UTM-1 Total Security
All-inclusive, all secured
UTM-1™ Total Security™ appliances are all-inclusive, turnkey solutions with
everything you need to secure your network in a simple, cost-effective way.
Each solution includes the proven security features you need along with complete
security updates, hardware warranty, and reduced support rates for up to three
years. Based on the same Check Point technologies that secure the Fortune 500,
UTM-1 appliances deliver uncompromising security with streamlined deployment
and administration.
Industry-leading application- and
network-layer firewall secures hundreds
Industry-leading firewall
of applications and protocols including VoIP,
instant messaging (IM), and peer-to-peer
(P2P) applications
Network Security
Check Point network security
solutions are the marketleading choice for securing the
network infrastructure.
KEY BENEFITS
n
Everything you need to secure your
network for up to three years
n
Provides peace of mind with
proven technologies trusted by
the Fortune 500
n
Protects networks, systems, and
users from multiple types of attacks
n
Streamlines security deployment
and administration
VPN (site-to-site and
remote access)
Gateway antivirus/
anti-spyware
Intrusion prevention
Web security
Messaging security*
Centralized, multisite
management
* Standard UTM-1 appliances may be upgraded to either the one- or three-year UTM-1 Total Security
models, which include messaging security.
Feature-rich, easy-to-configure
IPSec and SSL VPNs
Signature-based antivirus and
anti-spyware protection
Intrusion prevention with SmartDefense®
type-based protections and security updates
Web security with URL filtering and
integrated security for Web applications
Messaging security and anti-spam
including the Check Point six dimensions
of comprehensive messaging security for
protecting the messaging infrastructure
Centralized management via a single
console for multiple sites—preinstalled on
Check Point appliances
The NGX platform delivers a unified
security architecture for Check Point.
UTM-1 Total Security
puresecurity
™
THE SECURITY YOU NEED
Proven application control and attack protection
UTM-1 includes the most proven firewall and can examine
hundreds of applications, protocols, and services out-of-thebox. Integrated SmartDefense
protocol-anomaly-based intrusion prevention to protect
business-critical services like FTP, HTTP, and VoIP from
known and unknown attacks. Similarly, UTM-1 Total Security
can block nonbusiness applications like IM and P2P.
Gateway antivirus, anti-spyware
Gateway antivirus and anti-spyware are core components of
UTM-1, complementing desktop endpoint security. UTM-1
Total Security uses an up-to-date list of antivirus and antispyware signatures and anomaly-based protection to stop
viruses and other malware at the gateway. To check for threats
hidden inside legitimate content, real-time antivirus scans are
performed on POP3, SMTP, FTP, and HTTP services.
Comprehensive messaging security with anti-spam
Messaging Security from Check Point provides comprehensive protection for an organization's messaging infra struc ture.
The multidimensional approach protects the email infrastructure, provides highly accurate spam protection, and defends
organizations from a wide variety of virus and malware threats
within email.
IP reputation
anti-spam
Blocks spam and malware at the connection level by checking the sender's
reputation against a dynamic database
of known malicious IP addresses
Content-based
anti-spam
Protects against advanced forms of
spam, including image-based and
foreign-language spam, using patternbased detection
Block/allow list
anti-spam
Utilizes block or allow lists to deny
obvious email offenders and allow
trusted senders
Mail antivirus Protects against a wide range of viruses
and malware, including scans of
message content and attachments
Zero-hour
outbreak
protection
Defends against new spam and
malware outbreaks by using advanced
pattern matching and distribution
analysis engine
SmartDefense
email IPS
Protects against a broad range of
threats, including DoS and buffer overflow attacks, that target the messaging
infrastructure itself
™
IPS utilizes signature- and
Secure, flexible remote access
UTM-1 Total Security appliances can connect employees and
business partners to your trusted network through flexible
IPSec or SSL-based remote access, working seamlessly with
a variety of VPN agents.
THE SIMPLICITY YOU WANT
All-inclusive turnkey solution
Everything you need in a UTM network security solution is
provided by UTM-1 Total Security appliances—for up to three
years. This includes:
• Allsecurityprotections
• Allsecurityupdates
• Hardwarewarranty
Integrated SmartCenter management
UTM-1 Total Security appliances come with integrated
SmartCenter
manage multiple appliances and other Check Point products
from a single console. It centrally stores and distributes
security policy for the entire infrastructure, eliminating the
need to maintain each site and gateway separately, reducing
administrative burden and errors, ensuring consistency
across the network. Through the intuitive SmartDashboard,
administrators define and manage elements of a security
policy: firewall security, network address translation, Quality
of Service (QoS), VPN agent security, and VPNs.
Centralized, automatic updates
SmartDefense Services enable you to configure UTM-1
into a preemptive security solution, capable of ensuring
your networks are safe from new attacks via ongoing and
automatic defense updates.
Quick setup
UTM-1 Total Security appliances can be easily set up with the
first-time configuration wizard. This truly simple deployment
process is as easy as:
• Plugginginandturningontheappliance
• Followingtheonscreenwizard
• LaunchingtheSmartCentermanagementinterface
™
management, offering the ability to centrally
Web filtering
UTM-1 Total Security appliances stop inappropriate Web
surfing with best-of-breed Web filtering that covers 20million-plus URLs, so you can define an online
acceptable-use policy for your organization.
Simple site-to-site connectivity
With UTM-1 Total Security appliances, you can simplify the
setup of site-to-site VPNs and remote access. Manual setup
of node-to-node VPN tunnels and security for an entire VPN
is replaced by a One-Click process, where new sites and
remote users are added automatically.
The first-time configuration wizard makes configuring UTM-1 Total
Security appliances easy.
puresecurity
™
All-inclusive, all secured
SUPPORT OPTIONS
Check Point offers many technical support options for customers. These range from the Standard support plan that provides
telephone assistance during normal business hours with next-day shipment of replacement appliances, to the Premium support
plan providing 24/7 assistance with same-day replacement shipment, up to the Premium+4H plan that provides a qualified engineer
on-site within four hours to solve any appliance-related issues. For more information on these or other service and support offerings
available in your geography, please contact your Check Point representative or visit the Support section of the Check Point Web site.
UTM-1 TOTAL SECURITY SPECIFICATIONS
Protection Details
Firewall
Protocol/application support 200-plus
VoIP protection SIP, H.323, MGCP, and SCCP with NAT support
Instant messaging control MSN, Yahoo, ICQ, and Skype
Peer-to-peer blocking Kazaa, Gnutella, BitTorrent
Network address translation Static/hide NAT support with manual and automatic rules
IPSec VPN
Encryption support AES 128-256 bit, 3DES 56-168 bit
Authentication methods Password, RADIUS, TACACS, X.509, SecurID
Certificate authority Integrated certificate authority (X.509)
VPN communities Automatically sets up site-to-site connections as objects are created
Topology support Star and mesh
Route-based VPN Utilizes virtual tunnel interfaces; numbered/unnumbered interfaces
VPN agent support Complete endpoint security with VPN, desktop firewall
SSL VPN
SSL-based remote access Fully integrated SSL VPN gateway provides on-demand SSL-based access
SSL-based endpoint scanning Scans endpoint for compliance/malware prior to admission to the network
Intrusion prevention
Network-layer protection Blocks attacks such as DoS, port scanning, IP/ICMP/TCP-related
Application-layer protection Blocks attacks such as DNS cache poisoning, FTP bounce, improper commands
Detection methods Signature-based and protocol anomaly
Antivirus/anti-spyware
Antivirus protection Protects HTTP, FTP, POP3, and SMTP protocols
Anti-spyware blocks Pattern-based spyware blocking at the gateway
Updates Centralized, daily updates
Web filtering
URL database 20 million-plus URLs covering 3 billion-plus Web pages
Language support More than 70 languages spanning 200 countries
Updates Centralized, daily updates (100,000-plus new sites a week)
Messaging security
Email IPS SMTP, POP3, and IMAP attack protection
Pattern-based anti-spam Detects spam based on dynamic database of signatures
IP reputation checking Blocks spam and malware by sender
Signature-based antivirus First layer of protection from viruses and malware
Zero-hour outbreak protection Complements signature-based protection to block new outbreaks
Block/allow lists Provides granular control over specific domains and users
Management and reporting
Centralized management Includes centralized management
Monitoring/logging SmartView Tracker
Reporting Express reports
Command line interface Telnet, SSH
Networking
DHCP support SecurePlatform
ISP redundancy Protocol-based, source/destination and port route decisions
Routing support OSPF, BGP, RIP v1/2, Multicast
