UTM-1 Appliances

UTM-1 Appliances
Check Point Datasheet
PRODUCT DESCRIPTION
All inclusive.
All secured.
UTM-1 Appliances
Check Point UTM-1™ appliances
deliver proven, best-in-class
security with robust performance
and powerful centralized
management, in a simple all-inone solution—ideal for small- and
medium-size offices.
PRODUCT FEATURES
OVERVIEW
Check Point UTM-1™ security appliances are all-inclusive, turn-key solutions that
include everything you need to secure your network. Each appliance includes integrated
centralized management, along with complete security updates, hardware support, and
customer support.
UTM-1 appliances come packaged with the most comprehensive and flexible security
solution available. All UTM-1 appliances can include firewall, intrusion prevention (IPS),
antivirus, anti-spyware, URL filtering, Web security, and anti-spam Software Blades.
Additional blades can be flexibly added as needed.
n
Flexible Software Blade Architecture
n
All inclusive, turn-key solution
n
Integrated centralized management
n
Centralized automatic updates
n
Quick setup
PRODUCT BENEFITS
n
Proven technologies trusted by 100%
of the Fortune 100
n
Delivers everything you need to
secure your network in one
appliance: security protections,
security updates, management, and
hardware warranty
n
Field upgradeable via Check Point’s
Software Blade Architecture in order
to add functionality to meet new
security threats
n
Ensures confidentiality by securing
remote access and site-to-site
communications
n
Protects against emerging threats
with Check Point Update Service
ALL THE SECURITY YOU NEED
Flexible Software Blade Architecture
UTM-1 includes Check Point’s revolutionary Software Blade Architecture. The Check
Point Software Blade architecture is the first and only security architecture that
delivers total, flexible and manageable security to companies of any size. With this
unprecedented capability to flexibly and quickly expand security capabilities, Check
Point Software Blades deliver lower cost of ownership and cost-efficient protection
that meet any need, today and in the future.
Firewall Software Blade
Proven application control and attack protection
UTM-1 includes the most proven firewall technology, examining hundreds of applications, protocols, and services out-of-the box, including Internet messaging and P2P.
IPSec VPN Software Blade
Simple site-to-site connectivity and remote access
With Check Point UTM-1 appliances, you can simplify the setup of site-to-site VPNs
and remote access. Manual setup of node-to-node VPN tunnels and security for an
entire VPN is replaced by a One-Click process, where new sites and remote users are
added automatically. Check Point UTM-1 appliances can also connect employees
and business partners to your trusted network through flexible IPSec remote access,
working seamlessly with a variety of VPN agents.
IPS Software Blade
Next generation intrusion prevention
The Check Point IPS Software Blade provides complete, next generation intrusion
prevention capabilities at multi-gigabit speeds, resulting in industry-leading total system security and performance. The IPS Blade provides complete client, server, and
©2010 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Unrestricted] — For everyone 1
|
UTM-1 Appliances
OS coverage against vulnerabilities, malware/worm infections,
and more. The Multi-Tier Threat Detection Engine combines
signatures, protocol validation, anomaly detection, behavioral
analysis, and other methods to provide the highest levels of network IPS protection. By quickly filtering 90% of incoming traffic
without requiring deep inspection, the IPS engine inspects for
attacks only on relevant traffic, reducing overhead and increasing accuracy.
Antivirus & Anti Malware Software Blade
Gateway antivirus, anti-spyware
Antivirus and anti-spyware protections are core components
of UTM-1, complementing Check Point’s endpoint security
solutions. Check Point UTM-1 appliances use an up-to-date list
of antivirus and anti-spyware signatures plus anomaly-based
protection to stop viruses and other malware at the gateway.
To check for threats hidden inside legitimate content, realtime antivirus scans are performed on POP3, SMTP, FTP and
HTTP services.
Anti-Spam and Email Security Software Blade
Comprehensive messaging security
Messaging Security from Check Point provides comprehensive
protection for an organization's messaging infrastructure. The
multidimensional approach protects the email infrastructure,
provides highly accurate spam protection, and defends organizations from a wide variety of virus and malware threats within
email.
IP reputation
anti-spam
Checks the sender's reputation against a dynamic
database of known bad IP addresses, blocking
spam and malware at the connection level.
Contentbased
anti-spam
Blocks known spam by comparing a ’fingerprint’
of each incoming email with a dynamic database
containing millions of known spam signatures.
Block/allow
list anti-spam
Blocks email offenders while allowing trusted
senders. Can block or allow entire domains.
Mail antivirus
Blocks worms and viruses at the gateway.
Supports standard email protocols (POP3, IMAP
and SMTP), including Web-based email.
IPS email
server
protection
Protects against a broad range of threats, including denial-of-service attacks that target the messaging infrastructure itself.
evolving security requirements with additional Check Point
Software Blades. Some additional Check Point Software
Blades include Web, VoIP, Advanced Networking and
Acceleration & Clustering.
