GateProtect WMZ 2500 firewall (hardware) Datasheet
Add to my manualsadvertisement
Feature overview V8.6
- xUTM Appliances
March 2010
xUTM appliances by gateProtect combine state-of-the-art security and network features such as firewalls, bridging, VLAN, single sign-on, traffic shaping, QoS, IPSec/SSL (X.509), IDS/IPS, web filtering, virus filtering, real-time spam detection, HTTPs proxy, and VPN Crypto acceleration in a single unified system.
With its unique, patented eGUI ® technology (ergonomic Graphic User Interface) gateProtect‘s xUTM appliances increase the effective IT security in your business, set new standards in improving maintenance efficiency, and lower the resulting operating costs.
Highly flexible, gateProtect xUTM appliances are perfectly suited to business networks of any size.
Feature Specifications
Firewall
- Stateful inspection
- Connection-tracking TCP/UDP/ICMP
- SPI and proxy combinable
- Time controlled firewall rules,
content filter and internet connection
- IP-ranges, IP-groups
- Layer7-filter
- Port-ranges
- Self- and predefined ports
- Supported protocols:
TCP, UDP, ICMP, GRE, ESP, AH
Management
- eGUI technology
- ISO 9241 certified
- visual feedback immediately supplied
for each setting
- self-explanatory functions
- overview of all active services
- overview of the whole network
- Layer and zoom function
- Languages: English, German, French, Italian
- Role-based firewall administration
- Role-based statistic-client
- SSH-CLI
- Desktop configuration saved / restored
separately from backup
- CLI on serial line
- Object oriented firewall configuration
LAN / WAN-support
- Ethernet 10/100/1000/10 000 Mbit/s
- Twisted-Pair / Fibre-Optics
- MTU changeable (Ethernet/DSL)
- PPPoE, PPTPoE
- ISDN
- PPP-PAP, PPP-CHAP authentication
- Inactivity timeout
- Forced disconnect time
- Cablemodem, xDSL
- Concurrent connections
- Backup-connections
- Connection availability check
- Loadbalancing
- Time controlled internet connections
- Manual and automatic DNS assignment
- Multiple dyn-DNS support
- Supports 8 different dyn-DNS-services
- Source based routing
- Routing protocols RIP, OSPF
User authentication
- Active Directory supported
- Active Directory groups integration
- OpenLDAP supported
- Local userdatabase
- Web-interface authentication
(port changeable)
- Windows-client authentication
- Authentication on domain login
- Single sign on with Kerberos
- Single- and multi login
- Login and logoff auditing
- User- and group statistics
DHCP
DHCP-relay
- DHCP-client
- DHCP-server (dynamic and fixed IP)
DMZ
- Port forwarding
- PAT
- Dedicated DMZ-links
- DMZ-wizard
- Proxy supported (SMTP)
VLAN
- Max. 4094 VLAN per interface possible
- 802.1q ethernet header tagging
- Combinable with bridging
Bridge-mode
- OSI-layer 2 firewall-function
- Spanning tree (bride-ID, port-cost)
- Unlimited bridges
- Unlimited interfaces per bridge
- Combinable with VPN-SSL
Traffic shaping
- Up- and download shapeable
- Multiple internet connection separately
shapeable
- All services separately shapeable
- Maximum and guaranteed bandwidth
adjustable
- QoS with TOS-flags supported
- QoS inside VPN connection supported
Proxies
- HTTP (transparent or intransparent)
- Support for Radius-server, AD-server,
local user-database
