ZLD 5.40 Update: Security Best Practices

Zyxel_Claudia
Zyxel_Claudia Posts: 171  Zyxel Employee
Network Detective-New Adventure Badge Network Detective Badge First Comment Friend Collector
in Other Topics

With the release of version 5.40, Zyxel Networks is excited to introduce a new feature designed to streamline and enhance your firewall configuration experience: Security Best Practices. This enhancement addresses user feedback about multiple pop-up reminders and brings a more efficient, user-friendly solution to ensure your network remains secure.

What's New?

Prior to v5.40, users of USG FLEX and ATP firewalls would encounter several individual pop-up reminders upon login, each prompting for incomplete security configurations.

With v5.40, these reminders are now unified into a single, guided flow. The new Security Best Practices feature provides a consolidated, step-by-step setup guide that appears in a pop-up window post-login—allowing users to address all pending security settings directly from one place.

How It Works

  • Upon logging in, if certain essential security features are not fully configured, the Security Best Practices pop-up will appear.
  • Users can choose to skip individual steps by enabling the “Don’t show me again” option—skipped steps will be marked accordingly.
  • Once all required security configurations are complete, the Security Best Practices window will no longer be displayed.

Getting Started

To initiate the setup:

  1. On the Security Best Practices summary page, click “Begin”.
  2. Each step in the flow is accompanied by an icon—blue indicates completion, while grey denotes skipped steps.

Key Configuration Steps

1. Two-Factor Authentication (2FA)

  • Required for admin-type accounts.
  • Use Google Authenticator to complete the setup and click “Next”.

2. Password Change

  • Prompts if the admin password hasn't been updated in over 60 days.
  • Enter a new password and click “Apply”, then “Next”.

3. Security Policy Control

  • Enables policy control if it is currently disabled.
  • Click “Apply” and then “Next” to continue.

4. Security Check for Web Interface

  • Recommends restricting access to the Web GUI and SSL VPN services.
  • Configure allowed IP addresses or geolocations, click “Apply”, and then “Next”.

5. Security Risk Warning

  • Alerts you if a security license has expired.
  • Click “Buy” to visit the Marketplace and renew the license, then “Finish” to complete the setup.

Notes on Skipped Features

  • Steps marked with “Don’t show me again” will appear as Skipped and be greyed out in the summary.

To remove this status and re-enable all steps, perform a Factory Reset on the device.

Categories

EnglishTiếng ViệtРусскийไทย中文(台灣)