Celestix MSA Threat Management Gateway

Celestix MSA Threat Management Gateway
www.celestix.com
Celestix MSA Threat Management Gateway
Comprehensive, secure Web gateway to help protect employees
from Web-based threats
Celestix MSA™ security appliances deliver Microsoft’s Forefront Threat Management
Gateway 2010 for unmatched multi-threat protection with industry-leading ease of use
and value. Performance, reliability, and ease of deployment/management backed by
expert Celestix customer support have made MSA the world’s best-selling Microsoft
security appliances.
Feature Summary
• Microsoft Forefront Threat
Management Gateway 2010
• Seamless integration with Microsoft
IT infrastructure
• Wide range of performance models
• Fully integrated and configured;
ready to use right out of the box
• Web UI for easy configuration and
management
• Front panel display and jog dial for
easy configuration and real time
status display
• One button system recovery to Last
Good Version or factory defaults
• Install a comprehensive gateway
solution in less than 15 minutes
• Software update system
• High reliability features: redundancy,
failover, and load balancing
• Fully supported by Celestix; a single
point of contact for any service
issue.
• Richest feature set and highest
performance available at the price
Designed for:
• The full range of enterprise network
security deployments
• Scalable to meet increasing
network requirements
• Maximum availability
• Seamless network and Active
Directory integration
• Application publishing (reverse
proxy)
• Web (URL) filtering and Internet
proxy
• Network anti-virus/anti-malware
scanning
•
IPSec VPN gateway
Features and Benefits
Superior security gateway functionality
Microsoft’s Forefront Threat Management Gateway 2010 (TMG) puts fortified layers of
best-in-class security functions throughout your network to block, detect, and thwart
attacks from beyond the edge, at the edge, and inside your network.
• Web (URL) filtering blocks users from visiting infected websites and lets
administrators control users’ access to enforce corporate Web policies.
• Web anti-virus/anti-malware security functions inspect files, scripts and all other
forms of portable code to block sophisticated Web-based attacks
• Advanced application-layer firewall secures your network with layer 1-7 stateful
packet inspection
• HTTPS inspection examines encrypted traffic to detect and stop malware
tunneling.
• Network Inspection (intrusion detection/prevention) thwarts suspicious activity
inside the firewall
• Reverse proxy permits secure application publishing
• Forward proxy permits secure Web browsing
• Caching speeds Web traffic and conserves network bandwidth
• IPSec VPN delivers secure remote user access and site-to-site connectivity
• Windows 64-bit Server 2008 R2 operating system
TMG supports the full range of Microsoft Network Access Protection with
authentication using Active Directory, RADIUS, Kerberos, Celestix HOTPin™ and thirdparty authentication.
MSA’s comprehensive security features make possible an immense number of
deployment scenarios to let you keep ahead of dynamic security requirements.
MSA appliances deploy quickly and easily
Celestix delivers MSA security appliances fully integrated and configured for immediate
use right from the box. Rack, connect, power, and configure your MSA for live security
within 15 minutes. Celestix’ Comet™ appliance engine lets you set initial configuration
parameters using the MSA’s jog dial and front panel display on the spot. Comet’s™
web UI has set-up wizards that guide you through set up and configuration quickly and
easily. For deployment questions, Celestix is your single point of contact for highly
expert, prompt technical support for hardware and software.
www.celestix.com
Corporate HQ
Branch Office
LAN
Active
Directory
MSA (TMG)
Branch Appliances
MSA (TMG)
Enterprise
Appliances
IIS
Exchange
Server
SharePoint
LAN
Internet
Mobile Users
Superior performance, ease of maintenance, and
availability
Regional Office
MSA (TMG)
Branch Appliance
LAN
MSA security is easy to administer
Celestix’ proprietary Comet™ appliance-engine software
provides MSA series appliance users with industry leading
features for easy administration. Besides the jog dial and front
panel display UI for headless communication with the network,
Comet™ provides users with a web-based management
interface for monitoring and controlling all features of Microsoft’s
TMG and all Celestix’ MSA appliance features in a single UI.
Because of Celestix’ purpose-built appliance hardware and
Comet™ appliance engine software, MSA appliances have
earned an international reputation for great performance and
reliability. We engineered our 6th generation hardware platforms
to optimize the performance of TMG using the latest high-speed
components and architecture optimized for 64-bit operations.
We harden our appliance hardware platforms by eliminating
all hardware components not needed to run TMG. Eliminating
extraneous hardware and drivers removes security vulnerabilities
and potential points of failure. Simplified hardware also reduces
power and cooling requirements for cost savings on energy.