- HTTPS, FTP,POP3,SMTP,SIP
- Integrated URL-/ content-filter
- Integrated antivirus-filter
- Integrated spam-filter
- Time-controlled
Antivirus
- HTTP, HTTPS, FTP, POP3, SMTP
- Scans compressed data and archives
- Scans ISO 9660-files
- Exceptions definable
- Manual and automatic updates
Web-filter
- URL-filter
- Content-filter
- Block rules up to user-level
- Black-/ white-lists
- Im- / export of URL-lists
- File-extension blocking
- Category-based website-blocking
- Self definable categories
- Scan-technology with online-database
- Transparent HTTP-proxy support
- Intransparent HTTP-proxy support
Antispam
- Online-scanner
- Scan-level adjustable
- Real-time-detection-center
- Black- / white-email-sender-lists
- Mail-filter
- Black- / white-email-recipients-lists
- Automatically reject emails
- Automatically delete emails
- AD-email-addresses import
High availability
- Active-passive HA
- Synchronisation on single / multiple
dedicated links
- Manually switch roles
IDS/IPS
- Snort scan-engine
- 5000+ IDS-pattern
- Security-level adjustable
- Rule groups selectable
- Exceptions definable
- Email on IDS events
- DoS, DDoS, portscan protection
- Invalid network packet protection
Backup
- Remote backup creation
- Small backup files (kb)
- Remote backup restore
- Restore backup on installation
- Automatic and time based creation
of backups
- Automatic upload of backups on FTP-
or SCP-Server
- Auto-install-USB-stick with backup
integrated
Monitoring
- System-Info
- CPU- / memory usage
- Long-term-statistic
- HDD-status (partitions, usage, RAID)
- Network status (interfaces, routing, traffic, errors)
- Process-monitoring
- VPN-monitoring
- User-authentication-monitoring
Logging, reporting
- Email notification
- Logging to multiple syslog-servers
- Categorized messages
- Report in admin-client (with filter)
- Export report to CSV-files
SNMP
- SNMPv2c
- SNMP-traps
- Auditing of:
- CPU / Memory
- HDD / RAID
- Ethernet-interfaces
- Internet-connections
- VPN-tunnel
- Users
- Statistics, updates
- DHCP
- HA
Statistics
- IP and IP-group statistic
- Separate services
- Single user / groups
- TOP-lists (surfcontrol)
- IDS-statistics
- Traffic-statistics
- Antivirus- / antispam-statistics
- Defence statistics
- Export statistic to CSV-files
VPN
- VPN-wizard
- Certificate-wizard
IPSec
- Site-to-site
- Client-to-Site (Road warrior)
- Tunnel-Mode
- IKEv1, IKEv2
- PSK
- X.509-certificates
- 3DES, AES (128, 192, 256)
Blowfish (128, 192, 256)
- DPD (Dead Peer Detection)
- NAT-T
- Compression
- PFS (Perfect Forward Secrecy)
- MD5, SHA1, SHA2 (256, 384, 512)
- Diffi Hellman group
(1, 2, 5, 14, 15, 16,17,18)
- export to One-Click-Connection
- XAUTH, L2TP
SSL
- Site-to-site
- Client-to-Site (Road warrior)
- Routing-Mode-VPN
- Bridge-Mode-VPN
- X.509-certificates
- TCP/UDP port changeable
- Compression
- specify WINS- and DNS-servers
- 3DES, AES (128, 192, 256)
CAST5, Blowfish
- Export to One-Click-Connection
PPTP
- Windows-PPTP compatible
- Specify WINS- and DNS-servers
- MSCHAPv2
X.509 certificates
- CRL
- OCSP
- Templates
- Multi CA support
- Multi host-cert. support
VPN-client
- IPSec-client
- SSL-client (OpenVPN)
- NAT-T
- AES (128, 192, 256), 3DES
CAST, Blowfish
- X.509 certificates
- PSK
- One-Click-Connection
- Log-export
