Security Ideas - Zyxel Community

Seriously, your ideas could be new feature for Security!
Hello Security Forum Members, Do you have moments that if your own thoughts or ideas can make better experience when using Zyxel security products? <3 We can make your wish come true! <3 Simply start a new post here describing your fabulous ideas for features or services you wish to have! Once your ideas get lots of vote ,…
Notification change: Abnormal tcp traffic detected, source port is zero, DROP
Is it possible to request a change to the log level for events such as: "Invalid TCP traffic detected, source port is zero, DROP" Lately I've been receiving notifications every 20 seconds and I can't hide them when viewing the logs. Support says there is currently no way to disable logging of these events. This is standard…
USG FLEX H series SSL VPN support push DNS domain suffix to SSL VPN client
User @Alex_91 requires USG FLEX H series SSL VPN support to push the DNS domain suffix to the SSL VPN client. If anyone likes this idea, please leave your comment and give it a vote! Original post
USG FLEX H SNAT to a pool of Internet addresses with two or more providers
Situation that providers provide subnets when connecting and there are several providers where traffic is balanced (backed up) is typical. In most (in all of my cases) large companies this scenario is used. Otherwise, if 500 clients come from one IP, there will be a guaranteed captcha and a ban in many services like…
USG FLEX H series - support user type 'ext-group-user'
User @p4_greg hopes the USG FLEX H series supports the user type 'ext-group-user', like the ZLD firewall. This use case is normally used to limit the VPN users to a specific Active Directory group. If anyone likes this idea, please leave your comment and give it a vote. Original post
SecuReporter dashboard display adjustment
User @GiuseppeR hopes SecuRepoter dashboard can display "traffic usage," "simple threats graph view," and "threat history". If anyone likes this idea, please leave your comment and give it a vote. Original post
VPN NAT Traversal when both USG are behind CGNAT with unpredictable source port
I'm not sure this will happen due to how it can only be done where by both ends are behind CGNAT with no incoming allowed and unpredictable source port mapping but here is one hell of a way to do it! Not 100% sure it would work. Here how port 500 Traversal would go then the same for 4500
USG FLEX H series support NetBIOS broadcast over SSL VPN tunnel function
User @Asgatlat hopes the USG FLEX H series can support NetBIOS broadcast over SSL VPN tunnel function as Zywall/USG FLEX/ATP series. Anyon likes this idea, please leave your comment and give it a vote. Original link
Flex H Series - 2FA Page with FQDN
Hello together We would like to have a possibility to assign an FQDN to the 2-FA page. However, this would require the internal DNS to be accessible before verifying with the 2-FA. The reason for our request is that we would like to store a certificate on the firewall so that the browser no longer displays the message that…
[USG FLEX H] Add counter on object page
User @PeterUK hopes to add a counter in FLEX H on the object page. Anyone likes this idea, please leave your comment below and give it a vote! Original post
[USG FLEX H] Retain Imported Certificates After Reset
@PeterUK proposes that imported certificates on USG FLEX H devices be retained even after a factory reset. This proposal follows an observation that, after resetting the USG FLEX 200H to default settings, all imported certificates are erased upon reboot. In contrast, ZLD devices retain certificates even after a reset,…
Enable Non-Wildcard FQDN for NAT Rules on USG FLEX H Series
@PeterUK proposes that the USG FLEX H series should allow the configuration of non-wildcard FQDNs in NAT rules. This feature would provide administrators with more precise control over traffic redirection, enabling configurations based on specific domain names for enhanced security and customization. This topic was raised…
Support FQDN for BWM on USG FLEX H Series
@PeterUK proposes that the USG FLEX H series should support adding Fully Qualified Domain Names (FQDN) to Bandwidth Management (BWM) rules. This feature would enhance flexibility in managing traffic by domain name rather than IP address, allowing for more targeted and effective bandwidth control. This topic was raised in…
Auto-Deletion of Configuration File Copies on USG FLEX H Firewall
@HUBERTKASPRZAK has proposed an idea for the USG FLEX H firewall to automatically delete the copy of configuration files after a specified time period. This suggestion was originally discussed in the forum thread below: Please help to give a vote or comment if you also like this idea.
Wireguard?
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running…
Firewall Flex 200
Friends, my flex 200 is blocking the internet pages of my network. At certain times of the day, I have to disable Policy Control, then apply it and then enable it again to be able to browse the internet. Everything was working perfectly, but I've been having this problem for about 20 days. To be able to browse as I said, I…
FlexH Series GeoIP custom gruop
Hello, Now if i want to create an address group with more GeoIP Region abjects, i have to create all address objects with GeoIP Region one by one. I think it could be easier to have the possibility to create a custom GeoIP group in the GeoIP section directly. Thank you
USG LITE 60AX supports firewall rule schedule profile
User @Luc_56 hopes USG LITE 60AX can support firewall rule schedule profile. If any users like this idea, please feel free to leave your comments and vote for this idea. Original post
Admin Login -> 2FA with YubiKey Authenticator
For the admin, add the 2FA with YubiKey Authenticator next to SMS/E-Mail in the selection under Object -> User/Group -> User Local Administrator -> Username/admin. At the moment there is only the choice between SMS/E-Mail and Google Authenticator.
External-Group-User Object Support for Remote VPN on USG FLEX H
Based on a suggestion from @Fabio_Dangelo, we are proposing that the USG FLEX H firewall support an external-group-user object for remote VPN usage. This idea was initially discussed in the following forum thread: If you like this idea, please consider voting or leaving a comment to show your support.
ATP 200: Multicast and broadcast routing across VLANs to enable media sharing protocols.
I have created several segments (VLANS) in my network to increase security of my home network. One VLAN is for computers and mobile phones, another VLAN is for data servers (e.g. NAS), another VLAN is for media players (e.g. TVs, SONOS audio players or printers) and another VLAN for IOT devices like Philips Hue.…

Welcome!

It looks like you're new here. Sign in or register to get started.