UTM-1 Edge设备
更全面更安全更广泛
总体介绍
Check Point UTM-1™ Edge设备可提供成熟的一流安全性,并且降低了成本和复杂性,开箱即用!中小型企业能够在分支机构和小型办公室快速、轻松地部署全面的保护,包括防火墙、IPS和防恶意软件程序。出色的性能、强大的集中管理和先进的无线选项,为您提供简单的一体化解决方案,具有无可比拟的价值。全新的UTM-1 Edge N系列设备能够提供千兆级的防火墙性能和增强的安全性与连接性。
关键优势:
- 在单个设备中为中小型企业和分支机构办公室提供全面的企业级安全性
- 千兆级的防火墙性能;
- 在单一的中央控制台对多达数千个远程设备进行管理
- 802.11n WiFi与3G无线网络的无缝连接
- 能够轻松快速地进行部署,最大限度地减少IT资源
产品性能
安全特点
网络
管理
硬件选项
一流的集成防火墙和IPS
在采用与保护财富100强企业相同的Check Point技术的基础上,UTM-1 Edge设备包含了行业内最成熟的防火墙技术。全面的网络访问控制(NAC)能够阻截IM和P2P等垃圾应用,同时,先进的入侵防御系统(IPS)还能确保远程站点免遭已知和未知威胁的侵害,例如拒绝服务、Post扫描和缓冲区溢出等。
安全连接
IPSec VPN 连接保护着站点到站点与远程位置之间的通信。支持多个VPN客户端,例如Check Point Endpoint Connect、SecureClient、SecuRemote和L2TP,为用户带来灵活性。
防恶意软件与邮件安全
网关集成了恶意软件防护功能,能够在蠕虫和病毒进入网络之前阻截它们。在运行中能够解压所有大小的文件进行全面扫描。Check Point邮件安全能够阻截垃圾邮件,并为企业的信息基础架构提供全面的保护。
| IP信誉防止垃圾邮件 |
根据动态数据库已知的恶意IP地址,通过检查发件人的信誉,阻断连接层的垃圾邮件和恶意软件。 |
|
基于内容的防垃圾邮件 |
通过在具有数百万个已知垃圾邮件签名的动态数据库中对每封收到邮件的“指纹”进行比对,预防已知各种形式的垃圾邮件。 |
| 阻截/允许反垃圾邮件列表 |
阻截垃圾邮件的发送者,允许可信的发件人。能够阻截或允许整个域。 |
| 邮件防病毒 |
在蠕虫和病毒进入网关之前阻截它们。支持标准的电子邮件协议(POP3、IMAP和SMTP),包括基于Web的电子邮件。 |
| IPS电子邮件服务器保护 |
预防各种安全威胁,包括针对信息基础架构的拒绝服务攻击。 |
网站过滤
最佳的URL过滤服务能够使企业确定Web访问的策略。访问包含间谍软件和病毒的潜在恶意网站,以及不当的Web内容将被阻截。
网络访问控制(NAC)
基于802.1X端口的认证,支持NAC以分支机构办公室的用户特权和策略合规性为基础。对扩展的认证协议(EAP)的内置支持,无需外部RADIUS服务器即可支持WPA Enterprise和802.1X访问控制。这就使NAC更加易于使用,即使是在小型网络中。
网络
安全热点支持
通过创建基于Web的安全热点,管理员能够轻松地支持访客访问网络。在允许访问企业资源之前,需要进行用户认证和/或使用条件批准。
高可用性
高可用性选项能够确保安全功能与企业关键应用及其他网络活动保持同步。UTM-1 Edge设备支持WAN冗余和负载平衡,以确保持续的连接性和服务可用性。如果宽带连接不可用,那么拨号支持能够提供一种备用的互联网连接。
服务质量
全面的流量管理参数,例如加权优先级、带宽保证及带宽限制能够在单一的互联网连接中,保证企业关键数据或对延迟敏感的流量的服务质量。无线多媒体QoS支持企业确定多个音频、视频和语音应用的流量优先级。
管理
集中的大型管理
管理员能够从一个集中的Check Point安全管理或Provider-1控制台,对包括内部安全、主要站点和远程站点在内的整个网络制定安全策略。SmartProvisioning™是基于建档的附加管理功能,专为大型VPN和安全装置而设计,管理员利用此附加功能,能够制定一个安全建档,并将它同时应用于数千个UTM-1 Edge设备,从而大幅降低了部署时间和管理费用。
快速简单设置
UTM-1 Edge设备能够在10分钟之内完成安装,提供真正的简单部署,减少了IT资源的使用。即使是非技术人员也能够轻松地执行初始设置和配置。
集中的自动更新
可选的Check Point更新服务能够为IPS保护、防病毒签名、防垃圾邮件数据库和Web过滤服务提供更新。更新能够按照预设置的周期自动进行下载并发送到远程位置。同时还包括配置与“最佳实践”安全策略。
硬件
安全的无线连接
UTM-1 Edge W设备集成了一个WiFi接入点(802.11b/g/n),支持多种安全协议,包括802.1x、IPsec over WLAN、RADIUS、WEP、WPA和WPA2认证。它们还拥有专用的WLAN接口,您可以为WLAN网段设置特定的安全规则。另外,无线接口还可被分为多达4个虚拟接入点,每个接入点都有单独的安全策略和加密方法。
集成的ADSL调制解调器
UTM-1 Edge设备适用于集成的高速ADSL调制解调器,而不再需要外部ADSL调制解调器,并且为管理员提供简单的部署选项。支持最新标准,包括ADSL v2/2+、Annex A和Annex B。
UTM-1 Edge 行业版
The UTM-1 Edge 行业版设备专门设计用来保护工业以太网环境和数据采集与监视控制系统(SCADA)和设备,从未经授权的访问和攻击。UTM-1 Edge Industrial设备符合在灰尘、热量和振动行业标准,使它们在严格条件下的耐久性达到最大化。UTM-1 Edge Industrial设备采用固态设计,没有运动部件,也就不存在一段时间后磨损的情况。该设备有灵活的安装选项,如可以采用DIN导轨、机架和墙壁方式安装。
Technical Specifications
| UTM-1 Edge N Series | UTM-1 Edge N |
UTM-1 Edge NW |
|---|---|---|
| Firmware Version | Embedded NGX 8.1 | |
| Concurrent Users | 32/Unlimited | |
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Hardware Features | ||
