Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Introduction

Updated 5/23/2011 - RV220W info corrected. EPS AV feature clarified

ZyXEL USG 20

At a Glance
Product ZyXEL Unified Security Gateway (USG20)
Summary Business class router with Gigabit ports, IPsec and SSL gateways, one-to-one NAT, bandwidth management and more
Pros • Endpoint Security checking
• Free Anomaly Detection
• Flexible Network Options
• Multiple information and report options
Cons • Manual lacks examples
• Limited number of VPN tunnels

In this review, I'm going to cover Zyxel's USG20 security router.  This small network security device has quite a few networking and security options.  Although the USG20 isn't a full Unified Threat Management (UTM) device because it lacks anti-virus and intrusion detection and prevention, it provides some excellent security and networking features.

I looked at Zyxel's USG100 UTM device a couple years ago, and the USG20 shares a lot of its functionality. So I'll refer to that review periodically.  The USG20 isn't just a refresh of an older device, though.  The USG20 introduces some new features. Note that Zyxel also offers the USG20W that includes a wireless AP.

Physically, the USG20 is a desktop device, measuring 8.25” (W) x 5.5” (D) x 1.25” (H).  It does not have rack mounting options.  There is an internal fan which is audible, but I didn't find it any more offensive than the fan in my laptop.

The front of the device (Figure 1) has the device's indicator lights.

USG20 Front Panel

Figure 1: USG20 Front Panel

The rear of the device (Figure 2) has the physical Ethernet ports, a console port, USB port, reset button and power connector.

USG20 Rear Panel

Figure 2: USG20 Rear Panel

As Tim covered recently, the USG20 is powered by a Cavium CN5010 CPU running at 400MHz paired with 256 MB of DDR2 RAM, 128 MB of Flash, and a Realtek RTL8367R Ethernet chip.

USG20 Board top

Figure 3: USG20 Board top

Configuration

One of the strengths of the USG20 is that it provides a good amount of information in various formats.  Logging into the USG20 web GUI presents a useful dashboard of high level status indicators, shown in Figure 4.

USG20 Status page

Figure 4: USG20 Status page

Configuration of the USG20 is object oriented, meaning you create an object, such as an IP address, a user, a schedule, an application, etc. and then apply it elsewhere in the configuration.  As I mentioned in my review of the USG100, I like this form of configuration because it is very flexible. Once you get used to it, you can create numerous configuration options that are easy to select.

There are three main menus in the USG20.  The first menu is labeled Monitor which has 13 different screens for viewing status of the hardware and network activity, statistics on various activities, and log messages.

The second menu is labeled Configuration.  There are 40 different configuration screens available via this menu, many with multiple tabs.  I like the layout of the menu; I found it intuitive to navigate and responsive. 

The third menu is labeled Maintenance.  The options here enable upgrading firmware, backing up and restoring configurations, rebooting and shutting down the device, as well as a useful packet capture tool.  I used this menu to upgrade the USG20 to the latest firmware, as well as to restore it to factory default settings.

The USG20 supports SSH and Telnet access if you prefer to configure it via the command line (CLI).  SSH is enabled by default, Telnet has to be enabled if you wish to use it.  The USG20 also has a console port and comes with a console cable, enabling configuration if you can't get into the device via the network.  The USG20's CLI commands follow a similar structure as other major network providers, such as Cisco and Juniper, and “?” is available to display command line configuration options.  Zyxel also has a CLI reference guide in their on line download library.

The USG20's manual is over 900 pages long but, quite frankly, not very useful.  The manual is long on descriptions of the configuration options and short on basic configuration examples.  It is a good thing the menus are intuitive!

More LAN & WAN

Wi-Fi System Tools
Check out the new Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors



Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hello Guys,I have a new AC86U and flash it to Merlin 384.5. I use a HDD connect to usb3.0 port and follow a tourist install Transmission (2.94).The pr...
Will the gt-ax 5300 or the gt-ax 11000 or the rt-ax 86u or the rt AX 88u support full cone Nat?As far as I'm aware it can't be enabled in the rt ac88u...
I have an ASUS RT-AC5300 router running the latest stable version of Asuswrt-Merlin (384.5). When I perform an external nmap scan on my IP address, it...
Hi. I just installed Entware on my Asus-Merlin router, and one of the terminal outputs as it installed caught my eye.Code: Configuring locales.Entwar...
Router:RT-AC66U with Merlin's 380.70 firmwareI have just been switched over by my ISP from ADSL to VDSL2. Previously, I connected with PPPoE and easil...

Don't Miss These

  • 1
  • 2
  • 3