Check Point Datasheet

PRODUCT DESCRIPTION

All inclusive. All secured.

Check Point UTM-1 appliances deliver proven, best-in-class security with robust performance and powerful centralized management, in a simple all-inone solutionideal for small- and medium-size offices.

UTM-1 Appliances
OVERVIEW
Check Point UTM-1 security appliances are all-inclusive, turn-key solutions that include everything you need to secure your network. Each appliance includes integrated centralized management, along with complete security updates, hardware support, and customer support. UTM-1 appliances come packaged with the most comprehensive and flexible security solution available. All UTM-1 appliances can include firewall, intrusion prevention (IPS), antivirus, anti-spyware, URL filtering, Web security, and anti-spam Software Blades. Additional blades can be flexibly added as needed.

PRODUCT FEATURES
n n n n n

Flexible Software Blade Architecture All inclusive, turn-key solution Integrated centralized management Centralized automatic updates Quick setup

PRODUCT BENEFITS
n

Proven technologies trusted by 100% of the Fortune 100 Delivers everything you need to secure your network in one appliance: security protections, security updates, management, and hardware warranty Field upgradeable via Check Points Software Blade Architecture in order to add functionality to meet new security threats Ensures confidentiality by securing remote access and site-to-site communications Protects against emerging threats with Check Point Update Service

ALL THE SECURITY YOU NEED

Flexible Software Blade Architecture UTM-1 includes Check Points revolutionary Software Blade Architecture. The Check Point Software Blade architecture is the first and only security architecture that delivers total, flexible and manageable security to companies of any size. With this unprecedented capability to flexibly and quickly expand security capabilities, Check Point Software Blades deliver lower cost of ownership and cost-efficient protection that meet any need, today and in the future. Firewall Software Blade Proven application control and attack protection UTM-1 includes the most proven firewall technology, examining hundreds of applications, protocols, and services out-of-the box, including Internet messaging and P2P. IPSec VPN Software Blade Simple site-to-site connectivity and remote access With Check Point UTM-1 appliances, you can simplify the setup of site-to-site VPNs and remote access. Manual setup of node-to-node VPN tunnels and security for an entire VPN is replaced by a One-Click process, where new sites and remote users are added automatically. Check Point UTM-1 appliances can also connect employees and business partners to your trusted network through flexible IPSec remote access, working seamlessly with a variety of VPN agents. IPS Software Blade Next generation intrusion prevention The Check Point IPS Software Blade provides complete, next generation intrusion prevention capabilities at multi-gigabit speeds, resulting in industry-leading total system security and performance. The IPS Blade provides complete client, server, and

2010 Check Point Software Technologies Ltd. All rights reserved. Classification: [Unrestricted] For everyone 1

UTM-1 Appliances

OS coverage against vulnerabilities, malware/worm infections, and more. The Multi-Tier Threat Detection Engine combines signatures, protocol validation, anomaly detection, behavioral analysis, and other methods to provide the highest levels of network IPS protection. By quickly filtering 90% of incoming traffic without requiring deep inspection, the IPS engine inspects for attacks only on relevant traffic, reducing overhead and increasing accuracy. Antivirus & Anti Malware Software Blade Gateway antivirus, anti-spyware Antivirus and anti-spyware protections are core components of UTM-1, complementing Check Points endpoint security solutions. Check Point UTM-1 appliances use an up-to-date list of antivirus and anti-spyware signatures plus anomaly-based protection to stop viruses and other malware at the gateway. To check for threats hidden inside legitimate content, realtime antivirus scans are performed on POP3, SMTP, FTP and HTTP services. Anti-Spam and Email Security Software Blade Comprehensive messaging security Messaging Security from Check Point provides comprehensive protection for an organization's messaging infrastructure. The multidimensional approach protects the email infrastructure, provides highly accurate spam protection, and defends organizations from a wide variety of virus and malware threats within email.
IP reputation anti-spam Contentbased anti-spam Block/allow list anti-spam Mail antivirus IPS email server protection
Checks the sender's reputation against a dynamic database of known bad IP addresses, blocking spam and malware at the connection level. Blocks known spam by comparing a fingerprint of each incoming email with a dynamic database containing millions of known spam signatures. Blocks email offenders while allowing trusted senders. Can block or allow entire domains. Blocks worms and viruses at the gateway. Supports standard email protocols (POP3, IMAP and SMTP), including Web-based email. Protects against a broad range of threats, including denial-of-service attacks that target the messaging infrastructure itself.

evolving security requirements with additional Check Point Software Blades. Some additional Check Point Software Blades include Web, VoIP, Advanced Networking and Acceleration & Clustering.

