User Manual
Page 31
...ZyWALL provides excellent throughput with minimal configuration. ZyWALL USG 50 User's Guide 31 It also provides bandwidth management, Instant Messaging (IM) and Peer to start or stop the ZyWALL. 1.1 Overview and Key Default Settings The ZyWALL is a comprehensive security device. Its flexible configuration helps network administrators set up the network and enforce security policies efficiently. The ZyWALL..., DHCP server and many other powerful features. In addition, the ZyWALL provides excellent throughput, making it an ideal solution for your company. Flexible configuration helps...
...ZyWALL provides excellent throughput with minimal configuration. ZyWALL USG 50 User's Guide 31 It also provides bandwidth management, Instant Messaging (IM) and Peer to start or stop the ZyWALL. 1.1 Overview and Key Default Settings The ZyWALL is a comprehensive security device. Its flexible configuration helps network administrators set up the network and enforce security policies efficiently. The ZyWALL..., DHCP server and many other powerful features. In addition, the ZyWALL provides excellent throughput, making it an ideal solution for your company. Flexible configuration helps...
User Manual
Page 39
... applications like text messaging, voice, video conferencing, and file transfers). This maximizes SIP traffic throughput for improved VoIP call sound quality. 2.2 Applications These are suspected of being used by spammers. Use the white list to identify spam e-mail. ZyWALL USG 50 User's Guide 39 Patrol) manages instant messenger (IM), peer-to enhance the performance...
... applications like text messaging, voice, video conferencing, and file transfers). This maximizes SIP traffic throughput for improved VoIP call sound quality. 2.2 Applications These are suspected of being used by spammers. Use the white list to identify spam e-mail. ZyWALL USG 50 User's Guide 39 Patrol) manages instant messenger (IM), peer-to enhance the performance...
User Manual
Page 82
...gateway) to an IPSec server. Phase 1 Settings There are two phases to use on DES 82 ZyWALL USG 50 User's Guide A phase 1 exchange establishes an IKE SA (Security Association). If this may affect throughput). The longer the key, the higher the security (this field is the client (dial-in this... uses a 56-bit key. Chapter 5 Quick Setup • Remote Access (Client Role) - Choose this field, it is a variation on your ZyWALL. • Negotiation Mode: Select Main for the chosen scenario. Select Aggressive to allow more incoming connections from the drop-down list box to every IKE...
...gateway) to an IPSec server. Phase 1 Settings There are two phases to use on DES 82 ZyWALL USG 50 User's Guide A phase 1 exchange establishes an IKE SA (Security Association). If this may affect throughput). The longer the key, the higher the security (this field is the client (dial-in this... uses a 56-bit key. Chapter 5 Quick Setup • Remote Access (Client Role) - Choose this field, it is a variation on your ZyWALL. • Negotiation Mode: Select Main for the chosen scenario. Select Aggressive to allow more incoming connections from the drop-down list box to every IKE...
User Manual
Page 83
...DH1 or DH2 (although it may affect throughput). The SHA1 algorithm is a NAT router between the IPSec devices). DH5 refers to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. If it responds, the ZyWALL transmits the data. ZyWALL USG 50 User's Guide 83 SHA-1 gives higher security.... DH1 (default) refers to use a password or Certificate to Diffie-Hellman Group 1 a 768 bit random number. See the help in increased latency and decreased throughput. AES128 uses a 128-...
...DH1 or DH2 (although it may affect throughput). The SHA1 algorithm is a NAT router between the IPSec devices). DH5 refers to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. If it responds, the ZyWALL transmits the data. ZyWALL USG 50 User's Guide 83 SHA-1 gives higher security.... DH1 (default) refers to use a password or Certificate to Diffie-Hellman Group 1 a 768 bit random number. See the help in increased latency and decreased throughput. AES128 uses a 128-...
User Manual
Page 84
...Diffie-Hellman Group 1 a 768 bit random number. The SHA1 algorithm is generally considered stronger than DH1 or DH2 (although it may affect throughput). DH1 refers to authenticate packet data. Phase 2 Phase 2 in an IKE uses the SA that was established in phase 1 to ...but is less secure. DH5 refers to have the ZyWALL automatically renegotiate the IPSec SA when the SA life time expires. 84 ZyWALL USG 50 User's Guide DH2 refers to enable PFS. You can also specify a subnet. Select this may affect throughput). Null uses no encryption. • Authentication Algorithm...
...Diffie-Hellman Group 1 a 768 bit random number. The SHA1 algorithm is generally considered stronger than DH1 or DH2 (although it may affect throughput). DH1 refers to authenticate packet data. Phase 2 Phase 2 in an IKE uses the SA that was established in phase 1 to ...but is less secure. DH5 refers to have the ZyWALL automatically renegotiate the IPSec SA when the SA life time expires. 84 ZyWALL USG 50 User's Guide DH2 refers to enable PFS. You can also specify a subnet. Select this may affect throughput). Null uses no encryption. • Authentication Algorithm...