THE SIMPLICITY AND FLEXIBILITY YOU WANT
All-inclusive turnkey solution
Everything you need in a UTM network security solution is
provided by Check Point UTM-1 appliances. This includes:
• Security protections
• All security updates
• Security management
• Hardware warranty
Integrated security management
Check Point UTM-1 appliances come with integrated gateway
management, offering the ability to centrally manage multiple
Check Point gateways from a single console. UTM-1 appliances include a Security Management container and the
following blades: Network Policy Management, Endpoint Policy
Management and Logging & Status blades.
Centralized, automatic updates
Update Services enable you to configure UTM-1 into an active
security solution, capable of ensuring your networks are safe
from new attacks via ongoing and automatic defense updates.
Quick setup
Check Point UTM-1 appliances can be easily set up with a firsttime configuration wizard. This truly simple deployment process
is as easy as:
• Plugging in and turning on the appliance
• Following the onscreen wizard
• Launching the management interface
URL Filtering Software Blade
Check Point UTM-1 appliances stop inappropriate Web surfing
with best-of-breed Web filtering that covers 25-million-plus URLs
and dozens of filtering categories, enabling you to define and
enforce an online acceptable-use policy for your organization.
Extensible with additional Check Point Software Blades
Quickly meet new security threats
UTM-1 comes with a preconfigured set of software blades.
UTM-1 can be quickly and easily extended to meet new and
The first-time configuration wizard makes configuring Check Point
UTM-1 appliances easy.
©2010 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Unrestricted] — For everyone 2
|
UTM-1 Appliances
HARDWARE SPECIFICATIONS
UTM-1 136
UTM-1 276
UTM-1 576
UTM-1 1076
UTM-1 2076
UTM-1 3076
132, 136
272, 276
572, 576
1073, 1076
2073, 2076
3073, 3076
R65, R70, R71
R65, R70, R71
R65, R70, R71
R65, R70, R71
R65, R70, R71
R65, R70, R71
Secure Platform
Secure Platform
Secure Platform
Secure Platform
Secure Platform
Secure Platform
10/100 Ports
1
-
-
-
-
-
10/100/1000
Ports
4
4
6
6
8
10
Firewall
Throughput
1.5 Gbps
1.5 Gbps
2.5 Gbps
3 Gbps
3.5 Gbps
4.5 Gbps
VPN Throughput
120 Mbps
120 Mbps
300 Mbps
350 Mbps
450 Mbps
1100 Mbps
Concurrent
Sessions
600,000
600,000
650,000
1,100,000
1,100,000
1,100,000
IPS Throughput
1.0 Gbps
1.0 Gbps
1.7 Gbps
2.2 Gbps
2.7 Gbps
4.0 Gbps
Licensed Users
Unlimited
Unlimited
Unlimited
Unlimited
Unlimited
Unlimited
Recommended
Sizing
Up to 75 users
Up to 125 users
Up to 250 users
Up to 500 users
Up to 1000 users
Up to 1500 users
10242
10242
10242
10242
10242
10242
UTM Out of the
Box
Yes
Yes
Yes
Yes
Yes
Yes
Security
Acceleration
Yes
Yes
Yes
Yes
Yes
Yes
Integrated
Multigateway
Management
Standalone
Yes
Yes
Yes
Yes
Yes
Software Edition
Operating
System
VLANs
Storage
80 GB
160 GB
160 GB
160 GB
160 GB
160 GB
Enclosure
Desktop/1U
1U
1U
1U
1U
1U
Dimensions
(metric)
270 x 145 x
40mm
429 x 255 x
44mm
429 x 255 x
44mm
429 x 255 x
44mm
443 x 381 x
44mm
443 x 381 x
44mm
1.6kg (3.52lbs)
3.7kg (8.1lbs)
3.7kg (8.1lbs)
3.7kg (8.1lbs)
6.5kg (14.3lbs)
6.5kg (14.3lbs)
Weight
Operating
Environment
Temperature: 5° to 40° C, Humidity: 10%-85% non-condensing, Altitude: 2,500m
Power Input
100~240V, 50~60Hz
Power Supply
Spec (Max)
60W
65W
65W
65W
250W
250W
Power
Consumption
(Max)
46.9W
26.2W
41.1W
40.1W
63.1W
77.5W
Compliance
UL 60950; FCC Part 15, Subpart B, Class A; EN 55024; EN 55022; VCCI V-3; AS/NZS 3548:1995; CNS 13438 Class A (test
passed; country approval pending); KN22, KN61000-4 Series, TTA; IC-950; ROHS
12
1
2
Test based on real-world traffic blend using the default profile
Maximum of 256 VLANs per interface
©2010 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Unrestricted] — For everyone 3
|
UTM-1 Appliances
SECURITY GATEWAY SOFTWARE BLADES
Software Blade
UTM-1 136
UTM-1 276
UTM-1 576
UTM-1 1076
UTM-1 2076
UTM-1 3076
132
136
272
276
572
576
1073
1076
2073
2076
3073
3076
Firewall
3
3
3
3
3
3
3
3
3
3
3
3
IPSEC VPN
3
3
3
3
3
3
3
3
3
3
3
3
IPS
*
3
*
3
*
3
3
3
3
3
3
3
URL Filtering
*
3
*
3
*
3
*
3
*
3
*
3
Antivirus &
Anti-Malware
*
3
*
3
*
3
*
3
*
3
*
3
Anti-Spam &
Email Security
*
3