•
•
•
Seamless Integration with Microsoft infrastructure
Celestix purpose builds MSA appliance platforms in close
cooperation with Microsoft infrastructure experts for seamless
integration with Microsoft networking components such as
Active Directory, Exchange Server, SharePoint and others. MSA
security appliances are the simplest and most robust way to
publish enterprise applications such as email, Web services, and
SharePoint services while maintaining full access control and
policy enforcement.
•
One button reset and Last Good Version on-box backup
features let you experiment with configurations or perform
recovery with little or no risk.
Celestix’ software update system sends you alerts,
prescreened updates and patches for the OS, application,
and appliance engine through a single convenient UI.
MSA 6200 and higher capacity models further enhance their
reliability by incorporating hot-swappable power supplies,
RAID disc arrays and fans. These components have built-in
redundancy so that failure of a single component will not
halt the system.
High Availability: Branch and Enterprise Edition appliances
can be clustered into active/active high availability arrays.
www.celestix.com
Editions and Models
Celestix offers MSA security appliances in a wide spectrum of
feature and performance configurations to meet needs that
range from small businesses who have a single protected LAN
to multinational enterprises that have several data centers and
multiple branch offices.
License Editions
Workgroup Edition [i]
Workgroup Edition is designed for organizations with a small
number of LAN’s. It is ideal for companies who want to support up
to 100 remote VPN users as well as Web application publishing,
while simultaneously protecting a local network with a firewall
that is state-of-the-art.
Standard Edition [s]
Standard Edition is useful in smaller environments which do not
require load balancing or failover. It allows for more extensibility
than Workgroup Edition by supporting up to 1,000 VPN users.
Branch Office Edition [b]
Branch Office Edition enhances the common features of TMG with
centralized management of multiple branch office sites. Branch
Office Edition supports up to 100 VPN users. MSA’s with Branch
Office Edition supports high availability with active/active failover
and Network Load Balancing between two servers. Centralized
management allows administrators to easily enforce a common
firewall policy and compliance auditing throughout the enterprise.
Enterprise Edition [e] is the full-featured version of TMG for
large enterprises. Enterprise Edition offers up to 4,000 concurrent
VPN connections and can be deployed within manageable arrays
of up to 50 appliances.
MSA 4200
Celestix designed MSA 4200 security appliances for deployments
with 500 to 1,000 users. It uses a Core 2 Duo processor to
ensure that the larger number of users continues to enjoy high
performance.
• MSA 4200i includes with TMG Workgroup Edition.
• MSA 4200b uses TMG Branch Office Edition.
MSA 5200
MSA 5200 security appliances are built to support 1,000 to 2,500
users with a Xeon Quad Core processor with 1333MHz Front Side
Bus.
• MSA 5200s includes TMG Standard Edition.
• MSA 5200e includes TMG Enterprise Edition.
MSA 6200
For an added measure of availability, choose the MSA 6200. The
MSA 6200 is a high-reliability security system intended for mission
critical applications in large enterprises. Celestix packaged MSA
6200 security appliances in a 19” 1U chassis with redundant dual
power supplies and a RAID 1 disk array. All disks, power supplies
and fans are hot-swappable with built in redundancy.
• MSA 6200s includes TMG Standard Edition.
• MSA 6200b includes TMG Branch Office Edition.
• MSA 6200e includes TMG Enterprise Edition.
Models
MSA 3200c
The MSA 3200c is a special purpose appliance that deploys
TMG Enterprise Management Server (EMS). With TMG Enterprise
Edition, EMS stores the configuration and policy information for
enterprise arrays. Network professionals use EMS to maintain
consistent configurations and policy across multiple Enterprise
Edition appliances and arrays of appliances. One EMS appliance
can support a virtually unlimited number of Enterprise or Branch
edition TMG appliances. High availability deployments require
two EMS appliances.
MSA 3200
Celestix engineers designed model MSA 3200 security appliances
for medium size deployments of 100 to 500 users. MSA 3200
appliances increment hardware performance with an Intel Core 2
Duo processor. Enhanced processor power and memory ensure
that the maximum recommended number of users supported by
the MSA 3200 will not experience a degradation in performance.
• MSA 3200i includes TMG Workgroup Edition.
• MSA 3200b includes TMG Branch Office Edition.
MSA 8200
MSA 8200 is Celestix high-performance appliance. Built on the
new Celestix H2 appliance hardware platform, dual Quad-Core
Intel Xeon 5500 Series (Nehalem Architeture) processors provide
ample performance for the most demanding large-enterprise
deployments with up to 8,000 users. The MSA 8200 is a high
availability 2U appliance with a four-disk RAID 5EE array, dual
power supplies and hot-swappable disks, and fans.
