Zyxel x Avast: Introducing Endpoint Protection Monitoring in Firmware 1.35

Zyxel_Lynn
Zyxel_Lynn Posts: 71  Zyxel Employee
5 Answers First Comment Friend Collector
edited August 26 in Other Topics

As part of Zyxel’s ongoing evolution in cybersecurity solutions, firmware version 1.35 introduces the first phase of integration with Avast, a globally recognized leader in SMB endpoint security. While this development is still in its early stages, it lays the groundwork for deeper, more impactful collaboration in the future.

Why Avast?

Avast is a well-known provider of antivirus and endpoint protection solutions for small and medium businesses. With this partnership, Zyxel aims to expand visibility into endpoint health and security—particularly for networks protected by the USG FLEX H-Series firewalls.

Important Note: Zyxel does not manage or sell Avast licenses. Customers must use the Avast Business Hub portal to manage, renew, or configure their Avast services.

What’s Included in Phase One?

The current integration is foundational, focusing primarily on license monitoring. Here’s what you can expect:

  • License Status Visibility: Check whether the Avast endpoint client licenses are still active.
  • Direct Link to Avast Portal: Easily access Avast's Business Hub for further management.
  • Firewall Integration: View endpoint status directly from the Zyxel firewall GUI.

Though limited in scope, this initial step enables Zyxel firewalls to communicate with the Avast ecosystem—setting the stage for more robust features down the line.

How the Integration Works

The process involves the Zyxel firewall, Zyxel cloud servers, and the Avast Business Hub:

  1. From the Avast portal, generate a new integration by:
    • Naming it (e.g., “H-Series Firewall”)
    • Setting the scope to API Gateway
    • Generating a Client ID and Client Secret
  2. In your Zyxel firewall:
    • Navigate to System > External Integration
    • Select Avast, paste the Client ID and Secret, and apply the settings
  3. The firewall sends this information to the Zyxel cloud, which then forwards it to Avast and receives a secure token in return. This token allows Zyxel to query Avast for endpoint license status.

System Overview

Here’s how the Avast-Zyxel ecosystem is structured:

  • Endpoints: Devices (Windows/macOS) running Avast Business Agent
  • Avast Business Hub: Central platform for license and policy management
  • Zyxel Firewall: Displays license and device status based on API integration
  • Zyxel Cloud: Intermediary platform facilitating secure API communication

Endpoints can be behind the firewall or located remotely—monitoring is not limited to LAN-side devices.

Monitoring Tools & Error Handling

From the Zyxel firewall interface, you can:

  • View antivirus, patch management, and USB protection status
  • Refresh the token
  • Remove and reconfigure API settings

If there’s an issue, the system will return error messages such as:

  • Authentication Failed: Invalid client ID or secret
  • API Connection Error: Firewall can't reach Avast services

For CLI users, commands like show third-party-service status or del third-party-service avast are available. Always remember to use commit after changes.

What's Next?

While current capabilities are minimal, the future roadmap includes:

  • Deeper Device Insights
  • Policy Application Based on Endpoint Security Status
  • Support for More Operating Systems and Scenarios

Zyxel is actively gathering feedback to shape how this integration evolves. If you encounter customers with endpoint protection needs, share those insights with HQ. Your input is crucial to refining and expanding the value of this partnership.

What About Astra?

Zyxel’s existing endpoint solution, Astra, is still active and supported. While Avast is the current focus, Astra is not being phased out. The plan is to evaluate both platforms in parallel and determine the best fit based on customer needs and real-world deployment feedback.