Securing everyThing

www.endian.com

Securing everyThing
The Simplest and Most Secure UTM Available

Network Security:
All-in-one full UTM hardware,
software and virtual appliances.

BYOD & Hotspot:

Provide secure and simple
Internet access for guests
and coworkers.

Quick & Easy Setup:

Get your network protected
in a matter of minutes.

Endian Network
Endians centralized
management portal

Endians mission is to protect global communication networks and

provide secure information access to anyone.
We help companies meet these challenges by providing an appliancebased architecture for network protection and for network management
that is easy to buy, easy to own and easy to use.

About Endian
Founded in Appiano, Italy in 2003 by a team of experienced network specialists and security enthusiasts. Endians goal is clear:
Develop the worlds most powerful and easy-to-use Open Source Unified Threat Management system. With over 1.7 million users
of the Community Edition and thousands of installations of the professional product in over 50 countries, Endian continues to
deliver on its mission!
The number of Internet-connected devices is growing
at an incredible rate every day in both the business
and consumer markets. Endian understands that each
of these appliances becomes exposed to millions of
potential threats the minute its connected.
Our solution set is unique in that it can provide a comprehensive security layer combined with a unique level
of simplicity within the IoT industry. This can offer a
tremendous value to businesses in terms of protecting
their employees and users as well as enabling the creation of new service and support platforms that can
save costs and drive revenue.

Securing everyThing

www.endian.com

Unified Threat Management (UTM)

A Unified Threat Management (UTM) appliance is an all-inclusive product
able to deliver multiple security fuctionalities within one single system.
This approach allows to centrally manage all the needed services, including firewall, IPS/IDS, VPN, web and mail security.

Endian UTM Network Security Solutions

Endian security appliances are easy to use, all-in-one products: no extra module has to be added to guarantee maximum protection
to your network. In order to offer to our customers even more, an advanced hotspot service is included in every appliance. Endian
gateways are available as hardware, software or virtual appliances.

Hardware Appliance

Virtual Appliance

Software Appliance

A complete range of specifically designed appliances integrating our UTM

software for everyones security needs,
from branch offices and industrial facilities to large networks.

Protect your virtual networks and infrastructure in seconds. Support for all
leading virtualization paltforms (VMware, Xen/XenServer, KVM).

Turn your favorite or existing hardware

into a full-featured Endian UTM appliance. Scale your hardware resources up
or down to suite your business network
needs.

Endian UTM Highlights

Using Endian UTM, your setup time is only a matter of minutes and with our intuitive web-based interface you can greatly reduce
your network management time and costs. Protect and connect your network so you can get back to focusing on your business.

Wi-Fi and Bring Your Own Device (BYOD)

Are you getting the most from your WIFI or guest networks? Endians Hotspot
solution can help protect those networks and offer valuable Internet access-all
while maximizing their potential value to your business. Utilizing the Hotspot,
you can collect user information and manage your guest network traffic so
that your business can benefit from those resources.

Centralized Management and Updates

Endian Network is a free cloud-based, centralized management portal for secure remote access to all your Endian hardware, software and virtual appliances. This unified solution allows you to access, monitor, update and upgrade
your Endian appliances. A simple setup process and user-friendly web interface make managing, selling and supporting Endian a breeze.

Secure Remote Access

Business happens everywhere and you need a solution to allow your business
to stay connected and be protected from network threats. Our UTM solution
provides both secure site-to-site and remote access (road warrior) connectivity options that are sure to meet your needs. In addition, our solution delivers
strong access control and encryption which can help minimize data loss and/
or inappropriate access.

Application Control
Take control of the network by properly managing time-wasting, high bandwidth or non-business applications like Skype, WhatsApp, Dropbox, Facebook,
Twitter and over 150 more. Endian makes it simple to manage applications
on your network with just a few clicks, increasing productivity has never been
easier.

Securing everyThing

www.endian.com

Mail and Web Security

Protect your employees from web and email threats like viruses, malware,
phishing, spam and even policy violations and in the process increase productivity. Complete web security provides over 100+ million categorized URL and
domains. Flexible web policies allow you to build rules based on users, groups,
date, time and much more. Our email filtering stops spam and viruses in their
tracks and keeps your mail servers and users protected.

Live Network Monitoring and Reporting

Do you know whats happening on your network? Can you identify what users
are doing and which applications they are using? If not, your business could be
losing valuable time and money. Our solution provides intuitive real-time and
historical traffic monitoring along with management reports including web,
email, security activity and more.

Event Management
The event notification engine was completely rewritten from the ground up to
provide more advanced features and all new notification capabilities. Now you
can keep track of things like IPsec and SSL VPN user activity (login/logout),
errors and much more. In addition, weve added multiple notification options
that include the ability to be notified via email or SMS or even have the system
run a custom script upon an event occurring.

Advanced Content Security

Advanced Content Security is a powerful security bundle designed to enhance
Endians malware signature database for more comprehensive threat awareness.
It includes: CYREN URL Filtering that by using predictive detection technology,
can recognize harmful sites before users are exposed to them, CYREN Anti-Spam
that makes Endian able to respond to email threats within a couple of seconds
while delivering the lowest false positives rate possible and Panda Anti-Virus,
which helps Endian to provide maximum anti-virus protection .

Choose Endian UTM if you need:

All-In-One UTM hardware, software or virtual appliances
Reduce network management time and costs with our simple web interface
Central management platform to monitor and access all your UTM
devices

Highlights Mini 25
4 Ethernet Ports
2 GB RAM
8 GB CFast Flash Memory
Desktop Appliance
WIFI Upgrade Available

Endian UTM Mini 25

The ideal network security solution for small businesses and remote branch office locations takes a step forward. The new set and forget Endian gateway is built on a completely new platform and has double the power of the previous generation.

UTM Mini 25 WiFi

This product offers a complete set of UTM features including a powerful hotspot solution that when utilized with our WIFI option makes this the only SMB solution you need to
connect and protect your small business network.

Highlights Mini 25 WiFi

Complete Hotspot Integration
Up to 4 Configurable WiFi
Networks
WPA & WPA2 Personal/
Enterprise Authentication
Standards 802.11 a/b/g/n
Support for 2.4 or 5 GHz
2x2 MIMO Antennas

Securing everyThing

www.endian.com

Endian UTM Mercury 50

Conceived to handle the processing of heavy Internet traffic, emails and VPN connections to branch offices, the Mercury 50 is the ideal scalable solution to support your
network growth.
This high-performance appliance provides Endians best-in-class security features to
midsize organizations. The complete set of Unified Threat Management functionalities in
combination with advanced hotspot gives you the most comprehensive features available.

Endian UTM Mercury 100

Fast, flexible and easy to use. The Mercury 100 guarantees high security standards
combined with the globally recognized Endian Hotspot technology.
Application level filters, anti-virus, anti-spam, web filtering, VPN functionality and much
more create a complete and reliable shield for your network from all internal and external threats.

Highlights
5 Ethernet Ports
2 GB RAM
320 GB Hard Disk
Desktop Appliance

Highlights
6 Ethernet Ports
4 GB RAM
2x320 GB Hard Disk
LAN-Bypass
Rack 1U

Endian UTM Macro 250 and 500

Large organizations and distributed enterprises often experience critical security issues. To constantly keep the protection at a high level the support of a reliable hardware
appliance is needed.
The Macro 250 and 500 offer integrated security services such as stateful inspection
firewall, VPN, gateway anti-virus, anti-spam, web and email content filtering as well as
a powerful hotspot in a single product.

Endian UTM Macro 1000 and 2500

Discover the new powerful Endian appliances equipped with twice the memory and the
latest multi-core processor technology to boost your network performance.
The Macro 1000 and 2500 are the ideal gateways to manage and filter the traffic of the
most demanding networks. These high-performance hardware appliances are specially
conceived to offer a great combination of performance and protection to large enterprises.

Highlights
8 Ethernet Ports
4 / 8 GB RAM
2x320 / 2x500 GB Hard Disk
LAN-Bypass
Rack 1U

Highlights
10/18 Ethernet Ports
16/32 GB RAM
2x500/2x1000 GB Hard Disk
LAN-Bypass
Rack 2U
2x 10Gigabit SFP+ (optional)

Securing everyThing

www.endian.com

Endian UTM Hardware Comparison

Performance
Mini 25
Mini 25 WiFi

Mercury 50

Mercury 100

Macro 250

Macro 500

Macro 1000

Macro 2500

Firewall Throughput

1.2 Gbit/s

1.55 Gbit/s

2.5 Gbit/s

5.1 Gbit/s

10 Gbit/s

20 Gbit/s

30 Gbit/s

VPN Throughput
(IPsec & SSL)

120 Mbit/s

155 Mbit/s

220 Mbit/s

880 Mbit/s

1.4 Gbit/s

2.5 Gbit/s

4 Gbit/s

IPS Throughput

100 Mbit/s

120 Mbit/s

160 Mbit/s

590 Mbit/s

900 Mbit/s

1.8 Gbit/s

2.5 Gbit/s

Antivirus Throughput
(Proxy)

120 Mbit/s

150 Mbit/s

250 Mbit/s

1.4 Gbit/s

2.5 Gbit/s

3.5 Gbit/s

5 Gbit/s

Web Security Throughput

180 Mbit/s

250 Mbit/s

400 Mbit/s

2.7 Gbit/s

4.8 Gbit/s

10 Gbit/s

15 Gbit/s

300,000

300,000

500,000

1,500,000

2,500,000

2,500,000

5,000,000

Mini 25
Mini 25 WiFi

Mercury 50

Mercury 100

Macro 250

Macro 500

Macro 1000

Macro 2500

Desktop

Desktop

Rack 1U

Rack 1U

Rack 1U

Rack 2U

Rack 2U

44x 225 x 150

44x 272 x 195

Weight

1.19 kg

2 kg

5 kg

8 kg

8 kg

19 kg

19 kg

Memory

2 GB

2 GB

4 GB

4 GB

8 GB

16 GB

32 GB

Storage

8 GB CFast
Flash Memory

320 GB HDD

Concurrent Sessions

Hardware

Case
Dimensions (mm)

4x Gigabit
Ethernet

44 x 430 x 260 44 x 430 x 400 44 x 430 x 400 88 x 430 x 580 88 x 430 x 580

2x 320 GB HDD 2x 320 GB HDD 2x 500 GB HDD 2x 500 GB HDD

Raid
Raid
Raid
Raid

5x Gigabit
Ethernet

6x Gigabit
Ethernet

8x Gigabit
Ethernet

8x Gigabit
Ethernet

10x Gigabit
Ethernet

2x 1 TB HDD
Raid
18x Gigabit
Ethernet

Networking

Wi-Fi 802.11
a/b/g/n (optional)

LAN Bypass

1 Pair

2 Pairs

4 Pairs

4 Pairs

40W External

45W External

65W Internal

250W Internal

250W Internal

Fanless

Fans

Fans

Fans

Fans

Fans

Fans

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

12 months

12 months

12 months

12 months

12 months

12 months

12 months

FCC/CE/RoHS

FCC/CE/RoHS

FCC/CE/RoHS

FCC/CE/RoHS

FCC/CE/RoHS

FCC/CE/RoHS

FCC/CE/RoHS

Power Supply
Cooling
LCD Display
VGA
Hardware Warranty
Certifications

2x 10Gigabit
2x 10Gigabit
SFP+ (optional) SFP+ (optional)
4 Pairs

8 Pairs

2x 460W Inter- 2x 460W Internal Redundant nal Redundant

Software Solutions
Turn any PC into a Unified Threat Management Appliance
The software appliance is ideal for those who are looking to leverage existing hardware (x86) for their networking and security
needs. The product functionality is identical to our hardware appliances so no tradeoffs required.
The Endian UTM Software Appliance offers the same technology that resides in the Endian Unified Threat Management (UTM)
hardware appliances, thus making it possible to turn any PC into a full featured security appliance. Unleash the power of Endian
UTM using your preferred hardware to enable comprehensive security for your whole network infrastructure. Integrated security
services such as stateful inspection firewall, VPN, gateway anti-virus, anti-spam, Web security, and e-mail content filtering offer
granular protection in a single system, hence reducing management time and costs.
System Requirements
CPU

Intel x86 compatible (1GHz minimum, Dual-core 2 GHz recommended), including VIA, AMD Athlon, Athlon 64,
Opteron, Intel Core 2 Duo, Xeon, Pentium and Celeron processors

Multi-Processor

Symmetric Multi-Processor (SMP) support included

RAM

512 MB minimum (1 GB recommended)

Disk

SCSI, SATA, SAS or IDE disk is required (8GB minimum 20GB recommended)

Software RAID

For software RAID1 (mirroring) two disks of the same type are required (capacity can be different)

Hardware RAID

SCSI and SAS RAID systems and controllers are supported

CD-ROM

An IDE, SCSI or USB CDROM drive is required for installation (not required after installation)

Network Cards

Most common Network Interface Cards are supported including Gigabit and fiber NICs

Monitor Keyboard

Only required for the installation but not for configuration and use

Operating System

Endian UTM includes a hardened Linux-based Operating System

Virtual Cloud Solutions

Secure and Protect your Virtual Infrastructure
Protect your virtual infrastructure from any potential threat with Endians cutting-edge network security! Whether you are securing
your internal virtual business environment, running a world-class hosting or colocation facility, or providing cloud services the
Endian UTM Virtual Appliance can provide superior network security to protect your virtual infrastructure from any potential threats.
System Requirements
CPU

Intel x86 compatible / 1GHz minimum (Dual-core 2 GHz recommended)

Multi-Processor

Symmetric Multi-Processor (SMP) support included

RAM

512MB minimum (1 GB recommended)

Disk

Support for full virtualization and paravirtualization / 8GB minimum (20 GB recommended)

CD-ROM

Physical and virtual drives as supported by the hypervisor

Network Cards

Support for full virtualization and paravirtualization

Operating System

Endian UTM includes a hardened Linux-based Operating System

Hypervisors

Securing everyThing

www.endian.com

Endian Network:
Check the status of your appliances and verify that the maintenance
is active
Let Endian technical support remotely access your machines
Download upgrades and security updates in a single click

Endian Network
Endians free centralized management platform
Endian Network is a free cloud-based, centralized management portal for secure remote
access to all your Endian hardware, software and virtual appliances. This unified solution allows you to access, monitor, update and upgrade your Endian appliances. A simple
setup process and a user-friendly web interface will help you in managing, selling and
supporting Endian products.

Highlights
Real-time status update of
your appliances
Remote access
Centralized updates and
upgrades
Remote support

Securing everyThing

Endian UTM Features

Network Security

Virtual Private Networking

Stateful packet firewall

Application control (including
Facebook, Twitter, Skype, WhatsApp
and more)
Demilitarized zone (DMZ)
Intrusion detection and prevention
Multiple public IP addresses
Multiple WAN
Quality of service and bandwidth
management
SNMP support
VoIP/SIP support
SYN/ICMP flood protection
VLAN support (IEEE 802.1Q
trunking)
DNS proxy/routing
Anti-spyware
Phishing protection

IPsec
Encryption: Null, 3DES, CAST-128,
AES 128/192/256-bit,
Blowfish 128/192/256-bit, Twofish 128/192/256-bit,
Serpent 128/192/256-bit, Camellia 128/192/256-bit
Hash algorithms: MD5, SHA1, SHA2
256/384/512-bit, AESXCBC
Diffie Hellman modes: 1, 2, 5, 14, 15,
16, 17, 18, 22, 23, 24
Authentication: pre-shared key
(PSK), RSA keys
X.509 certificates
IKEv1, IKEv2
Dead Peer Detection (DPD)
NAT traversal
Compression
Perfect Forward Secrecy (PFS)
VPN Site-to-Site
VPN Client-to-Site (roadwarrior)
L2TP user authentication
XAUTH user authentication
OpenVPN
Encryption: DES, 3DES, AES
128/192/256-bit, CAST5, Blowfish
Authentication: pre-shared key,
X.509 certificates
Support for VPN over HTTP Proxy
PPTP passthrough
VPN client-to-site (roadwarrior)
VPN client for Microsoft Windows
and Apple OS X
Possibility of multiple logins per user
VPN failover
Multiple server support
Support for mobile devices (Android,
iOS)
VPN Portal for Clientless Connections*
NEW Web-based access to internal
resources
NEW Configurable portal page
NEW Support for multiple destinations
NEW Destination-based authentication
NEW SSL offloading
User Management & Authentication
Unified user management for OpenVPN, L2TP, XAUTH, VPN Portal
Group management
Integrated certificate authority
External certificate authority
support
User password and certificate
management
NEW Multiple authentication servers
(local, LDAP, Active Directory,
RADIUS)
NEW Fully integrated one-time
password (OTP) support

