Zyxel Firewall

Version : Zyxel Firewall USG 60(W), USG 110 & USG 310

Zyxel firewalls are next-generation firewalls designed to deliver high availability, anti-malware protection, and consolidated policy enforcement for medium to large-sized businesses and campuses.

Zyxel firewall when configured sends events to Netsurion using syslog. Zyxel Firewall sends events like antivirus scan, intrusion detection and prevention, anti-spam, anti-virus, content filtering, unified security policy, IPsec VPN, SSL VPN, and WLAN management. Generates reports on antivirus spam detail, intrusion activities, configuration changes, interface statistics, traffic denied, etc. It contains username, client IP address, status, message, action, file path, file name, and hash. Graphically displays interface statistics, traffic denied by reason, traffic denied by IP address, threat detected by file name, device name, device IP, etc.

  • Operations – Traffic activities
  • Compliance – Interface statistics

After the Zyxel firewall is configured to deliver events to Netsurion Open XDR, alerts, dashboards, and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Reports

Type Name Description
Operations Zyxel Firewall – Interface activities This report provides information related to interface down, inactive, active, interface port address, packets sent, packets received, and port status.
Compliance Zyxel firewall – Traffic denied This report provides information related to suspicious traffic denied. It provides information like username, source IP, source port, destination IP, destination port, direction, and reason.

Documentation:

The configuration details are consistent with Netsurion Open XDR 9.2 and later, and Zyxel firewall.

Download Integration Guide and How-to Guide for configuration instructions and more information.