Command center
- eGUI technology, ISO 9241 certified
- Monitor 500+ firewalls
- Active configuration of 500+ firewalls
- VPN connections centrally creatable
- Single- and group-backup
- Plan automatic backup in groups
- Single- and group update & licensing
- Create and apply templates on multiple
firewalls
- Certificate based 4096 bit encrypted
connections to the firewalls
- Display settings of all firewalls
- Role based command center user
management
- VPN-monitoring
Clarity · Perfection · Security
Feature overview V8.6
- xUTM Appliances
March 2010
Specifications GPO 75 GPO 125 GPA 250
Interfaces
10/100 Ethernet Ports
10/100/1000 GBE Ports
SFP (Mini GBIC) Ports
VPN - Crypto acceleration chip
System Performance*
Firewall throughput (Mbps)
VPN IPSec throughput (Mbps)
UTM throughput (Mbps)
IDS/IPS throughput (Mbps)
Concurrent sessions
New sessions pr. Second
Dimensions
H x W x D (mms)
Gross Weights (kgs)
Power
Input Voltage
Consumption (W) - full load / rating
Total Heat Dissipation - full load / rating
Redundant Power Supply
Environmental
Operating Temperature (°C)
Storage Temperature (°C)
Relative Humidity (Non condensing)
44 x 252 x 154
2,9
AC 100V-240V
30 / 75
102 / 256
-
0 ~ 40
-20 ~ 75
10 ~ 85%
-
-
4
-
200
50
-
-
50 000
1 500
-
-
4
-
200
70
35
90
150 000
2 500
44 x 252 x 154
2,9
AC 100V-240V
30 / 75
102 / 256
-
0 ~ 40
-20 ~ 75
10 ~ 85%
-
-
-
4
800
120
90
160
300 000
5 000
44 x 440 x 270
5,5
AC 100V-240V
35 / 78
119 / 266
-
0 ~ 40
-20 ~ 75
10 ~ 85%
Specifications GPX 800 GPX 1000
GPA 400
-
-
6
-
1 400
190
140
320
500 000
8 000
44 x 440 x 270
5,5
AC 100V-240V
35 / 78
119 / 266
-
0 ~ 40
-20 ~ 75
10 ~ 85%
GPZ 2500
Interfaces
10/100 Ethernet Ports
10/100/1000 GBE Ports
SFP (Mini GBIC) Ports
VPN - Crypto acceleration chip
Redundant - HDD (Raid)
Redundant - Power supply
System Performance*
Firewall throughput (Mbps)
VPN IPSec throughput (Mbps)
UTM throughput (Mbps)
IDS/IPS throughput (Mbps)
Concurrent sessions
New sessions pr. Second
Dimensions
H x W x D (mms)
Gross Weights (kgs)
Power
Input Voltage (V)
Consumption (W) - full load / rating
Total Heat Dissipation (BTU) - full load / rating
Redundant Power Supply
Environmental
Operating Temperature (°C)
Storage Temperature (°C)
Relative Humidity (Non condensing)
Clarity · Perfection · Security
-
8
Yes
-
-
3 500
1 000
500
830
1 000 000
16 000
88 x 426 x 506
7,8
AC 100-240
118 / 275
402 / 939
-
0 ~ 40
-20 ~ 75
10 ~ 85%
-
10
2
Yes
Yes
Yes
5 000
1 500
700
1 200
1 300 000
20 000
88 x 426 x 506
12,5
AC 100-240
199 / 375
678 / 1280 yes
0 ~ 40
-20 ~ 75
10 ~ 85%
-
12
6
Yes
Yes
Yes
9 000
2 500
1 100
2 500
2 500 000
30 000
88 x 426 x 506
12,5
AC 100-240
199 / 375
678 / 1280 yes
0 ~ 40
-20 ~ 75
10 ~ 85%
* System performance depends on activated proxies, IDS, application level and number of active VPN connections.
We do not offer an express or implied warranty for the correctness /up-to-dateness of the information contained here (which may be change at any time). Future products or functions will be made available at the appropriate time.
©2010 gateProtect AG
Germany. All rights reserved.
GPA 600
-
8
-
Yes
1 800
500
200
520
600 000
10 000
44 x 440 x 270
5,6
AC 100V-240V
35 / 78
119 / 266
-
0 ~ 40
-20 ~ 75
10 ~ 85%
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project