Web Security
HTTP & FTP proxies
HTTPS filtering
Transparent proxy support
URL blacklist
Authentication: Local, RADIUS,
LDAP, Active Directory
NTLM single sign-on
Group-based and user-based web
content filter
Time based access control with
multiple time intervals
Panda anti-virus
Cyren URL filter

Mail Security
SMTP & POP3 proxies
Anti-spam with bayes, pattern and
SPF
Heuristics, black- and whitelists
support
Anti-virus
Transparent proxy support
NEW Email quarantine management
Spam auto-learning
Transparent mail forwarding (BCC)
Greylisting
Cyren anti-spam
Panda anti-virus

WAN Failover
Automatic WAN uplink failover
Monitoring of WAN uplinks
Uplink types: Ethernet (static/
DHCP), PPPoE, PPTP
Support for UMTS/GPRS/3G USB
dongles

User Authentication
Active Directory / NTLM
LDAP
RADIUS
Local

* not in Endian UTM Software 10, Endian UTM Virtual 10

BYOD / Hotspot*
Configurable captive portal
Free access to allowed sites (walled
garden)
Wired / wireless support
Integrated RADIUS service
Connection logging
NEW Bandwidth limiting based on
user, ticket or global settings
MAC-address based user accounts
NEW Configurable multiple logins
per user
User accounts import/export via CSV
User password recovery
Automatic client network configuration (support for DHCP and static IP)
Fully integrated accounting
Generic JSON API for external accounting and third party integration
Instant WLAN ticket shop (SmartConnect)
Single-click ticket generation (Quick
ticket)
SMS/e-mail user validation and
ticketing
Pre-/postpaid and free tickets
Time-/traffic-based tickets
Configurable ticket validity
Terms of Service confirmation
MAC address tracking for free
hotspots
Cyclic/recurring tickets (daily,
weekly, monthly, yearly)
Remember user after first authentication (SmartLogin)
NEW Social login (Facebook, Google)
External authentication server
(Local, LDAP, Active Directory,
RADIUS)

Network Address Translation

Destination NAT
Incoming routed traffic
One-to-one NAT
Source NAT (SNAT)
IPsec NAT traversal

Routing
Static routes
Source-based routing
Destination-based routing
Policy-based routing (based on interface, MAC address, protocol or port)

Bridging
Firewall stealth mode
OSI layer 2 firewall functionality
Spanning tree
Unlimited interfaces per bridge

High Availability
Hot standby (active/passive)
Node data/configuration synchroniz-

ation (not for BYOD/Hotspot)

Event Management

NEW More Than 30 Individually

Configurable Events
Email Notifications
NEW SMS Notifications
NEW Powerful Python Scripting
Engine

Logging and Reporting

Reporting dashboard
Detailed system, web, email, attack
and virus reports
Live network traffic monitoring
(powered by ntopng)
Live log viewer
Detailed user-based web access
report (not in 4i, Mini)
Network/system/performance
statistics
Rule-based logging settings (firewall
rules)
Syslog: local or remote
OpenTSA trusted timestamping

Extra Services
NTP (Network Time Protocol)
DHCP server
SNMP server
Dynamic DNS

Management / GUI
Centralized management through
Endian Network (SSL)
Easy Web-Based Administration
(SSL)
Multi-language web-interface
(English, Italian, German, Japanese, Spanish, Portuguese, Chinese,
Russian, Turkish)
Secure remote SSH/SCP access
Serial console

Updates and Backups

Centralized updates through Endian
Network
Scheduled automatic backups
Encrypted backups via email
Instant recovery / Backup to USB
stick (Endian Recovery Key)

2015 Endian Spa. Subject to change without notice. Endian and Endian UTM are trademarks of Endian Spa. All other trademarks and registered trademarks are the property of their respective owners.

www.endian.com