Review: ZyWall Cuts the Wires Using 3G
For small and home-based businesses in areas where broadband is not available or too expensive, the only options are satellite or dial-up.
Networking manufacturer ZyXel attempts to address these two issues with its ZyWall 2WG wireless router. ZyWall 2WG is an 802.11a/b/g-capable security appliance that works with an existing wired network, 3G cellular networks or dial-up to provide Internet connectivity.
Areas that have 3G high-speed wireless—which include HSDPA from GSM carriers such as AT&T Cingular and EV-DO from CDMA carriers such as Verizon and Sprint—can configure the ZyWall to use the cellular network as the primary Internet uplink instead of worrying about broadband. How simplistic and convenient an idea is that?
ZyXel shipped the router with a Sprint Mobile Broadband Card. The Test Center connected broadband—in this case, Verizon DSL—to the ZyWall as the primary WAN link. Sprint's EV-DO network was designated for failover. Reviewers configured the ZyWall to use analog dial-up if both DSL and EV-DO options were unavailable, but this option wasn't tested.
Testing was uneventful. To get started, reviewers inserted the Sprint PC card into ZyWall, connected an Ethernet cable from the DSL modem into the wired port, and powered up the box. A laptop was connected to the LAN port and a Web browser opened to the router's configuration interface. Reviewers tested the router's failover capabilities by unplugging the Ethernet cable to see if it could switch to the EV-DO network. It took about 40 seconds to do so.
The ZyWall 2WG has configurable security zones, redundant VPN tunnels, bandwidth management, Web filtering, firewall capability, and encryption options including WPA-2 Enterprise. SSID hiding, MAC filters, WEP, WPA/WPA2-Personal and master key caching are also supported. WPA/WPA2-Enterprise requires an external RADIUS server. ZyWall 2WG also supports stateful packet inspection, third-party Web filtering products and remote management features.
By default, the appliance works in route mode with Network Address Translation enabled. It's possible to use it in transparent bridged mode as well. Most defaults are just fine for home users and small offices.
The ZyWall has a budget function that reviewers particularly liked. This feature allows admins to specify how much bandwidth can be used per month—an attractive feature if the cellular or broadband provider wasn't providing unlimited bandwidth. The appliance would automatically cut off service if the set usage threshold was exceeded. The thresholds can be set on time and volume. The ZyWall can log excess, send an alert, or just disconnect users.
The management interface is very thorough and flexible to suit advanced administrators, but it can be a little bit too much for the home user. Some things are a bit too complicated, like the ability to assign ports into LAN, WLAN and DMZ security zones, for the most basic users. Businesses will like this flexibility, but home users will be perplexed when faced with this option. Advanced mapping for NAT is also possible, with associated firewall rules for each affected zone.
ZyWall also can handle up to eight SSIDs at a time, each with its own security profile. While this is nice, it's limited, as the ZyWall 2WG supports only one active SSID at a time. Solution providers can sell this appliance, with a street price of about $270, to customers looking for an affordable broadband solution, or for road warriors who need to have wireless access at conferences, trade shows, meetings or just while on the go.
Almost every major networking company has a wireless router on the market, but ZyXel manages to carve out a unique niche in this crowded space.