Layer-2 bridge support Transparently integrates into existing network
Performance and availability
High availability Active/passive and active/active failover options
Load balancing ClusterXL
Quality of Service Floodgate-1
ISP redundancy Automatically reroutes traffic to second interface
™
provides advanced monitoring and logging
™
DHCP server and relay
®
provides near linear scaling
®
provides granular QoS control
puresecurity
™
UTM-1 TOTAL SECURITY APPLIANCE SPECIFICATIONS
UTM-1 270 UTM-1 450 UTM-1 570 UTM-1 1050 UTM-1 2050 UTM-1 3070
Software edition NGX R65 NGX R65 NGX R65 NGX R65 NGX R65 NGX R65
10/100 ports — — — 4 4 N/A
10/100/1000 ports 4 4 4 4 4 10
Firewall throughput 400 Mbps 400 Mbps 1.1 Gbps 1.2 Gbps 2.4 Gbps 4.5 Gpbs
VPN throughput 100 Mbps 200 Mbps 250 Mbps 220 Mbps 380 Mbps 1.1 Gbps
Concurrent sessions 400,000 700,000 500,000 800,000 1.1 million 1.1 million
Users supported Unlimited Unlimited Unlimited Unlimited Unlimited Unlimited
VLANs 256 256 256 256 256 256
Storage 160 Gb 80 Gb 160 Gb 80 Gb 80 Gb 160 Gb
Enclosure 1U 1U 1U 1U 1U 1U
Dimensions
(standard)
Dimensions (metric)
Weight 3.7kg (8.1lbs) 5.0kg (11lbs) 3.7kg (8.1lbs) 7.4kg (16.3lbs) 7.4kg (16.3lbs) 6.5kg (14.3lbs)
16.8 x 10
x 1.73 in.
429 x 255
x 44mm
16.77 x 14.31
x 1.71 in.
426 x 365
x 43.5mm
16.8 x 10
x 1.73 in.
429 x 255
x 44mm
16.77 x 17
x 1.71 in.
426 x 431.8 x
43.5mm
16.77 x 17
x 1.71 in.
426 x 426
x 431.8mm
17.4 x 15
x 1.73 in.
443 x 381
x 44mm
Operating environment Temperature: 5° to 40° C, Humidity: 10%-85% non-condensing, Altitude: 2,500m
Power input
100~240V,
50~60Hz
100~240V
50~60Hz
100~240V,
50~60Hz
100~240V
50~60Hz
100~240V
50~60Hz
100~240V,
50~60Hz
Power consumption 65W (max.) 81W (max.) 65W (max.) 186W (max.) 188W (max.) 250W (max.)
UL 60950; FCC Part 15, Subpart B, Class A; EN 55024; EN 55022; VCCI V-3;
Compliance
AS/NZS 3548:1995; CNS 13438 Class A (test passed; country approval pending);
KN22, KN61000-4 Series, TTA; IC-950; ROHS
Note: All UTM-1 models come with a 3-year hardware warranty.
Worldwide Headquarters
CONTACT CHECK POINT
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. Check Point, AlertAdvisor, Application Intelligence, Check Point Endpoint Security, Check Point Endpoint Security On
Demand, Check Point Express, Check Point Express CI, the Check Point logo, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement,
Cooperative Security Alliance, CoreXL, CoSa, DefenseNet, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer,
FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless Security, Integrity SecureClient, InterSpect, IPS-1, IQ Engine, MailSafe, NG, NGX, Open
Security Extension, OPSEC, OSFirewall, Pointsec, Pointsec Mobile, Pointsec PC, Pointsec Protector, Policy Lifecycle Management, Provider-1, PureAdvantage, PURE Security, the puresecurity logo,
Safe@Home, Safe@Office, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL, SecureXL Turbocard,
Security Management Portal, Sentivist, SiteManager-1, SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro, SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense,
SmartDefense Advisor, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SMP, SMP
On-Demand, SofaWare, SSL Network Extender, Stateful Clustering, TrueVector, Turbocard, UAM, UserAuthority, User-to-Address Mapping, UTM-1, UTM-1 Edge, UTM-1 Edge Industrial, UTM-1
Total Security, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-1 Power, VPN-1 Power Multi-core, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1
SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VSX, Web Intelligence, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus, ZoneAlarm ForceField, ZoneAlarm
Internet Security Suite, ZoneAlarm Pro, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd.
or its affiliates. ZoneAlarm is a Check Point Software Technologies, Inc. Company. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The
products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, and 7,165,076 and may be protected by other U.S. Patents,
foreign patents, or pending applications.
April 18, 2008 P/N 502887
5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: info@checkpoint.com
U.S. Headquarters
800 Bridge Parkway, Redwood City, CA 94065 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com
Loading...