Petr Koudelka Security product manager

Petr Koudelka Security product manager

Rozdělen lení produktů dle uřč řčen ení Enterprise 500+ users Mid-Large (100-500 users) SMB (50-100 users) SB (<50 users) SOHO ZyWALL Target Market ZyWALL USG 1000 ZyWALL USG 300 ZyWALL 35 UTM ZyWALL 5 UTM ZyWALL 2WG ZyWALL 2 Plus ZyWALL P1 Produkty nejsou omezeny na počet připojených PC, ale musí být dle počtu zařízení pouze výkonově dimenzované!!!

ZyWALL P1 Panel LEDs: PWR: Power status WAN: WAN status VPN: VPN status Managed: Vantage CNM status LAN: LAN status 129mm Interface: Reset: Reset button WAN Port : 10/100 Auto Sensing LAN Port : 10/100 Auto Sensing USB Port : Powered by USB Power: 12VDC Switching type 16mm 81mm

Personal Firewall + 1 VPN, Powered by USB or power supply, WAN and LAN 10/100 Ethernet icard, 1-year AV+ IDP for P1 91-009-018001B 91-995-028001B icard, 2-year AV+ IDP for P1 91-995-094001B

ZyWALL 2 Plus LEDs: PWR, ACT, 4-Ports LAN, WAN Interface: Console: RS-232 on RJ-45 Port, Dial Backup: RS-232 on RJ-45 Null Modem Port, 4-ports LAN/DMZ: 10/100M auto MDI/MDIX WAN: 10/100M auto MDI/MDIX

Firewall + 5 IPSec VPN, WAN, 4-port 10/100 Ethernet icard, 1year Content Filter Silver 91-009-029001B 91-995-003002G

ZyWALL 2WG Interface LEDs: PWR, LAN/DMZ, WAN, AUX, WLAN CARD (3G Etension Card Slot) Interface: WAN: 10/100 Auto MDI/MDIX 4-port LAN/DMZ switch: 10/100 Auto MDI/MDIX, configurable as LAN or DMZ WLAN, AUX, Console, Etension slot

ZyWALL 2 WG Firewall + 5 IPSec VPN, WAN, 4-port 10/100 Ethernet, WLAN 802.11 a/b/g, etension slot "3G/GPRS" 91-009-035001B icard, 1year Content Filter icard, 1year Content Filter 2WG 91-995-045001B

4.04(AQI.1) Sierra Wireless AC580 AC595 AC850 AC860 AC875 AC880 AC881 Novatel PC720 EX720 (epress) U740 Huawei EC321 EC360 EC500 E612 E620 E630 Option GT HSDPA 7.2 Ready GT Ma 3.6 Plán podpory 3G karet POZOR podporu vždy ověřte s danou verzí firmware a zařízením

ZyWALL 5 UTM LEDs: PWR SYS ACT (Status of Dial Backup Function) CARD (Status of Etension Card Slot) Interface: WAN: 10/100 Auto MDI/MDIX 4-port LAN/DMZ switch: 10/100 Auto MDI/MDIX, configurable as LAN or DMZ Dial-Backup: RS-232 M Console: RS-232 F Etension Card Slot: ZyWALL TURBO Card *: ZyWALL Turbo AV+IDP Accelerator

ZyWALL 5 ZyWALL 5 UTM ZyWALL Turbo suite 1 Silver ZyWALL Turbo suite 2 Silver icard, 1-year AV+ IDP Silver icard, 2-year AV+ IDP Silver icard, 1-year Anti-Spam Silver icard, 2-year Anti-Spam Silver icard, 1year Content Filter Silver Firewall + 10 IPSec VPN, WAN, 4- port 10/100 Ethernet, etension slot "WiFi, GPRS/3G, Turbo card" ZyWALL 5*1, Turbo*1, 3 + 12 months AV/IDP license ZyWALL Turbo suite incl. turbo card, 1year AV+ IDP silver for ZyWALL 5 ZyWALL Turbo suite incl.turbo card, 2year AV+ IDP silver for ZyWALL 5 icard, 1-year AV+ IDP Silver for ZyWALL 5 icard, 2-year AV+ IDP Silver for ZyWALL 5 icard, 1-year Anti-Spam license Silver for ZyWALL 5 icard, 2-year Anti-Spam license Silver for ZyWALL 5 Content filtering - ZyWALL 2plus/5 91-009-014001B 91-009-014011B 91-995-004005B 91-995-005005B 91-995-004002G 91-995-046001B 91-995-006002G 91-995-007002G 91-995-003002G

