[2025 August Spotlight] No More Defaults. No More Delays. Just Secure by Design.🔐

Zyxel_Avani

Zyxel Networks is taking the lead in the SMB networking space by putting security at the core of product design, in line with the U.S. CISA’s Secure by Design initiative. As an early global adopter— and the first in Taiwan—Zyxel is showing how firewalls should be secure by default, not as an afterthought.

Here’s how Zyxel’s Security Firewall product line is leading the charge:

🔐 Multi-Factor Authentication (MFA) Built-In

All Zyxel Nebula cloud-managed firewalls now support MFA for both admin logins and remote VPN users, using email-based verification or integrations with Microsoft and Google accounts.
Zyxel is also the first vendor globally to enable MFA for wireless access through its Secure WiFi feature, providing a secure connection path for remote AP users.

🚫 Goodbye Default Passwords

Zyxel firewalls now ship with randomized, unique passwords that must be changed upon initial setup. For Nebula-managed environments, strong credential creation is enforced from the first login, eliminating the risks of default credentials.

🛡️ Proactive Vulnerability Management

Secure development practices are embedded throughout the firewall product line. This includes compliance with the OWASP Top 10, static code and firmware analysis using tools like Checkmarx, and automated combinatorial testing (ACTS).
Zyxel also collaborates with independent penetration testing firms to detect and resolve potential blind spots before release.

⚙️ Fast, Transparent Security Patching

Zyxel Networks has been a CVE Numbering Authority (CNA) since 2021, ensuring a timely and structured vulnerability response process. Its Mean Time to Remediate (MTTR) remains in line with industry benchmarks, especially critical for firewall infrastructure protecting SMB networks.

📢 Public Vulnerability Disclosure Policy

A comprehensive Vulnerability Disclosure Policy (VDP) is in place, with public channels and clear guidelines for reporting. Zyxel’s transparency in vulnerability handling has earned the highest CNA acceptance level—a recognition no other SMB networking brand has achieved so far.

🕵️‍♂️ Enhanced Evidence of Intrusion

Zyxel firewalls support extensive event and system logging, with logs retained up to 12 months for audits and incident response. Nebula cloud-managed devices also deliver 7 to 30 days of detailed network activity via SecuReporter, Zyxel’s cloud-based analytics platform for centralized threat visibility.

With security integrated into the design process—across authentication, access control, vulnerability management, and threat visibility—Zyxel’s firewall solutions help MSPs and SMBs confidently defend against modern cyber risks.

💬 How much do you value “Secure by Design” in your firewall?

Got any cool experiences with MFA or fast patches? Drop your thoughts below — we want to hear from you! Your feedback shapes what’s next. ✨