User Manual
Page 115
... adds the cellular interface to enhance overall network throughput. Plus, if a WAN connection goes down, the ZyWALL still sends traffic through each of it . As these connections have to set up this trunk. This way the ZyWALL can still access the Internet, your cellular interface ... trunk and you can automatically balance the traffic load amongst the available WAN connections to the system default WAN trunk. ZyWALL USG 50 User's Guide 115 If the ZyWALL is 1Mbps (wan1) and 512 Kbps (wan2) respectively. You only have different bandwidth, use the Trunk screens to...
... adds the cellular interface to enhance overall network throughput. Plus, if a WAN connection goes down, the ZyWALL still sends traffic through each of it . As these connections have to set up this trunk. This way the ZyWALL can still access the Internet, your cellular interface ... trunk and you can automatically balance the traffic load amongst the available WAN connections to the system default WAN trunk. ZyWALL USG 50 User's Guide 115 If the ZyWALL is 1Mbps (wan1) and 512 Kbps (wan2) respectively. You only have different bandwidth, use the Trunk screens to...
User Manual
Page 218
... lan1, lan2 or dmz port and change the port's role: 218 ZyWALL USG 50 User's Guide Chapter 11 Interfaces Table 52 Relationships Between Different Types of ... > Interface > Port Role. This creates a hardware connection between physical ports, interfaces, and zones in the ZyWALL. • See Section 6.5.4 on page 96 for related information about the Interface screens. • See Section...on top of the lan1, lan2 or dmz interfaces. This provides wire-speed throughput but no security. You cannot set the ZyWALL's flexible ports as part of it. Note the following if you are ...
... lan1, lan2 or dmz port and change the port's role: 218 ZyWALL USG 50 User's Guide Chapter 11 Interfaces Table 52 Relationships Between Different Types of ... > Interface > Port Role. This creates a hardware connection between physical ports, interfaces, and zones in the ZyWALL. • See Section 6.5.4 on page 96 for related information about the Interface screens. • See Section...on top of the lan1, lan2 or dmz interfaces. This provides wire-speed throughput but no security. You cannot set the ZyWALL's flexible ports as part of it. Note the following if you are ...
User Manual
Page 219
This provides wire-speed throughput but no security. • It can increase the bandwidth between physical ports in this button to save your computer's IP address is in the same ... ports. Click this screen, click Configuration > Network > Interface > Ethernet. When you assign more than one physical port to a network, you want to use each belongs. ZyWALL USG 50 User's Guide 219 Port groups have the following characteristics: Apply Reset • There is described below. The port will use the port as the...
This provides wire-speed throughput but no security. • It can increase the bandwidth between physical ports in this button to save your computer's IP address is in the same ... ports. Click this screen, click Configuration > Network > Interface > Ethernet. When you assign more than one physical port to a network, you want to use each belongs. ZyWALL USG 50 User's Guide 219 Port groups have the following characteristics: Apply Reset • There is described below. The port will use the port as the...
User Manual
Page 271
...timesensitive traffic (like video) usually goes through the interface connected to passive. This way VoIP traffic goes through the higher-bandwidth interface. ZyWALL USG 50 User's Guide 271 Maybe you might want to use least load first load balancing to each trunk and the load balancing algorithm each trunk... a trunk with different bandwidths. Suppose ISP A has better connections to Europe while ISP B has better connections to increase overall network throughput and reliability. CHAPTER 12 Trunks 12.1 Overview Use trunks for WAN traffic load balancing to Australia.
...timesensitive traffic (like video) usually goes through the interface connected to passive. This way VoIP traffic goes through the higher-bandwidth interface. ZyWALL USG 50 User's Guide 271 Maybe you might want to use least load first load balancing to each trunk and the load balancing algorithm each trunk... a trunk with different bandwidths. Suppose ISP A has better connections to Europe while ISP B has better connections to increase overall network throughput and reliability. CHAPTER 12 Trunks 12.1 Overview Use trunks for WAN traffic load balancing to Australia.
User Manual
Page 273
...measured outbound throughput over the available outbound bandwidth. The available bandwidth you configure on the server, the request goes out through wan2. 3 The server finds that the request comes from the LAN) should use for WAN 1 and WAN 2 are 512K and 256K respectively. ZyWALL USG 50 User's ...Guide 273 Here the ZyWALL has two WAN interfaces connected to normal connection-oriented, UDP or SNMP2 traffic. Figure 169 Least Load First Example The outbound...