4.04(XD.0) Sierra Wireless AC595 AC850 AC860 AC875 Huawei E612 E620 Option GT HSDPA 7.2 Ready Plán podpory 3G karet POZOR podporu vždy ověřte s danou verzí firmware a zařízením

ZyWALL 35 UTM LEDs: PWR SYS ACT (Status of Dial Backup Function) CARD (Status of Etension Card Slot) Interface: WAN 1, WAN 2 : 10/100 Auto MDI/MDIX 4-port LAN/DMZ switch : 10/100 Auto MDI/MDIX, configurable as LAN or DMZ Dial-Backup: RS-232 M Console: RS-232 F Etension Card Slot: ZyWALL TURBO Card *: ZyWALL Turbo - SMART Accelerator

ZyWALL 35 ZyWALL 35 UTM ZyWALL Turbo suite 1 Gold ZyWALL Turbo suite 2 Gold icard, 1-year AV+ IDP Gold icard, 2-year AV+ IDP Gold icard, 1-year Anti-Spam Gold icard, 2-year Anti-Spam Gold icard, 1year Content Filter Gold Firewall + 35 IPSec VPN, 2-port WAN, 4-port 10/100 Ethernet, etension slot "WiFi, Turbo card" ZyWALL 35*1, Turbo*1, 3+12 months AV/IDP license ZyWALL Turbo suite incl. turbo card, 1year AV+ IDP gold for ZyWALLs 35/70 ZyWALL Turbo suite incl.turbo card, 2year AV+ IDP gold for ZyWALLs 35/70 icard, 1-year AV+ IDP Gold for ZyWALLs 35/70 icard, 2-year AV+ IDP Gold for ZyWALLs 35/70 icard, 1-year Anti-Spam license Gold for ZyWALLs 35/70 icard, 2-year Anti-Spam license Gold for ZyWALLs 35/70 Content filtering - ZyWALLs 35/70 91-009-010001B 91-009-010011B 91-995-004004B 91-995-005004B 91-995-040001B 91-995-036001B 91-995-041001B 91-995-035001B 91-995-033001B

ZyWALL USG 300 LEDs: PWR SYS AUX (status of Dial Backup/Dial-In) CARD1 (status of Etension Card Slot1) CARD2 (status of Etension Card Slot2) Interface: (7) Gigabit Ethernet: 10/100/1000, Configurable Port Role (2) USB: 2.0, for printer, storage etc Interface: Dial-Backup/Dial-In OOB: DB-9 M Console: DB-9 F Etension Card Slot: Future Upgrade 1. 3G Cellular Card 2. WLAN Card Power: 100~240VAC

ZyWALL USG 300 icard, 1-year CF ZyWALL USG 300 icard, 2-years CF ZyWALL USG 300 icard, 1-year AV ZyWALL USG 300 icard, 2-years AV ZyWALL USG 300 icard, 1-year IDP ZyWALL USG 300 icard, 2-years IDP ZyWALL USG 300 icard SSL VPN 2 TO 10 TUNNELS ZYWALL USG 300 Firewall + 200 VPN L2TP/IPSec, up to 10 SSL, 7 Gbps multiple WAN,LAN,DMZ ports, epansion slot icard 1-year Content filtering for ZYWALL USG 300 icard 2-years Content filtering for ZYWALL USG 300 icard, 1-year AV Kaspersky ZyWALL USG 300 icard, 2-years AV Kaspersky ZyWALL USG 300 icard, 1-year IDP ZyWALL USG 300 icard, 2-years IDP ZyWALL USG 300 icard 2 to 10 SSL VPN tunnels for ZyWALL USG 300 91-009-034001B 91-995-084001B 91-995-085001B 91-995-080001B 91-995-081001B 91-995-082001B 91-995-083001B 91-995-079001B

ZyWALL USG 1000 LEDs: PWR SYS ACT (Status of Dial Backup) HDD (Status of HDD Slot) Interface: Gigabit Port: 5 gigabit ports USB: 2 USB ports (future enhancement) Etension Card Slot (future enhancement) Dial-Backup: RS-232M, Console: RS-232F HDD Slot (future enhancement) System FAN: 4 Fans Power FAN Power: 100~240VAC

