IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Zyxel ZyWALL ATP200 review: A persuasive defence against unknown threats

A top-value appliance with great cloud management and clever protection against unknown threats

The Zyxel ZyWALL AP200
  • Value for money
  • Easy-to-use security features

Zyxel's ZyWALL ATP appliances are designed to stay one step ahead of hackers. They have a sharp focus on zero-day threats, making use of advanced services such as cloud threat intelligence, machine learning and automated sandboxing of suspect files.

The ATP200 on test is affordable, too. The price shown includes a one-year Gold licence, after which yearly renewals cost £276. That gets you a heap of security features - not just the technologies mentioned above, but also hybrid anti-malware, anti-spam, web content filtering, application controls, IPS and Zyxel's cloud-hosted SecuReporter Premium reporting service.

This desktop unit isn't overloaded with ports, but it presents two Gigabit WAN and four copper LAN ports, plus a handy SFP fibre socket for longer connections. Performance is good for the price, with Zyxel claiming a 2Gbits/sec raw firewall throughput dropping to 600Mbits/sec with all security services enabled. 

You have two management choices as all of Zyxel's ATP appliances can be either locally managed or brought under the control of the Nebula cloud platform, which provides a single portal for all the company's compliant wireless APs, switches and mobile routers. There's just one small catch, which is that the Nebula portal doesn't currently support Zyxel's
email security component, so if you want to use this you'll need to run the ATP200 in standalone mode.

Zyxel user interface

We opted for cloud management and found registration a very swift process thanks to the Nebula iPad app, which let us scan the appliance's QR code and immediately add it to our site. The same process can be used for zero-touch provisioning: once you've registered the appliance, you can send it off to a remote office and, once connected, it will receive all the settings configured in the portal.

We like the way that Nebula's dashboard can be customised to show whatever data is important to you. It came up showing the appliance's hardware status, detected apps and clients, WAN throughput and security alerts, but there was plenty of room for us to add performance and status widgets for our Zyxel PoE switches and Wi-Fi 6 APs. 

Like most UTM appliances, the ATP200 is controlled via security policies, which combine firewall rules with application patrol settings -- you can manage access to over 3,500 business apps - and web-content filtering settings, which let you block or allow sites across 110 categories. 

Enable the anti-malware hybrid mode and Zyxel's cloud-based threat intelligence comes into play too, combining a local signature database with cloud queries to check whether downloaded files are safe to allow through. The sandbox service is accessed from the same page: this isolates files it hasn't seen before and gives them a test run in the cloud to see if they are malicious. Friendly files are allowed through, while those deemed a threat are destroyed.

Another notable feature is Zyxel's collaborative detection and response service, which blocks rogue devices. You can specify how many times a device is allowed to trigger the malware, IDP or web threat services; once the threshold is reached, the appliance will automatically kick them into quarantine.

Finally, you can configure the SecuReporter cloud service, which receives logs from the ATP200, to decide whether personal information such as email addresses and usernames should be included or anonymised. The main dashboard provides an informative overview of all security events along with deeper insights into web, app and threat activity plus all security issues.

The ZyWALL ATP200 offers a persuasive defence against unknown threats, and the Nebula portal integration is especially useful for businesses looking to protect remote offices. It's a real shame that email security is only supported in standalone mode - we hope that will be rectified soon - but even without that module, you still get a great set of security features for the price.

Zyxel ZyWALL ATP200 specifications

ChassisDesktop fan-less
CPUDual-core CPU
Memory2GB RAM
Network7 x Gigabit (2 x WAN, 4 x LAN, 1 x SFP)
Ports2 x USB 3, DB9 serial port 
Dimensions (WDH)272 x 187 x 86mm
Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022