...measured outbound throughput over the available outbound bandwidth. The available bandwidth you configure on the server, the request goes out through wan2. 3 The server finds that the request comes from the LAN) should use for WAN 1 and WAN 2 are 512K and 256K respectively. ZyWALL USG 50 User's ...Guide 273 Here the ZyWALL has two WAN interfaces connected to normal connection-oriented, UDP or SNMP2 traffic. Figure 169 Least Load First Example The outbound...
User Manual
Page 297
... Slow OSPF Large Bandwidth, hop count, throughput, round trip time and reliability. RIP and OSPF are usually only used in networks using multiple routers like campuses or large enterprises. 14.1.1 What You Can Do in this routing information in the rest of the chapter. ZyWALL USG 50 User's Guide 297 Fast Finding Out More...
... Slow OSPF Large Bandwidth, hop count, throughput, round trip time and reliability. RIP and OSPF are usually only used in networks using multiple routers like campuses or large enterprises. 14.1.1 What You Can Do in this routing information in the rest of the chapter. ZyWALL USG 50 User's Guide 297 Fast Finding Out More...
User Manual
Page 300
... 89. All other areas. It does not have any routing information about the OSPF AS, any networks outside the OSPF AS. 300 ZyWALL USG 50 User's Guide There are connected to which the NSSA is a group of areas. • The backbone is the transit area that provide ...) has routing information about other networks outside the OSPF AS that routes packets between other areas are several factors, including bandwidth, hop count, throughput, round trip time, and reliability, when it calculates the shortest path. • OSPF converges more quickly than RIP, so OSPF is divided...
... 89. All other areas. It does not have any routing information about the OSPF AS, any networks outside the OSPF AS. 300 ZyWALL USG 50 User's Guide There are connected to which the NSSA is a group of areas. • The backbone is the transit area that provide ...) has routing information about other networks outside the OSPF AS that routes packets between other areas are several factors, including bandwidth, hop count, throughput, round trip time, and reliability, when it calculates the shortest path. • OSPF converges more quickly than RIP, so OSPF is divided...
User Manual
Page 384
...key that uses use a 1536-bit random number Related Settings Add this to turn on the VPN connection check. 384 ZyWALL USG 50 User's Guide Select this VPN connection to IPSec_VPN zone. Choices are : NULL - Select whether or not you want ... more secure, but require more secure the encryption, but it is not associated with the AES encryption algorithm The ZyWALL and the remote IPSec router must use in the IPSec SA. a 128-bit key with the AES encryption algorithm...- The longer the key, the more processing power, resulting in increased latency and decreased throughput.
...key that uses use a 1536-bit random number Related Settings Add this to turn on the VPN connection check. 384 ZyWALL USG 50 User's Guide Select this VPN connection to IPSec_VPN zone. Choices are : NULL - Select whether or not you want ... more secure, but require more secure the encryption, but it is not associated with the AES encryption algorithm The ZyWALL and the remote IPSec router must use in the IPSec SA. a 128-bit key with the AES encryption algorithm...- The longer the key, the more processing power, resulting in increased latency and decreased throughput.
User Manual
Page 388
... SA uses. SPI Type a unique SPI (Security Parameter Index) between the ZyWALL and remote IPSec router. this mode only encrypts the data. If you must use the same algorithm. 388 ZyWALL USG 50 User's Guide Active Protocol Select which hash algorithm to use to use the ... and the data Transport - You should only select this case, the ZyWALL generates a log message for communication between 256 and 4095. The ZyWALL and remote IPSec router must use in increased latency and decreased throughput. a 56-bit key with the DES encryption algorithm AES128 - a ...
... SA uses. SPI Type a unique SPI (Security Parameter Index) between the ZyWALL and remote IPSec router. this mode only encrypts the data. If you must use the same algorithm. 388 ZyWALL USG 50 User's Guide Active Protocol Select which hash algorithm to use to use the ... and the data Transport - You should only select this case, the ZyWALL generates a log message for communication between 256 and 4095. The ZyWALL and remote IPSec router must use in increased latency and decreased throughput. a 56-bit key with the DES encryption algorithm AES128 - a ...
User Manual
Page 397
... packet data in the IPSec SA. This field is not associated with the AES encryption algorithm Authentication The ZyWALL and the remote IPSec router must use the same negotiation mode. Select which Diffie-Hellman key group (DHx...bit random number DH2 - a 256-bit key with a specific proposal. a 168-bit key with the DES encryption algorithm 3DES - ZyWALL USG 50 User's Guide 397 Choices are : DES - this to create a new entry. a 56-bit key with the DES encryption algorithm ...but takes more processing power, resulting in increased latency and decreased throughput.
... packet data in the IPSec SA. This field is not associated with the AES encryption algorithm Authentication The ZyWALL and the remote IPSec router must use the same negotiation mode. Select which Diffie-Hellman key group (DHx...bit random number DH2 - a 256-bit key with a specific proposal. a 168-bit key with the DES encryption algorithm 3DES - ZyWALL USG 50 User's Guide 397 Choices are : DES - this to create a new entry. a 56-bit key with the DES encryption algorithm ...but takes more processing power, resulting in increased latency and decreased throughput.
User Manual
Page 437
...) and instant messenger (IM), peer-to-peer (P2P), Voice over all other traffic going through the ZyWALL. This maximizes SIP traffic throughput for improved VoIP call sound quality. 28.1.1 What You Can Do in this . ZyWALL USG 50 User's Guide 437 CHAPTER 28 Application Patrol 28.1 Overview Application patrol provides a convenient way to manage the...
...) and instant messenger (IM), peer-to-peer (P2P), Voice over all other traffic going through the ZyWALL. This maximizes SIP traffic throughput for improved VoIP call sound quality. 28.1.1 What You Can Do in this . ZyWALL USG 50 User's Guide 437 CHAPTER 28 Application Patrol 28.1 Overview Application patrol provides a convenient way to manage the...
User Manual
Page 448
... service with your changes back to manage traffic of the most commonly used web, file transfer and e-mail protocols. 448 ZyWALL USG 50 User's Guide Signature Information The following fields display information about the current state of your subscription for IDP/application patrol signatures....continued) LABEL DESCRIPTION Enable Highest Bandwidth Priority for SIP Traffic Select this to maximize the throughput of SIP traffic to manage traffic of individual applications. This has the ZyWALL immediately send SIP traffic upon identifying it. Reset Click Reset to return the screen to...
... service with your changes back to manage traffic of the most commonly used web, file transfer and e-mail protocols. 448 ZyWALL USG 50 User's Guide Signature Information The following fields display information about the current state of your subscription for IDP/application patrol signatures....continued) LABEL DESCRIPTION Enable Highest Bandwidth Priority for SIP Traffic Select this to maximize the throughput of SIP traffic to manage traffic of individual applications. This has the ZyWALL immediately send SIP traffic upon identifying it. Reset Click Reset to return the screen to...
User Manual
Page 717
... ZyWALL also supports private MIBs (zywall.mib and zyxel-zywall-ZLDCommon.mib) to configure your ZyWALL's... SNMP settings, click Configuration > System > SNMP tab. This trap is sent when an SNMP request comes from an agent, it initiates a Get operation, followed by the agent to retrieve all elements of a table from non-authenticated hosts. 45.10.3 Configuring SNMP To change your SNMP ZyWALL USG 50...ZyWALL supports MIB II that is turned on or an agent restarts. You can download the ZyWALL...zyxel.com. 45.10.2 SNMP Traps The ZyWALL ...
... ZyWALL also supports private MIBs (zywall.mib and zyxel-zywall-ZLDCommon.mib) to configure your ZyWALL's... SNMP settings, click Configuration > System > SNMP tab. This trap is sent when an SNMP request comes from an agent, it initiates a Get operation, followed by the agent to retrieve all elements of a table from non-authenticated hosts. 45.10.3 Configuring SNMP To change your SNMP ZyWALL USG 50...ZyWALL supports MIB II that is turned on or an agent restarts. You can download the ZyWALL...zyxel.com. 45.10.2 SNMP Traps The ZyWALL ...
User Manual
Page 723
Note: Data collection may decrease the ZyWALL's traffic throughput rate. CHAPTER 46 Log and Report 46.1 Overview Use these screens to configure daily reporting and log settings. 46.1.1 What You Can Do In this .... 46.2 Email Daily Report Use the Email Daily Report screen to start or stop data collection and view various statistics about traffic passing through your ZyWALL. ZyWALL USG 50 User's Guide 723
Note: Data collection may decrease the ZyWALL's traffic throughput rate. CHAPTER 46 Log and Report 46.1 Overview Use these screens to configure daily reporting and log settings. 46.1.1 What You Can Do In this .... 46.2 Email Daily Report Use the Email Daily Report screen to start or stop data collection and view various statistics about traffic passing through your ZyWALL. ZyWALL USG 50 User's Guide 723
User Manual
Page 752
... your computer where you want to delete. The ZyWALL's throughput or performance may be affected while a packet capture is full, adding more packet captures will fail. You can download the files to your computer. 752 ZyWALL USG 50 User's Guide The total number of packet captures the ZyWALL has performed. This screen lists the files of...
... your computer where you want to delete. The ZyWALL's throughput or performance may be affected while a packet capture is full, adding more packet captures will fail. You can download the files to your computer. 752 ZyWALL USG 50 User's Guide The total number of packet captures the ZyWALL has performed. This screen lists the files of...