| Firewall Throughput (Mbps) | 1,000 | |
| VPN Throughput (Mbps) | 200 | |
| Concurrent Firewall Connections | 60,000 | |
| Four Port LAN Switch | 10/100/1000 Mbps | |
| WAN Port | 10/100/1000 Mbps | |
| USB Ports | 0 | 2 |
| Console Port (Serial) |  |
|
| Connectivity | 3G | |
| Wall Mounting Kit | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Firewall & Security Features | ||
| Check Point Patented Stateful Inspection Firewall | |
|
| Application Intelligence (IPS) | |
|
| Instant Messenger Blocking/ Monitoring | ICQ, MSN Messenger, Skype, Yahoo | |
| P2P File Sharing Blocking/ Monitoring | BitTorrent, eMule, Gnutella, KaZaA, Winny | |
| Port-based and Tag-based VLAN | |
|
| Port-based Security (802.1x) | |
|
| Secure HotSpot (Guest Access) | |
|
| Gateway Antispam* | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Gateway Antivirus* | ||
| Antivirus Supported Protocols | HTTP, FTP, NBT, POP3, IMAP, SMTP, User-defined TCP and UDP ports | |
| On the fly decompression | |
|
| Unlimited file size inspection | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| URL Filtering | ||
| Category Based | |
|
| Embedded Web Rules | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| VPN | ||
| Remote Access Client Software | Check Point VPN-1® SecuRemote™ (included)/L2TP IPSec VPN client, Endpoint Connect VPN client | |
| Bundled Remote Access Client Software | Unlimited (Check Point VPN-1 SecuRemote) | |
| Site-to-site VPN | |
|
| Remote Access VPN | |
|
| VPN Tunnels | 400 | |
| Remote Access VPN Profiles | Unlimited | |
| Site-to-site VPN Profiles | Up to 15 | |
| IPSec Features | Hardware accelerated DES, 3DES, AES, MD5, SHA-1, Hardware Random Number Generator (RNG), Internet Key Exchange (IKE), Perfect Forward Secrecy (PFS), IPSec Compression, IPSec NAT Traversal (NAT-T) | |
| L2TP VPN Server | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Wireless LAN (UTM-1 Edge NW) | ||
| Wireless Protocols | IEEE 802.11b/g/n | |
| Wireless Security | 802.1z, IPSec over Wireless, MAC address filtering, WEP, WPA, WPA2, WPA-PSK | |
| Wireless Range (Standard Mode) | Up to 100 meters indoors/Up to 300 meters outdoors | |
| Wireless Distribution System (WDS) | |
|
| Multiple Access Points | |
|
| Dual Diversity Antennas | |
|
| Wireless Multimedia QoS (WMM) | |
|
| Hot Spot Mode | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Networking | ||
| Supported Standards | Static IP, DHCP, PPPoE, PPTP, Telstra | |
| Backup ISP and Load Balancing | |
|
| Dialup Backup | Serial | USB, Serial |
| Traffic Shaper (QoS) | Advanced | |
| Automatic Gateway Failover (HA) | |
|
| Dynamic Routing | OSPF, BGP | |
| Print Server | - | |
| Integrated DNS server | |
|
| USB Rapid Deployment | |
|
| Interface Monitor | |