ZyWALL USG 1000 icard, 1-year CF ZyWALL USG 1000 icard, 2-years CF ZyWALL USG 1000 icard, 1-year AV ZyWALL USG 1000 icard, 2-years AV ZyWALL USG 1000 icard, 1-year IDP ZyWALL USG 1000 icard, 2-years IDP ZyWALL USG 1000 icard SSL VPN 5 TO 25 TUNNELS ZYWALL USG 1000 icard SSL VPN 5 TO 50 TUNNELS ZYWALL USG 1000 icard SSL VPN 25 TO 50 TUNNELS ZYWALL USG 1000 Firewall + 1000 L2TP/IPSec VPN, up to 50 SSL, 5 Gbps multiple WAN, LAN, DMZ ports, etension slot icard 1-year Content filtering for ZYWALL USG 1000 icard 2-years Content filtering for ZYWALL USG 1000 icard, 1-year AV Kaspersky ZyWALL USG 1000 icard, 2-years AV Kaspersky ZyWALL USG 1000 icard, 1-year IDP ZyWALL USG 1000 icard, 2-years IDP ZyWALL USG 1000 icard 5 to 25 SSL VPN tunnels for ZyWALL USG 1000 icard 5 to 50 SSL VPN tunnels for ZyWALL USG 1000 icard 25 to 50 SSL VPN tunnels for ZyWALL USG 1000 91-009-052001B 91-995-072001B 91-995-073001B 91-995-078001B 91-995-093001B 91-995-076001B 91-995-077001B 91-995-075001B 91-995-092001B 91-995-074001B

ZyWALL SSL 10 LEDs: PWR SYS RS-232 Interface: WAN : 10/100 Auto MDI/MDIX 4 LAN: 10/100 Auto MDI/MDIX

ZyWALL SSL 10 Firewall + 10 VPN SSL tunnels 91-009-033001B Upgrade for SSL 10 icard, SSL VPN, for ZyWALL SSL- 10, 10 to 25 tunnel 91-995-031001B

ZyWALL OTP (One-Time Password) ZyWALL OTP Starter Kit Obsahuje 2 tokeny a 1 CD (ZyXEL/Authene Server Software) Designováno pro nové nebo malé zákazníky ZyWALL OTP 5U Obsahuje 5 tokenů a 1 CD (ZyXEL/Authene Server Software) Designováno pro zákazníka, který má již starter kit a potřebuje více tokenů pro uživatele ZyWALL OTP 10U Obsahuje 10 tokenů a 1 CD (ZyXEL/Authene Server Software) Designováno pro zákazníka, který má již starter kit a potřebuje více tokenů pro uživatele

ZyWALL OTP Starter Kit 2 tokens for new/potential customers to test and use 91-009-044001B ZyWALL OTP 5U 5 tokens to those who need more tokens for more users 91-009-044002B ZyWALL OTP 10U 10 tokens to those who need more tokens for more users 91-009-044003B

ZyWALL IPSec client Specification: Encryption DES, 3DES, and AES Hash Algorithms HMAC-MD5, HMAC-SHA-1, Diffie Hellman Group Support DH1, 2, 5, 14 Authentication Mechanisms Preshared keys, X.509, X-Auth, SmartCard&Token Key Management IKE (Internet Key Echange), ISAKMP IPSec Modes AH, ESP, Main, Aggressive, Tunnel, Transport System Requirements Disk Space - 5 MB Windows XP, Winsows Vista 32 bit

ZyWALL IPSec VPN Client ZyWALL IPSec VPN Client - 1 Pack, GreenBow, Windows XP, Vista 32 91-996-031001B

Vantage CNM Centralized Network Management Specification Server CPU: Intel P4 2,8 GHz or higher Memory: 2GB or higher Hard Disk: 80 GB - 250 GB or higher Client CPU: Intel P3 450 MHz or higher Memory: 256MB or higher Server Operating System: Windows XP Pro (SP1/SP2) / Windows 2000 Server (SP4) / Windows 2003 Server (SP1), Windows Vista 32 bit English version Client JRE (Java Run-time Environment) version 1.5. and high Disable Pop-up blocker Microsoft Internet Eplore 6.0/7.0 Firefo 1.5 or higher on Microsoft SVGA resolution (1024768), 1280 recommended

