Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews


Key security features of the USG20 are configured in the Anti-X menu.  These features are Anomaly Detection and Prevention (ADP), Content Filtering, and Anti-Spam protection.

Zyxel's ADP seems to be a poor man's version of Intrusion Detection System (IDS) and Intrusion Detection and Prevention (IDP).  The USG20's ADP feature protects against network threats such as port scans, DoS (Denial of Service) attacks, and protocol based attacks via http, tcp, udp and icmp.

Zyxel's ADP, like an IDS/IDP system, relies on signature databases for detecting unsafe traffic types.  A signature is a traffic pattern or characteristic that is considered potentially malicious.  The firewall  compares incoming and outgoing traffic against its database of patterns, and blocks those that match the patterns it holds in its database.  The USG20 updates its ADP database from Zyxel which has a partnership with Lionic for current signature files.

ADP is enabled by default.  Enabling and disabling ADP is a simple check box.  Options for customizing ADP includes defining which zones (LAN1, LAN2, DMZ) are to be protected by ADP and selecting traffic types (port scans and floods) and protocols (http, tcp, udp, icmp) to be scanned.

Running a port scan on the USG20 triggered dozens of messages in the log, all alerting of unsafe traffic hitting the firewall and blocked.  As you can see in the log output in Figure 10, the USG20 successfully detected the traffic anomaly and blocked it.  (A port scan is both a useful tool for a network administrator, as well as for a hacker.  It scans a device for possible open ports that can be used for unauthorized access.)

Log messages from port scan

Figure 10: Log messages from port scan

The USG20's ADP functionality isn't as comprehensive as an IDS/IDP solution, but it has a key advantage in that it is free!

Content Filtering

The USG20 comes with a 30 day trial for Content Filtering, with a suggested retail price of $77 annually.  Content Filtering on the USG20 is facilitated through a partnership with BlueCoat.

Configuration of Content Filtering is pretty straightforward and consistent with the object oriented methods found in other menus.  First, a Filter Profile is created.  Within the Filter Profile, you define whether a web page will generate a warning, be blocked or passed, and/or whether it will trigger a log report. 

There are 66 different managed web site categories, shown in Figure 11, plus three categories for filtering sites known to be risky for Phishing, Spyware/Malware, and Spyware/Privacy.

Log messages from port scan

Figure 11: Web filter categories

Web features such as ActiveX, Java, Cookies, and Web Proxies can also be blocked.  A white list and  a black list of web sites, as well as key words found in URLs can also be defined as part of the Filter Profile.

Once the Filter Profile is created, it is applied to a Policy where the schedule, zones, and users that will be subject to the Filter Profile are specified.  In addition, a custom message and URL to redirect end users can be applied.

I looked up in the Profile tool, it is listed as a Computers/Internet site, so I created and applied a simple Profile to block Computers/Internet sites.  Upon browsing to, I was presented with the below default message.

The web access is restricted. Please contact with administrator.(Computers/Internet)

It's a good thing the default message can be edited!  Nevertheless, filtering seemed to work as expected.  Selecting all categories for filtering is a bit excessive, you can't even go to Google, but the USG20 certainly provides plenty of filtering options.


The USG20's Anti-Spam feature is based on do-it-yourself lists of black lists, white lists, and domain names.  This is not a very comprehensive solution, as it leaves the blocking definitions up to the network administrator instead of leveraging a database of known spammers.  On the other hand, it is cost effective because there isn't a monthly or annual subscription cost.

Emails matching a black list or domain list can be blocked, or tagged with a specific text string and forwarded.  The default tag is [SPAM], which can be customized.  Figure 12 is a screen shot of a simple domain list I set up to tag all emails from  Once tagged, I set up a rule in my email program (Outlook) to delete emails with the [SPAM] tag.

Anti-spam setup

Figure 12: Anti-spam setup

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!


Over In The Forums

I have wanted Netgear to give us simple bandwidth monitoring. My need is pretty basic, I’d like to know how much bandwidth each device is using. My ne...
ASUS RT-AC88U Firmware version Fixed Let's Encrypt not working properly.- Fixed web browsing issue when enabled parental control ...
I'm seeing average daily internet usage as reported by my ISP as hovering around 10-20 GB per day, so I wanted to dig into my router settings to see w...
Hi, woke up this morning and had no internet after turning everything on, I usually power down my stuff at night when not in use. Anyhow turned it all...
Hi all,Firstly, I did some searching already with no luck.I am hoping someone can shed some light on my issue as I don't seem to be able to get my ful...

Don't Miss These

  • 1
  • 2
  • 3