*
3
*
3
*
3
*
3
*
3
Advanced
Networking
*
*
*
*
*
*
*
*
*
*
*
*
Acceleration &
Clustering
*
*
*
*
*
*
*
*
*
*
*
*
Web Security
*
*
*
*
*
*
*
*
*
*
*
*
Voice over IP
*
*
*
*
*
*
*
*
*
*
*
*
Monitoring
*
*
*
*
*
*
*
*
*
*
*
*
Management
Portal
*
*
*
*
*
*
*
*
*
*
*
*
User Directory
*
*
*
*
*
*
*
*
*
*
*
*
Policy
Management
3
3
3
3
3
3
3
3
3
3
3
3
Endpoint Policy
Management
3
3
3
3
3
3
3
3
3
3
3
3
Logging &
Status
3
3
3
3
3
3
3
3
3
3
3
3
3 = Included
* = Optional
©2010 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Unrestricted] — For everyone 4
|
UTM-1 Appliances
SECURITY SPECIFICATIONS
Security Specification
Protection Details
Firewall Software Blade
Protocol/Application Support
VoIP Protection
Instant Messaging Control
Peer-to-peer Blocking
Network Address Translation
200-plus
SIP, H.323, MGCP and SCCP with NAT support
MSN, Yahoo, ICQ, and Skype
Kazaa, Gnutella, BitTorrent
Static/hide NAT support with manual and automatic rules
IPsec VPN Software Blade
Encryption Support
Authentication Methods
Certificate Authority
VPN Communities
AES 128-256 bit, 3DES 56-168 bit
Password, RADIUS, TACACS, X.509, SecurID
Integrated certificate authority (X.509)
Automatically sets up site-to-site connections as objects are created
Topology Support
Star and mesh
Route-based VPN
Utilizes virtual tunnel interfaces; numbered/unnumbered interfaces
VPN Agent Support
Complete endpoint security with VPN, desktop firewall
SSL-based Remote Access
Fully integrated SSL VPN gateway provides on-demand SSL-based access
SSL-based
Endpoint Scanning
Scans endpoint for compliance/malware prior to admission to the network
IPS Software Blade
Network-layer protection
Application-layer protection
Detection methods
Blocks attacks such as DoS, port scanning, IP/ICMP/TCP-related
Blocks attacks such as DNS cache poisoning, FTP bounce, improper commands
Signature-based, behavioral and protocol anomaly
Antivirus & Anti-Malware Software Blade
Antivirus Protection
Protects HTTP, POP3, SMTP and FTP protocols
Anti-spyware Blocks
Pattern-based spyware blocking at the gateway
Updates
Automatic updates from labs or to the file on the local netowrk
Options
File-based antivirus or protocol-based antivirus
URL Filtering Software Blade
URL Database
Updates
URL database 25 million-plus URLs in more than 90 categories
Automatic and centralized
Anti-Spam & Email Security Software Blade
Email IPS
Pattern-based Anti-spam
IP Reputation Checking
Signature-based Antivirus
Zero-hour Outbreak
Protection
Block/allow Lists
SMTP, POP3 and IMAP attack protection
Detects spam based on dynamic database of signatures
Blocks spam and malware by sender
First layer of protection from viruses and malware
Complements signature-based protection to block new outbreaks
Provides granular control over specific domains and users
©2010 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Unrestricted] — For everyone 5
|
UTM-1 Appliances
SECURITY SPECIFICATIONS (CONT.)
Security Specification
Protection Details
Management and Reporting
Centralized Management
Monitoring/Logging
Reporting1
Includes centralized management
SmartView Tracker™ provides advanced monitoring and logging
Express reports
Command Line Interface
Telnet, SSH
Networking
DHCP Support
SecurePlatform™ DHCP server and relay
ISP Redundancy1
Protocol-based, source/destination and port route decisions
Routing Support
OSPF, BGP, RIP v1/2, Multicast
1
Layer-2 Bridge Support
Transparently integrates into existing network
Performance and Availability
High Availability
Active/passive and active/active failover options
Load Balancing
ClusterXL® provides near linear scaling
1
Quality of Service1
Floodgate-1® provides granular QoS control
ISP Redundancy1
Automatically reroutes traffic to second interface
Link Aggregation
Load-balancing and high-availability interfaces
1
1
Optional in R70
CONTACT CHECK POINT
June 3, 2010
Worldwide Headquarters
5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: info@checkpoint.com
U.S. Headquarters
800 Bridge Parkway, Redwood City, CA 94065 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com
©2010 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Unrestricted] — For everyone 6
|
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising