Zyxel ZyWALL ATP200 review: A persuasive defence against unknown threats

A top-value appliance with great cloud management and clever protection against unknown threats

The Zyxel ZyWALL AP200

IT Pro Verdict


  • +

    Value for money

  • +

    Easy-to-use security features


    Zyxel's ZyWALL ATP appliances are designed to stay one step ahead of hackers. They have a sharp focus on zero-day threats, making use of advanced services such as cloud threat intelligence, machine learning and automated sandboxing of suspect files.

    The ATP200 on test is affordable, too. The price shown includes a one-year Gold licence, after which yearly renewals cost £276. That gets you a heap of security features - not just the technologies mentioned above, but also hybrid anti-malware, anti-spam, web content filtering, application controls, IPS and Zyxel's cloud-hosted SecuReporter Premium reporting service.

    This desktop unit isn't overloaded with ports, but it presents two Gigabit WAN and four copper LAN ports, plus a handy SFP fibre socket for longer connections. Performance is good for the price, with Zyxel claiming a 2Gbits/sec raw firewall throughput dropping to 600Mbits/sec with all security services enabled.

    You have two management choices as all of Zyxel's ATP appliances can be either locally managed or brought under the control of the Nebula cloud platform, which provides a single portal for all the company's compliant wireless APs, switches and mobile routers. There's just one small catch, which is that the Nebula portal doesn't currently support Zyxel's

    email security component, so if you want to use this you'll need to run the ATP200 in standalone mode.

    Zyxel user interface

    We opted for cloud management and found registration a very swift process thanks to the Nebula iPad app, which let us scan the appliance's QR code and immediately add it to our site. The same process can be used for zero-touch provisioning: once you've registered the appliance, you can send it off to a remote office and, once connected, it will receive all the settings configured in the portal.

    We like the way that Nebula's dashboard can be customised to show whatever data is important to you. It came up showing the appliance's hardware status, detected apps and clients, WAN throughput and security alerts, but there was plenty of room for us to add performance and status widgets for our Zyxel PoE switches and Wi-Fi 6 APs.

    Like most UTM appliances, the ATP200 is controlled via security policies, which combine firewall rules with application patrol settings -- you can manage access to over 3,500 business apps - and web-content filtering settings, which let you block or allow sites across 110 categories.

    Enable the anti-malware hybrid mode and Zyxel's cloud-based threat intelligence comes into play too, combining a local signature database with cloud queries to check whether downloaded files are safe to allow through. The sandbox service is accessed from the same page: this isolates files it hasn't seen before and gives them a test run in the cloud to see if they are malicious. Friendly files are allowed through, while those deemed a threat are destroyed.

    Another notable feature is Zyxel's collaborative detection and response service, which blocks rogue devices. You can specify how many times a device is allowed to trigger the malware, IDP or web threat services; once the threshold is reached, the appliance will automatically kick them into quarantine.

    Finally, you can configure the SecuReporter cloud service, which receives logs from the ATP200, to decide whether personal information such as email addresses and usernames should be included or anonymised. The main dashboard provides an informative overview of all security events along with deeper insights into web, app and threat activity plus all security issues.

    The ZyWALL ATP200 offers a persuasive defence against unknown threats, and the Nebula portal integration is especially useful for businesses looking to protect remote offices. It's a real shame that email security is only supported in standalone mode - we hope that will be rectified soon - but even without that module, you still get a great set of security features for the price.

    Zyxel ZyWALL ATP200 specifications

    Swipe to scroll horizontally
    ChassisDesktop fan-less
    CPUDual-core CPU
    Memory2GB RAM
    Network7 x Gigabit (2 x WAN, 4 x LAN, 1 x SFP)
    Ports2 x USB 3, DB9 serial port
    Dimensions (WDH)272 x 187 x 86mm
    Dave Mitchell

    Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.

    Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.