Vantage CNM - 10 Centralized Network Management - 10 device access (Windows) 91-996-049001B Vantage CNM 25 Centralized Network Management - 25 device access (Windows) 91-996-050001B Vantage CNM 50 Centralized Network Management - 50 device access (Windows) 91-996-051001B Vantage CNM - 100 Centralized Network Management - 100 device access (Windows) 91-996-052001B Vantage CNM - 300 Centralized Network Management - 300 device access (Windows) 91-996-053001B Vantage CNM - 1000 Centralized Network Management - 1000 device access (Windows) 91-996-054001B

CNM obsahuje integrovanou verzi VRPT dle licence na CNM Kooperace CNM a samostatného VRPT na stejném PC není možná Upgrade z verze nižší na verzi vyšší je zdarma Registrace se provádí na MAC adresu síťové karty PC, na který je software instalován Licenci lze kdykoliv převést na jinou MAC adresu jiného PC Registrované licence se sčítaj tají: 10+25+50=85 licencí

Support list based on software CNM 3.0.00.61.00

Vantage Reporter System Specification: Server:Windows XP/2000/2003 Server,Windows Vista 32 bit Client:Browser: Microsoft IE 6.0 or later. Mozilla 1.7.12 or later, Friefo 1.0.7 or later on Microsoft. Screen resolution supported: 1024*768 Flash Player 7.0 and above Server: Number of devices CPU SPEC Memory HDD <5 Intel P4 2.6G or better 1G 10 GB < 50 Intel P4 2.6G or better 1G 2*devices 50~100 Intel P4 3.2G+ or better 1G 2*devices Client CPU: Intel P3 450 MHz or better Velikost jednoho logu je 300 bajtů. Note: Server can handle <=1500 logs/sec

VANTAGE REPORT 1DEVICE VANTAGE REPORT 1DEVICE 91-996-029001B VANTAGE REPORT 5 DEVICES VANTAGE REPORT 5 DEVICES 91-996-036001B VANTAGE REPORT 25 DEVICES VANTAGE REPORT 25 DEVICES 91-996-037001B VANTAGE REPORT 100 DEVICES VANTAGE REPORT 100 DEVICES 91-996-040001B

Upgrade z verze nižší na verzi vyšší je zdarma Registrace se provádí na MAC adresu síťové karty PC, na který je software instalován Licenci lze kdykoliv převést na jinou MAC adresu jiného PC Registrované licence se sčítaj tají: 1+5+25+=31 +25+=31 licencí

Technické informace Model Name ZyWALL P1 ZyWALL 2Plus ZyWALL 2WG ZyWALL 5 UTM ZyWALL 35 UTM ZyWALL 70 UTM ZyWALL USG 300 ZyWALL USG 1000 Performance How many users can use device? 1 <10 <15 <25 <100 <200 <300 <500 Firewall Troughput 80 Mbps 24 Mbps 24 Mbps 50 Mbps 60 Mbps 75 Mbps 200 Mbps 350 Mbps VPN 3DES/AES Troughput 30 Mbps 24 Mbps 24 Mbps 25 Mbps 30 Mbps 40 Mbps 100 Mbps 150 Mbps UTM Throughput (AV+IDP+Firewall) 5 Mbps - - 12 Mbps 14 Mbps 18 Mbps 48 Mbps 100 Mbps - AV+IDP+FW User Licenses NO VLAN Tagging 802.1q - DoS/DDoS Protection IDP - - Anti-Spam - - - - Anti-Virus - - Content Filter - Concurrent Sessions 1500 3000 3000 6000 UTM 4000 10000 10000 60000 200000 Up to simultaneous IPSec VPN connections 1 5 5 10 35 100 200 1000