THE SIMPLICITY AND FLEXIBILITY YOU WANT

All-inclusive turnkey solution Everything you need in a UTM network security solution is provided by Check Point UTM-1 appliances. This includes: Security protections All security updates Security management Hardware warranty Integrated security management Check Point UTM-1 appliances come with integrated gateway management, offering the ability to centrally manage multiple Check Point gateways from a single console. UTM-1 appliances include a Security Management container and the following blades: Network Policy Management, Endpoint Policy Management and Logging & Status blades. Centralized, automatic updates Update Services enable you to configure UTM-1 into an active security solution, capable of ensuring your networks are safe from new attacks via ongoing and automatic defense updates. Quick setup Check Point UTM-1 appliances can be easily set up with a firsttime configuration wizard. This truly simple deployment process is as easy as: Plugging in and turning on the appliance Following the onscreen wizard Launching the management interface

URL Filtering Software Blade Check Point UTM-1 appliances stop inappropriate Web surfing with best-of-breed Web filtering that covers 25-million-plus URLs and dozens of filtering categories, enabling you to define and enforce an online acceptable-use policy for your organization. Extensible with additional Check Point Software Blades Quickly meet new security threats UTM-1 comes with a preconfigured set of software blades. UTM-1 can be quickly and easily extended to meet new and

The first-time configuration wizard makes configuring Check Point UTM-1 appliances easy.

2010 Check Point Software Technologies Ltd. All rights reserved. Classification: [Unrestricted] For everyone 2

UTM-1 Appliances

HARDWARE SPECIFICATIONS

UTM-1 136 132, 136 Software Edition Operating System 10/100 Ports 10/100/1000 Ports Firewall Throughput VPN Throughput Concurrent Sessions IPS Throughput Licensed Users Recommended Sizing VLANs UTM Out of the Box Security Acceleration Integrated Multigateway Management Storage Enclosure Dimensions (metric) Weight Operating Environment Power Input Power Supply Spec (Max) Power Consumption (Max) Compliance
12

UTM-1 276 272, 276

R65, R70, R71 Secure Platform 4 1.5 Gbps 120 Mbps 600,000 1.0 Gbps Unlimited Up to 125 users 10242 Yes Yes Yes 160 GB 1U 429 x 255 x 44mm 3.7kg (8.1lbs)

UTM-1 576 572, 576

R65, R70, R71 Secure Platform 6 2.5 Gbps 300 Mbps 650,000 1.7 Gbps Unlimited Up to 250 users 10242 Yes Yes Yes 160 GB 1U 429 x 255 x 44mm 3.7kg (8.1lbs)

UTM-1 1076 1073, 1076

R65, R70, R71 Secure Platform 6 3 Gbps 350 Mbps 1,100,000 2.2 Gbps Unlimited Up to 500 users 10242 Yes Yes Yes 160 GB 1U 429 x 255 x 44mm 3.7kg (8.1lbs)

UTM-1 2076 2073, 2076

R65, R70, R71 Secure Platform 8 3.5 Gbps 450 Mbps 1,100,000 2.7 Gbps Unlimited Up to 1000 users 10242 Yes Yes Yes 160 GB 1U 443 x 381 x 44mm 6.5kg (14.3lbs)

UTM-1 3076 3073, 3076

R65, R70, R71 Secure Platform 10 4.5 Gbps 1100 Mbps 1,100,000 4.0 Gbps Unlimited Up to 1500 users 10242 Yes Yes Yes 160 GB 1U 443 x 381 x 44mm 6.5kg (14.3lbs)

R65, R70, R71 Secure Platform 1 4 1.5 Gbps 120 Mbps 600,000 1.0 Gbps Unlimited Up to 75 users 10242 Yes Yes Standalone 80 GB Desktop/1U 270 x 145 x 40mm 1.6kg (3.52lbs)

Temperature: 5 to 40 C, Humidity: 10%-85% non-condensing, Altitude: 2,500m 100~240V, 50~60Hz 60W 46.9W 65W 26.2W 65W 41.1W 65W 40.1W 250W 63.1W 250W 77.5W

UL 60950; FCC Part 15, Subpart B, Class A; EN 55024; EN 55022; VCCI V-3; AS/NZS 3548:1995; CNS 13438 Class A (test passed; country approval pending); KN22, KN61000-4 Series, TTA; IC-950; ROHS

1 2

Test based on real-world traffic blend using the default profile Maximum of 256 VLANs per interface

2010 Check Point Software Technologies Ltd. All rights reserved. Classification: [Unrestricted] For everyone 3

UTM-1 Appliances

SECURITY GATEWAY SOFTWARE BLADES

Software Blade
Firewall IPSEC VPN IPS URL Filtering Antivirus & Anti-Malware Anti-Spam & Email Security Advanced Networking Acceleration & Clustering Web Security Voice over IP Monitoring Management Portal User Directory Policy Management Endpoint Policy Management Logging & Status

UTM-1 136 132 136

UTM-1 276 272 276

UTM-1 576 572 576

UTM-1 1076 1073 1076

UTM-1 2076 2073 2076

UTM-1 3076 3073 3076

3 3
* * * * * * * * * * *

3 3 3 3 3 3
* * * * * * *

3 3
* * * * * * * * * * *

3 3 3 3 3 3
* * * * * * *

3 3
* * * * * * * * * * *

3 3 3 3 3 3
* * * * * * *

3 3 3
* * * * * * * * * *

3 3 3 3 3 3
* * * * * * *

3 3 3
* * * * * * * * * *

3 3 3 3 3 3
* * * * * * *

3 3 3
* * * * * * * * * *

3 3 3 3 3 3
* * * * * * *

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 3 3

3 = Included * = Optional

2010 Check Point Software Technologies Ltd. All rights reserved. Classification: [Unrestricted] For everyone 4

UTM-1 Appliances

SECURITY SPECIFICATIONS
Security Specification
Firewall Software Blade Protocol/Application Support VoIP Protection Instant Messaging Control Peer-to-peer Blocking Network Address Translation IPsec VPN Software Blade Encryption Support Authentication Methods Certificate Authority VPN Communities Topology Support Route-based VPN VPN Agent Support SSL-based Remote Access SSL-based Endpoint Scanning IPS Software Blade Network-layer protection Application-layer protection Detection methods Antivirus & Anti-Malware Software Blade Antivirus Protection Anti-spyware Blocks Updates Options URL Filtering Software Blade URL Database Updates Anti-Spam & Email Security Software Blade Email IPS Pattern-based Anti-spam IP Reputation Checking Signature-based Antivirus Zero-hour Outbreak Protection Block/allow Lists
SMTP, POP3 and IMAP attack protection Detects spam based on dynamic database of signatures Blocks spam and malware by sender First layer of protection from viruses and malware Complements signature-based protection to block new outbreaks Provides granular control over specific domains and users URL database 25 million-plus URLs in more than 90 categories Automatic and centralized Protects HTTP, POP3, SMTP and FTP protocols Pattern-based spyware blocking at the gateway Automatic updates from labs or to the file on the local netowrk File-based antivirus or protocol-based antivirus Blocks attacks such as DoS, port scanning, IP/ICMP/TCP-related Blocks attacks such as DNS cache poisoning, FTP bounce, improper commands Signature-based, behavioral and protocol anomaly AES 128-256 bit, 3DES 56-168 bit Password, RADIUS, TACACS, X.509, SecurID Integrated certificate authority (X.509) Automatically sets up site-to-site connections as objects are created Star and mesh Utilizes virtual tunnel interfaces; numbered/unnumbered interfaces Complete endpoint security with VPN, desktop firewall Fully integrated SSL VPN gateway provides on-demand SSL-based access Scans endpoint for compliance/malware prior to admission to the network 200-plus SIP, H.323, MGCP and SCCP with NAT support MSN, Yahoo, ICQ, and Skype Kazaa, Gnutella, BitTorrent Static/hide NAT support with manual and automatic rules

Protection Details

2010 Check Point Software Technologies Ltd. All rights reserved. Classification: [Unrestricted] For everyone 5

UTM-1 Appliances

SECURITY SPECIFICATIONS (CONT.)

Security Specification
Management and Reporting Centralized Management Monitoring/Logging Reporting1 Command Line Interface Networking DHCP Support ISP Redundancy1 Routing Support
1

Protection Details
Includes centralized management SmartView Tracker provides advanced monitoring and logging Express reports Telnet, SSH SecurePlatform DHCP server and relay Protocol-based, source/destination and port route decisions OSPF, BGP, RIP v1/2, Multicast Transparently integrates into existing network Active/passive and active/active failover options ClusterXL provides near linear scaling Floodgate-1 provides granular QoS control Automatically reroutes traffic to second interface Load-balancing and high-availability interfaces

Layer-2 Bridge Support Performance and Availability High Availability Load Balancing
1

Quality of Service1 ISP Redundancy1 Link Aggregation

1

Optional in R70
Worldwide Headquarters 5 HaSolelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: info@checkpoint.com U.S. Headquarters 800 Bridge Parkway, Redwood City, CA 94065 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com 2010 Check Point Software Technologies Ltd. All rights reserved. Classification: [Unrestricted] For everyone 6

CONTACT CHECK POINT

June 3, 2010