•
MSA 8200e includes TMG Enterprise Edition.
www.celestix.com
Hardware
Security
Application
Ideal for
TMG 2010 Ed
Recommended Users
MSA 1500 series
MSA 3200 series
MSA 4200 series
Memory
L2 Cache
Front Side Bus
MSA 6200 series
MSA 8200 series
All-in-one Threat Management (Firewall, VPN, Web proxy, Web anti-virus, Web anti-malware, E-mail security, Network Inspection System)
Small businesses or office with less 100 users
requiring an affordable,
integrated security appliance with unmatched
ease of use
Small businesses
requiring an affordable,
integrated security appliance with unmatched
ease of use
Small businesses/
branch offices requiring
an affordable, integrated
appliance that grows
with their needs
Workgroup
Branch
Workgroup
Branch
Workgroup
Branch
100
100 - 500
500 - 1,000
users
users
Medium enterprises
needing high performance, advanced
networking features,
and strong security
solutions.
users
OS
CPU
MSA 5200 series
Medium enterprises/
main offices that need
strong security and a
solution that offers business continuity.
Main offices/headquarters with up to 5,000
users that need high
availability, enterprisegrade performance &
security.
Standard
Enterprise
Standard
Branch
Enterprise
Enterprise
1,000 - 2,500
3,000 - 6,000
up to 10,000
Intel® i5
2 x Quad-Core Intel®
Xeon®
Nehelam
users
users
users
Windows Server 2008
Intel® Celeron
Intel® Core 2 Duo
Intel® Core 2 Duo
2GB
4GB
4GB
Quad Core Intel® Xeon®
8GB
12GB
512KB
3MB
6MB
6MB
2x3MB
800MHz
1066MHz
1333MHz
1333MHz
Quick Path
Hard Drive
SATA-II 300GB Available Storage
(1 x 320GB Hard Drive)
SATA-II 120 GB Available Storage
(2 x 160GB Hard Drive)
SATA-II 300GB Available Storage
(1 x 320GB Hard Drive)
SATA-II 300GB Available Storage
(2 x 320GB Hard Drive)
SATA-II 300 GB Available Storage
(4 x 160GB Hard Drive)
Disk Mirror
Hardware
RAID
-
RAID 1 (Software)
-
RAID 1
RAID 5EE
10/100/1000
Ports
8 (with 10 Gbe ports
option)
6
Power Supply
220W
2 x 220W
Form Factor
2 x 460W
1U
Dimensions
((H x W x D)
inch
2U
1.75” x 16.9” x 12.25”
1.75” x 17.5” x 15.7”
1.75” x 17.3” x 15.6”
3.5” x 17.4” x 26”
Microsoft TMG Edition Comparison
TMG
Edition
Workgroup Edition (i)
Standard Edition (s)
Branch Edition (b)
Enterprise Edition (e)
Available
Model
MSA 3200i
MSA 4200i
MSA 5200s
MSA 6200s
MSA 3200b
MSA 4200b
MSA 6200b
MSA 5200e
MSA 6200e
MSA 8200e
Business
Needs
Workgroup Edition is designed for
organizations with a small number of
LAN’s. It is ideal for companies who
want to support up to 100 remote
VPN users as well as Web application
publishing, while simultaneously protecting a local network with a firewall
that is state-of-the-art.
Standard Edition is useful in smaller
environments which do not require
load balancing or failover. It allows for
more extensibility than Workgroup
Edition by supporting up to 1,000
VPN users.
Branch Office Edition enhances
the common features of TMG with
centralized management
of multiple branch office sites. .
Centralized management allows administrators to easily enforce a common firewall policy and compliance
auditing throughout the enterprise.
Enterprise Edition is the full-featured
version of TMG for large enterprises.
Enterprise Edition offers up to 4,000
concurrent VPN connections and
can be deployed within manageable
arrays of up to 50 appliances.
NLB Array
Size
n.a.
n.a.
2
8
Max. VPN
Connection
100
1,000
100
4,000
For more information about MSA appliances,
contact
Celestix today at:
Pantone
Warm Red CVC
440 Mission Court # 231 Pantone Phone
7544 Fremont, California 94539
Email
www.celestix.com
+1 510 668.0700
[email protected]
©2010 Celestix Networks Inc. All Rights Reserved. Celestix, MSA and Celestix logo are trademarks of Celestix Networks, Inc. All other products and company names mentioned are trademarks or registered trademarks of
their respective owners.
Part number: DS-MSAUS-02
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement