ZyXEL Communications ZYWALL USG 2000 Support Notes page 156

ZyWALL USG 2000 Support Notes
3. Seamless Incorporation
With its robust networking functionalities, ZyWALL USG 2000 is easy to integrate into
existing network infrastructure. You can easily implement the following applications. They are
"Transparent firewall", "Transparent IDP" and "Network Partitioning using VLAN".
3.1 Transparent Firewall
With transparent firewall, you do not need to change the IP addressing scheme of your existing
network topology. What you need to do is to insert ZyWALL USG 2000 into your existing
network environment. Bridge the ports you think that need to be included in this bridge
interface. Apply the security policies that you want. And that will be it. Moreover, ZyWALL
USG 2000 supports working as bridge mode and router mode at the same time; which means
that they can co-exist.
3.1.1 Bridge mode & Router (NAT) mode co-exist
Here is an example:
DMZ and WAN zone can be bridged, so that servers in the DMZ zone can keep using the same
public IP address (as those in WAN zone) for effortless IP management. Additionally, IP
addressing in LAN zone is private IP segments. Thus, we apply NAT, which is the router mode
here. To make this scenario works the follow the configuration steps as stated below:
156
All contents copyright (c) 2008 ZyXEL Communications Corporation.