHCP client/server/relay
Dynamic DNS support
WAN trunk for more than 2 ports
Per host session limit
Guaranteed bandwidth
Maximum bandwidth
Priority-bandwidth utilization
Bandwidth limit per user
Bandwidth limit per IP
GRE
BGP

WLAN Management

Support AP controller version 3.0
Supports auto AP FW update
Wireless L2 isolation
Scheduled WiFi service
Dynamic Channel Selection (DCS)
Client steering for 5GHz priority and sticky client prevention
Auto healing provides a stable and reliable coverage
IEEE 802.1x authentication
Captive portal Web authentication
Customizable captive portal page
RADIUS authentication
WiFi Multimedia (WMM) wireless QoS
CAPWAP discovery protocol
Multiple SSID with VLAN
Supports ZyMesh
Support AP forward compatibility

Authentication

Local user database
Built-in user database
Microsoft Windows Active Directory integration
External LDAP/RADIUS user database
XAUTH, IKEv2 with EAP VPN authentication
Web-based authentication
Forced user authentication (transparent authentication)
IP-MAC address binding
SSO (Single Sign-On) support

Logging/Monitoring

Comprehensive local logging
Syslog (to up to 4 servers)
Email alerts (to up to 2 servers)
Real-time traffic monitoring
System status monitoring
Built-in daily report
Advanced reporting with Vantage Report

System Management

Role-based administration
Multiple administrator logins
Supports Cloud Helper
Multi-lingual Web GUI (HTTPS and HTTP)
Command line interface (console, Web console, SSH and telnet)
SNMP v1, v2c, v3
System configuration rollback
Firmware upgrade via FTP, FTP-TLS and Web GUI
Dual firmware images
Cloud CNM SecuManager

Zyxel One Network

ZON Utility
- IP configuration
- Web GUI access
- Firmware upgrade
- Password configuration
Smart Connect
- Location and System Name update
- Discover neighboring devices
- One-click remote management access to the neighboring Zyxel devices

Hotspot Management

Integrated account generator, Webbased authentication portal and billing system
Supports external RADIUS servers
Per account bandwidth management
User agreement login
SP350E Service Gateway Printer enables oneclick account and billing generation
Built-in billing system
- Time-to-finish accounting mode
- Accumulation accounting mode
Supports PayPal online payment
Marketing tool
- Advertisement link
- Walled garden
- Portal page
Billing Replenish

Subscriptional Services

Content Filtering
Geo Enforcer
HotSpot Management
Managed APs
Device HA Pro

USB

Firmware upgrade
Log for data retention
Support 3G/LTE

Application Diagram:

VPN Application

High-speed, high-security communications between local servers, remote devices and cloud-hosted applications with deployments of the ZyWALL VPN50/100/300/1000.
Secure, reliable VPN connectivity with IPSec VPN load balancing and failover features delivers high-availability services for exceptional uptime.
Easy-to-use, secure remote access via SSL, IPSec and L2TP over IPSec VPN.
The headquarter ZyWALL Series can also establish an IPSec VPN connection with Amazon VPC for secured access to leverage the benefits of cloud-base and to expend on premise networks that extend into the cloud center.

VPN Application

Managed Application Services

Branch offices, small and medium business as well as IT administrators can deploy Zyxel VPN firewalls to establish VPN connections among managed services providers (MSPs) that improve services levels, minimize end-user service downtime and relieve network maintenance efforts.
Retailers and chain stores such as healthcare, banking and branch offices can deploy ZyWALL VPN Firewalls over secure connections (IPSec VPN) for business transactions.

Managed Application Services

Connectivity for Hospitality Services

The ZyWALL VPN Firewall with managed AP provides Hospitality businesses and SMB with a range of network access privileges such as free, paid access or social login.
Hospitality businesses can deploy ZyWALL VPN with Hotspot Management features that provide secure network services such as advanced billing for flexible free and tiered WiFi services while retaining the Internet usage record to comply with local regulations.

Business Scenario 1: 3-4 start Hotels with Hotspot & managed APs

Business Scenario 2: hotspot management for shops and hostels

Specifications:

