title=

Setting up Tailscale on the Zyxel USG Flex 500H gateway

... the Zyxel USG Flex 500H security gateway, analyze the configuration features, ... both offline and through the Nebula cloud platform. Its hardware ... intermediaries. To bypass NAT and firewalls, Tailscale uses STUN / (Session ... Tailscale account, but unlike traditional VPN networks, this is enough ... network gateway for the entire VPN session, while maintaining routing ... through an additional router or VPN. This is convenient when ... integrating Tailscale with existing corporate VPN solutions. To do this, ...
 title=

Bulletin on IoT security. Is your network ready for Internet of Things exploits?

Not so long ago, Human Security revealed an entire shadow network associated with infected devices and malicious applications. Infected were not only Android TV set-top boxes, but also tablet PCs, wearable devices and even cars. Some IoT devices may even be infected with viruses or Trojans already at the stage of their production or sale, and since it is impossible to imagine a modern company without IoT today, it is important to properly protect your network. Today's world is completely ...
 title=

Setting up GeoIP blocking for web services using pfSense, HAProxy and free IPDeny databases

One of the ways to protect a web service may be to restrict access to it by IP, including GeoIP, based on the user's location. We will set up protection without using paid services, without Maxmind, without registration and SMS Today, many organizations that transfer their services to web platforms are forced to provide an entry point to the Internet for user authentication. Even with 2-factor authentication, a web service accessible via the Internet remains vulnerable to complex attacks, the ...
 title=

Let's explore the features of Zyxel XMG1930-30HP, a switch with 2.5G/10G PoE ports and licensed L3 functions

Zyxel reasoned this way: if the L3 functionality is already determined only by the firmware, 99% choose an access switch for the sake of port density, PoE, VLAN, Multicast, and less often for static routing, then here's the base model XMG1930, which is generally L2, but slightly L3. And if your network requires advanced L3 functions, then all this is also there, just buy the appropriate license and get the core-level functionality. You can do this at any time, even when buying a device, even ...
 title=

Zyxel XGS2220-30HP - L3 Access switch for modern converged networks

This L3 layer switch has 4 x 10-Gigabit SFP+ slots, 1-Gigabit PoE+ ports for the main fleet of devices, NVR/VoIP optimized interface, support for Nebula cloud service and multi-Gigabit PoE+ ports for Wi-Fi 6 access points. That is, Zyxel has added a maximum of functions to make it the most versatile. In the Zyxel hierarchy, the XGS2220 series refers to access switches, that is, to the lowest level that serves end devices and access points. We are used to the fact that cheap maintenance-free ...
 title=

We explore Zyxel Connect & Protect and answer the main questions: is it possible to do without a security gateway?

From the point of view of the network, a modern facility can be just one access point connected directly to the WAN from the provider, and there are enough resources on this access point to raise the VPN tunnel to the headquarters, and for NAT, and to configure restrictions for customers and for basic protection of customers and employees. No, but really, why should an expensive security gateway be built on a small facility where the network infrastructure is completely wireless? Modern ...
 title=

Will Zyxel Nebula survive on the sovereign internet?

What will happen to your network if the Iron Curtain suddenly falls, and the Global Internet turns into something sovereign and all cross-border channels are blocked? Let's simulate this situation and tell you how to unsign the device from Nebula without Internet access. We have reviewed the Nebula Control Center management system from Zyxel many times. This is a cloud service that allows you to configure and monitor the company's network stack via the Internet, including setting up Wi-Fi, ...
 title=

Orchestration of wireless networks in Zyxel Nebula CC: configuring horizontal traffic protection and shaping

... traditional topology, in which a security gateway was installed on top, and ... the network, and using the Firewall inside the network segment is ... is broadcast immediately to the security gateway, on which the access rules ... be a direct channel via VPN to the headquarters (Secure WiFi ... CIDR" will become available. Firewall rules only apply to traffic ... capabilities of the built-in Firewall of access points will be ... are scary. Conclusions The Zyxel Nebula Control Center cloud management system ...
 title=

Quick setup of a wireless network via Zyxel Nebula when deployed in branches

... an opportunity when using the Nebula service. Let me briefly remind ... about  setting up various VPN scenarios  via Nebula. One of the advantages ... not touch the rules of Firewall, routing and port forwarding at ... to his organization through the Nebula Control Center application. Step 2 ... the MAC address of the security gateway and be sure that wireless ... will pass through the internal Firewall. Please note: everything related to ... is organized quite interestingly in Nebula: a log is displayed separately ...
 title=

How Zyxel Secureporter facilitates corporate network security monitoring

Zyxel SecuReporter is a single assembly point for reports, dashboards and statistics on the operation of your network's security gateway. Naturally, only Zyxel gateways of the USG Flex and ATP series for small and medium-sized businesses are supported. According to the developers, Secureporter will allow sysadmins to better investigate and predict traffic anomalies, block unwanted connections and configure security policies more effectively. Large modern IT vendors strive to earn not only on ...