ZyXEL ZyWALL USG300 Unified Security Gateway and Firewall w/200 VPN Tunnels, SSL VPN, 7 Gigabit Ports, and High Availability - ZWUSG300

Customer Reviews   Write a Review

Be the first to review this item and earn 25 Rakuten Super Points™

Product Overview

Untitled Document

Unified Security Gateway for Small and Medium-Sized Businesses -ZyWALL USG300

The Internet can be a dangerous place. It seems new threats to network security and employee efficiency emerge with each passing day. Malware can incapacitate workstations, and DoS attacks can bring your entire network screeching to a halt. Even applications such as P2P, IM, and Social networks can eat bandwidth and cripple employee productivity.

The ZyWALL USG300 is here to solve those problems.

With the USG300's Multi-layer threat protection, you can rest assured that your network is secure. ZyWALL's Application Patrol gives you detailed control over the applications allowed to run on your network, while the built-in 300Mbps throughput firewall and Kaspersky anti-virus protect your network from malware, DoS attacks, phishing, Trojan horses, and other threats.

Built with powerful Integrated High Performance Security architecture designed for Gigabit connections, a VPN Throughput of 130Mbps, a UTM throughput of 80Mbps, up to 60,000 max sessions and 200 concurrent IPSec VPN tunnels, the USG300 has the power to monitor and protect your network without sacrificing network performance. And with a 5 year, industry-leading hardware warranty, you'll be able to count on your USG300 to watch over your network's safety well into the future.

With 7 flexible Gigabit ports, you'll be able to decide how many LAN, DMZ, or WANs are best for your personal configuration. You can load balance and failover multiple ISP links or simply keep malware from being introduced to your intranet. The USG300 puts the choice in your hands.

With the ZyWALL USG300, you can rest easy knowing that your network is safe, secure, and wholly under your control.

  • Comprehensive threat protection with firewall, VPN, anti-virus, content filtering, anti-spam, Intrusion detection and prevention to secure front line threats.
  • User-aware policy engine can set bandwidth or network access based on user login.
  • Network resilience with multiple WANs, 3G cellular support, and device high availability
  • 5-Year industry leading hardware warranty to support ZyXEL's commitment to quality and customer satisfaction

User-Aware Policy Engine Enables Access Granularity

In addition to basic access control capabilities, the intelligent user-aware policy engine on the ZyWALL USG 300 is designed to make packet-forwarding decisions based on multiple criteria (such as user ID, user group, time of access and network quota, etc.). Furthermore, security staff can apply access policies against a variety of security features such as VPN, Content Filter and Application Patrol. In conjunction with VLAN and custom security zones, corporate security policies can be effectively enforced to prevent unauthorized access to the network resources.

Bandwidth Management Ensures Quality of Service

The ZyWALL USG 300 provides bandwidth management features for traffic prioritization to guarantee or restrict bandwidth usage per interface/protocol. Security staff can allocate bandwidth for a variety of applications or computer hosts on the corporate network, regardless of the direction of the connection. For example, it's possible to assign higher priority and larger bandwidth to time-critical applications such as VoIP and video conferencing for quality transmission services. In addition, ZyWALL USG 300 allows you to keep track of bandwidth usage with comprehensive statistical reports.

VoIP Security: Protecting the Converged Networks

Attracted by the benefits, more and more businesses are deploying VoIP applications on their networks. With the transition to VoIP also come security risks and voice quality issues. As a VoIP-friendly firewall, the ZyWALL USG 300 reduces the security risks associated with the adoption of VoIP by offering the SIP/H.323 ALG feature to dynamically open only the required ports during VoIP calls; once the call is complete, the opened ports are automatically closed to prevent port sniffing. The IDP feature can detect and prevent attacks usually associated with VoIP deployments. Ultimately, by establishing VoIP traffics over VPNs with traffic prioritization, security staff can minimize security breaches while optimizing call quality over the existing ISP links.

High Availability Features Guarantee Non-Stop Operations for Mission-Critical Applications

With the High Availability features, the ZyWALL USG 300 helps the security staff to easily set up a highly reliable and secure network infrastructure for your business. To minimize the impact of single-point failures, the ZyWALL USG 300 supports device HA (High Availability) to assure network availability should any device failure happen.

On the WAN side, the ZyWALL USG 300 can connect multiple ISP links to ensure Internet availability in case a single ISP link becomes unreliable. The multiple-WAN load-balancing feature can also optimize the bandwidth usage over each ISP link.