Models	VPN50 SBs	VPN100 SMBs	VPN300 SMBs	VPN1000 MBs
Hardware Specifications
Interfaces	4 x LAN/DMZ, 1 x WAN, 1 x SFP	4 x LAN/DMZ, 2 x WAN, 1 x SFP	7 x GbE (Configurable) 1 x SFP	12 x GbE (Configurable) 2 x SFP
USB3.0 ports	1	2	2	2
Console port	Yes (RJ-45)	Yes (DB9)	Yes (DB9)	Yes (DB9)
Rack-mountable	-	Yes	Yes	Yes
System Capacity & Performance*1
SPI firewall throughput (Mbps)*2	800	2,000	2,600	8,000
VPN throughput (Mbps)*3	150	500	1,000	1,500
Max. TCP concurrent sessions*4	400,000	800,000	2,000,000	3,000,000
Max. concurrent IPSec VPN tunnels*5	50	100	300	1,000
Concurrent SSL VPN users (default/max.)*6	10/50	30/200	50/300	250/500
VLAN interface	8	16	64	128
Concurrent device logins (default/max.)*6	64	200/300	500/800	800/4000
WLAN Management
Managed AP number (default/max.)*6	4/36	4/68	4/132	8/1032
Key Features
VPN	IKEv2, IPSec, SSL, L2TP/IPSec	IKEv2, IPSec, SSL, L2TP/IPSec	IKEv2, IPSec, SSL, L2TP/IPSec	IKEv2, IPSec, SSL, L2TP/IPSec
SSL (HTTPS) inspection	-	Yes	Yes	Yes
Content filtering*6	1 year free	1 year free	1 year free	1 year free
Geo Enforcer*6	1 year free	1 year free	1 year free	1 year free
EZ Mode	Yes	-	-	-
Hotspot Management67	Yes	Yes	Yes	Yes
Ticket printer support*7 / Support Q'ty (max.)	Yes (SP350E) / 10	Yes (SP350E) / 10	Yes (SP350E) / 10	Yes (SP350E) / 10
Amazon / Azure VPC	Yes	Yes	Yes	Yes
Facebook WiFi	Yes	Yes	Yes	Yes
Device HA Pro*8	-	Yes	Yes	Yes
Power Requirements
Power input	12V DC, 2.0 A max.	12V DC, 2.5A max.	12V DC, 4.17A max.	100-240 V AC, 50/60 Hz,2.5 A max.
Max. power consumption (watt)	12	13.3	24.1	46.0
Heat dissipation (BTU/hr)	40.92	45.38	82.23	120.10
Physical Specifications
Item	Dimensions (WxDxH)(mm/in.) 216 x 143 x 33/8.50 x 5.63 x 1.30 Weight (kg/lb.) 0.88/1.94	Dimensions (WxDxH)(mm/in.) 272 x 187 x 36/10.7 x 7.36 x 1.42 Weight (kg/lb.) 1.4/3.09	Dimensions (WxDxH)(mm/in.) 300 x188 x 44/16.93 x 7.4 x 1.73 Weight (kg/lb.) 1.65 / 3.64	Dimensions (WxDxH)(mm/in.) 400 x 250 x 44/16.93 x 9.84 x 1.73 Weight (kg/lb.) 3.3/7.28
Packing	Dimensions (WxDxH)(mm/in.) 276 x 185 x 98/10.87 x 7.28 x 3.86 Weight (kg/lb.) 1.41/3.11	Dimensions (WxDxH)(mm/in.) 427 x 247x 73/16.81 x9.72 x 2.87 Weight (kg/lb.) 2.23 (W/O bracket) 2.42 (W/ bracket)	Dimensions (WxDxH)(mm/in.) 351 x 152 x 245/13.82 x 5.98 x 9.65 Weight (kg/lb.) 2.83/6.24	Dimensions (WxDxH)(mm/in.) 519 x 392 x 163/20.43 x 15.43 x 6.42 Weight (kg/lb.) 4.8/10.58
Included accessories	Power adapter RJ-45 - RS-232 cable for console connection	Power adapter Rack mounting kit (optional, by regions)	Power adapter Power cord Rack mounting kit	Power cord Rack mounting kit
Environmental Specifications
Operating	Temperature 0°C to 40°C /32°F to 104°F Humidity 10% to 90%(non-condensing)	Temperature 0°C to 40°C /32°F to 104°F Humidity 10% to 90%(non-condensing)	Temperature 0°C to 40°C /32°F to 104°F Humidity 10% to 90%(non-condensing)	Temperature 0°C to 40°C /32°F to 104°F Humidity 10% to 90%(non-condensing)
Storage	Temperature -30°C to 70°C (-22°F to 158°F) Humidity 10% to 90%(non-condensing)	Temperature -30°C to 70°C (-22°F to 158°F) Humidity 10% to 90%(non-condensing)	Temperature -30°C to 70°C (-22°F to 158°F) Humidity 10% to 90%(non-condensing)	Temperature -30°C to 70°C (-22°F to 158°F) Humidity 10% to 90%(non-condensing)
MTBF (hr)	655,130	529,688	529,688	444,930

Note:
*: This matrix with firmware ZLD4.30 or later.
*1: Actual performance may vary depending on network conditions and activated applications
*2: Maximum throughput based on RFC 2544 (1,518-byte UDP packets).
*3: VPN throughput measured based on RFC 2544 (1,424-byte UDP packets).
*4: Maximum sessions measured using the industry standard IXIA IxLoad testing tool.
*5: Including Gateway-to-Gateway and Client-to-Gateway.
*6: With Zyxel service license to enable or extend the feature capacity.
*7: This is the recommend maximum number of concurrent logged-in devices.
*8: SafeSearch function in Content Filtering need to enable SSL inspection firstly and not for small business models.
*9: With Hotspot Management license support.

Documentation:

Download the Zyxel ZyWALL VPN1000 Firewall Datasheet (PDF).

Zyxel ZyWALL VPN1000 Discontinued
ZyWALL VPN Firewall

Sorry, this product is no longer available

Overview: