USG 200 is ideal for complex network security in a single device for offices with up to 50 people.Status ICSA-certified firewall protects the network and important Internet services, such ase-mail, web browsing, and file transfer servers.As a protection against viruses and spyware, you can choose an antivirus program ICSA-certified ZyXEL or program from Kaspersky Labs.Contains the IDP module to protect the network from unauthorized intrusions, such asTrojans and worms.SSL or L2TP VPN to work from home and connect securely to the corporate network without having to install VPN software. Seven Gigabit Ethernet ports, two WAN ports.OTP port can be used as an additional WAN, LAN, WLAN or DMZ port.Expansion card slot lets you add wireless LAN IEEE 80211b/g or 3G wireless WAN.The device also includes two USB ports that can be used for 3G wireless WAN.Specifications:Main functions: ICSA Certified Firewall Antivir: ZyXEL antivirus, Kaspersky IDP VPN: ICSA-certified IPSec, SSL,L2TP Managing IM/P2P Antispam Individual (user-aware) configuration Bandwidth control Support for multiple providers (ISP link) Support ZyWALL OTP Support 3G Hardware specifications: Memory Size: 256 MB DDR2 RAM/256 MB Flash Ports: 7 x RJ-45 Gigabit Ethernet Interface: Auto-negotiation and Auto MDI/MDI-X Console: RS-232 (DB9F) AUX: RS-232 (DB9M) LEDs: PWR, SYS, AUX,CARD Reset button Expansion card slot 2x USB ports ICSA Certified Firewall: Access control lists (ACLs) based on zones Safety Zone Stateful Packet Inspection Protection against DoS/DDoS Set rules based on the user (user-aware) ALG to support user ports Protection against intrusion: In-line Mode (Routing/Bridge) IDP-based control zones (Requires a valid subscription) Customizable protection profile Deep packet inspection-based signatures Automatic signature updates Customized signatures Detection and prevention of anomalous data Detection and protection against flooding (flooding) Detection and prevention of anomalies in the protocol: HTTP/ICMP/TCP/UDP Antivir: ZyXEL Antivirus or Kaspersky antivirus Stream-based antivirus It covers the current list of viruses Wild List Scans HTTP/FTP/SMTP/POP3/IMAP4 Automatic signature updates No limit on file size Lists support Blacklist/Whitelist Hybrid VPN:IPSec VPN The ICSA-certified Encryption: AES/3DES/DES Authentication: SHA-1/MD5 Key Management: Manual Key/IKE Perfect Forward Secrecy: DH Group 1/2/5 NAT in the context of IPSec VPN Dead Peer Detection/Relay Detection Support for PKI certificate (X.509) Recording Receipts (CMP/SCEP) Xauth authentication Support for L2TP over IPSec SSL VPN Neklientský Secure Remote Access (Reverse Proxy Mode) SecuExtender (Full Tunnel Mode) Unified rules of use Support for two-factor authentication Customizable interface (user portal) Application Patrol: (Requires a valid subscription) Scalable application access settings IM/P2P Timesheets,Bandwidth Management Settings based on the user (user-aware) Current support IM/P2P (based on IDP signatures) Statistical listings in real time Bandwidth management: Set priorities Shapování stream based rules Maximum/guaranteed bandwidth Borrowing bandwidth Antispam: Protection according to zones Transparent interception mail via SMTP/POP3 protocols Lists support Blacklist/Whitelist Support DNSBL checking Statistical listings HighAvailability (high availability): Device HA (active/passive mode) Loss detection device Monitor the connection Configuring Auto-Sync Distribution data stream over multiple WAN connections VPN HA (backup remote VPN gateway) Content Filtering: URL blocking, Keyword blocking Exception List (Blacklist and Whitelist) Blocks Java Applet, Cookies and Active X Database for dynamic URL filtering (powered by BlueCoat)(Requires a valid subscription) User licenses: Unlimited Network connection: Routing Mode/Bridge Mode/Mixed Mode Grouping ports at Layer 2 Ethernet/PPPoE/PPTP Tagged VLAN (802nd1Q) Virtual interface (alias interface) Routing based on rules (with a resolution of users, user-aware) Rules-based NAT (SNAT/DNAT) RIP v1/v2 OSPF IP multicasting (IGMP v1/v2) DHCP client/server/relay Built-in DNS server Dynamic DNS Authentication: Internal User Database Microsoft Windows Active Directory External user database LDAP/RADIUS ZyWALL OTP (One Time Password) (sold separately) Forced user authentication (transparent authentication) System Management: Administrance role-based Multiple administrator login Multilingual web interface (HTTPS/HTTP) Object-oriented configuration Command line interface (console/web console/SSH/TELNET) Comprehensive local logging Syslog (send to up to 4 servers) Warning over email (sending up to 2 servers) SNMP v2c (MIB-II) Monitoring data stream in real time Restoring the previous configuration (rollback) Text configuration file Firmware upgrade via FTP/FTP-TLS/Web GUI Advanced listings (Vantage Report) Centralized Network Management (Vantage CNM) Certification: ICSA Certified Firewall IPSec VPN The ICSA-certified Compatible standards: HSF (Hazardous Substance Free, with no hazardous substances): RoHS and WEEE EMC: FCC Part 15 Class B, CE-EMC Class B, C-Tick Class B, VCCI Class B Safety: CSA International (ANS/UL60950-1, CSA60950-1, EN60950-1,IEC60950-1) Dimensions: Possibility of mounting rack (kit for rack mounting is included) 242 x 175 x 35.5 mm Weight: 1.2 kg Power: Input: 100 ~ 240 V, 12 A, 50 ~ 60 Hz Output: 12 V, 3.5 A