Manufacturer Zyxel
Mfg Part# ZWUSG300
SKU 205689279
UPC 760559115005
UPC 14 00760559115005
Tech Specs
Performance and Capacity:
SPI Firewall Throughput: 200Mbps
IPSec VPN (AES) Throughput: 100Mbps
Maximum SSL VPN Tunnels: 10
New Session Rate: 2,000 (sessions/sec)
Gateway Anti-Virus:
Stream-Based Gateway Anti-Virus Powered by Kaspersky Labs
Covers Top Active Viruses in the Wild List
Scans HTTP / FTP / SMTP / POP3 / IMAP4
Automatic Signature Update
No File Size Limitation
Blacklist / Whitelist
Application Patrol:
IM / P2P Granular Access Control
Integrated with Scheduling / Rate-Limit / User-Aware
IM / P2P Up-To-Date Support*
Real-Time Statistical Reports
*: Requiring valid IDP subscription
Intrusion Detection and Prevention:
In-line Mode (Routing / Bridge)
Zone-Based IDP Inspection
Customizable Protection Profile
Signature-Based Deep Packet Inspection
Automatic Signature Update
Custom Signatures
Traffic Anomaly: Scanning Detection and Flood Protection
Protocol Anomaly: HTTP / ICMP / TCP / UDP
Content Filter:
URL Blocking, Keyword Blocking
 Exempt List (Blacklist and Whitelist)
Blocks Java Applet, Cookies and Active X
Dynamic URL Filtering Database (BlueCoat)
 Encryptions (AES / 3DES / DES)
Authentication (SHA-1 / MD5)
Key Management (Manual Key / IKE)
Perfect Forward Secrecy (DH Group 1 / 2 / 5)
NAT over IPSec
Dead Peer Detection / Replay Detection
PKI (X.509)
Certificate Enrollment (CMP / SCEP)
Xauth Authentication
L2TP Over IPSec Support
Clientless Secure Remote Access (Reverse Proxy Mode)
SecuExtender (Full Tunnel Mode)
Unified Policy Enforcement
Supports Two Factor Authentication
Customizable User Portal
Routing Mode / Bridge Mode / Mixed Mode
Layer 2 Port Grouping
Ethernet / PPPoE / PPTP
Tagged VLAN (802.1Q)
Virtual Interface (Alias Interface)
Policy-Based Routing (User-Aware)
Policy-Based NAT (SNAT / DNAT)
RIP v1 / v2
IP Multicasting (IGMP v1 / v2)
DHCP Client / Server / Relay
Built-in DNS Server
Dynamic DNS
Bandwidth Management:
Bandwidth Priority
Policy-Based Traffic Shaping
Maximum / Guaranteed Bandwidth
Bandwidth Borrowing
SPI Firewall:
Zone-Based Access Control List
Customizable Security Zone
Stateful Packet Inspection
DoS/DDoS Protection
User-Aware Policy Enforcement
ALG Supports Custom Ports
Internal User Database
Microsoft Windows Active Directory
External LDAP / RADIUS User Database
ZyWALL OTP (One Time Password)
Force User Authentication (Transparent Authentication)
High Availability:
Device HA (Active-Passive Mode)
Device Failure Detection
Link Monitoring
Auto-Sync Configurations
Multiple WAN Load Balancing
VPN HA (Redundant Remote VPN Gateways)
System Management:
Role-Based Administration
Simultaneous Administrative Logins
Multi-Lingual Web GUI (HTTPS / HTTP)
Object-Based Configuration
Command Line Interface (Console / WebConsole / SSH / TELNET)
Comprehensive Local Logging
Syslog (4 Servers)
E-mail Alert (2 Servers)
Real-Time Traffic Monitoring
System Configuration Rollback
Text-Based Configuration File
Firmware upgrade via FTP / FTP-TLS / Web GUI
Advanced Reporting (Vantage Report 3.1*)
Centralized Network Management (Vantage CNM 3.0*)
*: Future release
ICSA Firewall Certified*
ICSA IPSec VPN Certified*
*: Certificate pending
Hardware Specifications:
Memory: 256MB RAM / 256MB Flash
Interface: GbE x 7 (RJ-45, with LED)
Auto-Negotiation and Auto MDI/MDI-X
 Console: RS-232 (DB9F)
AUX: RS-232 (DB9M)
LED Indicator: PWR, SYS, AUX, CARD1, CARD2
Power Switch: Yes
Reset Pinhole: Yes
Extension Card Slot: Yes* (2)
USB: Yes* (2)
*: These hardware accessories will be supported in future firmware release
Physical Specifications:
Rack Mountable: Yes (19-inch, rack-mount kit included)
Dimension: 17"(W) x 8.3"(D) x 1.7"(H) / 430.0(W) x 201.2(D) x 42.0(H) mm
Weight: 6.2lbs / 2,800g
Power Requirements:
Input Voltage: 100-240VAC, 50/60Hz, 0.55-0.3A
Power Rating: 35W Max
Environmental Specifications:
Operating Temperature: 32°F - 122°F / 0°C ~ 50°C
Storage Temperature: -22°F - 140°F / -30°C ~ 60°C
Humidity: 20% to 95% (non-condensing)
Standard Compliance:
HSF (Hazardous Substance Free): RoHS and WEEE
EMC: FCC Part 15 Class A, CE-EMC Class A, C-Tick Class A, VCCI Class A
Safety: CSA International (ANS/UL60950-1, CSA60950-1, EN60950-1, IEC60950-1)
Sold Out
Sorry, you missed the deal!
This product is currently not available.
Promotions & Offers (1)
  •  custom promo
    5% Back* Sitewide with Promo Code Rewardme *See page for details