Model Name ZyWALL P1 ZyWALL 2Plus ZyWALL 2WG ZyWALL 5 UTM ZyWALL 35 UTM ZyWALL 70 UTM ZyWALL USG 300 ZyWALL USG 1000 Up to simultaneous L2TP IPSec VPN connections - 200 1000 Up to simultaneous SSL VPN connections - 10 50 VPN HA Physical Specification Ports (10/100 Mbps Auto sensing & MDI/MDIX) 1LAN, 1WAN, 1USB 4LAN/DMZ, 1WAN 4LAN/DMZ, 1WAN, 1WLAN, 13G* 4LAN/DMZ, 1WAN, 13G* 4LAN/DMZ, 2WAN 1LAN, 4DMZ, 2WAN 7X 10/100/1000 Mbps, 2USB 5X 10/100/1000 Mbps, 2USB Redundancy Traffic Redirect, Dial Backup Multiple WAN Load Balance, Auto Fail-over, Fail-back, Dial Backup, Traffic Redirect Device Redundancy - Etension Card Slot - - 3G card 3G card, WLAN card, Turbocard WLANcard, Turbocard WLANcard, Turbocard 2 card bus card bus, USB, Mini- PCI, 2,5" HDD RS-232 console - Bridge - - Bandwidth Management - *optional support 3G card

UTM = AS + AV + IDP + CF Bandwidth Mgmt Web Filters Servers Anti-Virus VPN UTM / Firewall Load Balance Internet IDS / IDP Users Anti-Spam UTM (Unified Threat Management) IDP 3* 3* 3* 1* * Měsíců zdarma na vyzkoušení

Anti-Virus/IDP Acceleration Card with ZyXEL SecuASIC Technology for ZyWALL 5, 35 and 70 Servers Internet Users

Internet SSL VPN tunnel ZyWALL SSL VPN Eternal Database RADIUS Remote Users Zabezpečení jednorázovým heslem: Získá-li někdo nelegálně Vaše přihlašovací údaje k přístupu na firemní síť NEVADÍ!!! Přístup je navíc chráněn generováním jednorázového přístupového číselného hesla, které se dá použít jen jednou.

NAT Gateway nemáte žádný firewall, SSL 10 bude Vaším firewallem Employee on Home Computer ZyWALL SSL VPN (with NAT and Firewall) LAN Zone Internet WAN LAN Email Server BI System Employee Laptop In Airport Kiosk or In Hotel Encrypted Decrypted File Share OA, ERP System CRM System Authorized Partner Authorized Customer Web-based Application Application Server (Inventory, Store..) Remote Desktop Network Etend

Gateway s DMZ Zone pokud firewall již máte, SSL 10 bude doplňkem zabezpeření Vašich síťových dat ZyWALL zabezpečuje IDP/AV ZyWALL UTM provides Anti-Virus/IDP inspection on SSL-VPN traffic Employee on Home Computer ZyWALL UTM LAN Zone Employee Laptop In Airport Kiosk or In Hotel Internet WAN Encrypted DMZ LAN Decrypted Email Server File Share BI System OA, ERP System CRM System Authorized Partner Authorized Customer WAN DMZ Zone ZyWALL SSL VPN Web-based Application Application Server (Inventory, Store..) Remote Desktop Network Etend

3G Security Router druhá konektivita není v dosahu metalicky, ale je k dispozici GPRS nebo UMTS WIFI Security - WEP/WPA/WPA2-802.1 EAP Auth. 3G Data Card Access - Primary WAN - Backup WAN - Dual WAN (LB) AC 850 Internet ZyWALL 3W 2WG / 5 Internet ZyWALL 70 UTM Remote Office Central Office/ HQ

3G Security Router není k dispozici v dosahů žádná metalická, WiFi ani optická konektivita AC 850 Residential ZyWALL 2WG/5 3G Data Card Access - Primary WAN AC 850 Internet Residential ZyWALL 2WG/5

Management sítě Branch Office Dept. 1 Company C Internet Internet Security Appliance Dept. 2 IT Manager Vantage CNM Server Internet Security Appliance Personal Security Appliance Telecommuter

Centralizované logování a vyhodnocení záznamů ZyWALL A Syslog Vantage CNM & Reporting Server Online Query from Client with IE ZyWALL B Internet Syslog

VPN Tunnel is Up VPN Tunnel is Down

License & SKU of VRPT Install --Prompt to ask entering license during login Enable Trial Trial -- Full Function 1device 15 days trial Trial Epired Trial Epired -- No Function is allowed Enable License Enable License Enable License -- Full Function -- no time limitation 1/5/25/100/ device

License & SKU of CNM Install --Prompt to ask entering license during login Enable Trial Trial -- Full Function 100 device 90 days trial Trial Epired Trial Epired -- No Function is allowed Enable License Enable License Enable License -- Full Function -- no time limitation 10/25/50/100/300/1000 device

Questions?