|
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Management | ||
| HTTP / HTTPS / SSH / SNMP / SmartCenter / SmartLSM / Provider-1 / SMP / SMP-On-Demand | |
|
| Local Diagnostic Tools | Ping, WHOIS, Packet Sniffer, VPN Tunnel Monitor, Connection Table Monitor, Wireless Monitor, Active Computers Display, Local Logs | |
UTM-1 Edge N |
UTM-1 Edge NW |
|
| Physical Specifications | ||
| Dimensions (HxWxD) | 20.32 x 3.05 x 12.19 cm (8’ x 1.2’ x 4.8’) | |
| Weight | 0.7 kg (1.56 lbs) | |
| Operating Environmental Range | Temperature | Operational: 0ºC - 40ºC Storage/Transport: -5ºC - 80ºC |
| Humidity | 10% - 90% (non-condensed) | |
| Power | 100-240 VAC, 50-60 Hz (Depending on Country) | |
| MTBF | 68,000 Hours | |
| Regulatory compliance | FCC Part 15 Class B, CE | |
| Warranty | 1 year | |
| UTM-1 Edge X Series | UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|---|---|---|---|---|
| Firmware Version | Embedded NGX 8.1 | |||
| Concurrent Users | 8/16 | |||
| Hardware Features | ||||
| Firewall Throughput (Mbps) | 190 | |||
| VPN Throughput (Mbps) | 35 | |||
| Concurrent Firewall Connections | 8,000 | |||
| Four Port LAN Switch | 10/100 Mbps | |||
| WAN Port | 10/100 Mbps | ADSL2+ | ||
| USB Port | 0 | 2 | 2 | 2 |
| Console Port (Serial) | |
|||
| Wall Mounting Kit | |
|||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| Firewall & Security Features | ||||
| Check Point Patented Stateful Inspection Firewall | |
|||
| Application Intelligence (IPS) | |
|||
| Instant Messenger Blocking/ Monitoring | ICQ, MSN Messenger, Skype, Yahoo | |||
| P2P File Sharing Blocking/ Monitoring | BitTorrent, eMule, Gnutella, KaZaA, Winny | |||
| Port-based and Tag-based VLAN | |
|||
| Port-based Security (802.1x) | |
|||
| Secure HotSpot (Guest Access) | |
|||
| Gateway Antispam* | |
|||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| Gateway Antivirus* | ||||
| Antivirus Supported Protocols | HTTP, FTP, NBT, POP3, IMAP, SMTP, User-defined TCP and UDP ports | |||
| On the fly decompression | |
|||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| URL Filtering | ||||
| Category Based | |
|||
| Embedded Web Rules | |
|||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| VPN | ||||
| Remote Access Client Software | Check Point VPN-1® SecuRemote™ (included)/L2TP IPSec VPN client, Endpoint Connect VPN client | |||
| Bundled Remote Access Client Software | Unlimited (Check Point VPN-1 SecuRemote) | |||
| Site-to-Site VPN | |
|||
| Remote Access VPN | |
|||
| VPN Tunnels | 100 | |||
| Remote Access VPN Profiles | Up to 25 | |||
| Site To Site VPN Profiles | Unlimited | |||
| IPSec Features | Hardware accelerated DES, 3DES, AES, MD5, SHA-1, Hardware Random Number Generator (RNG), Internet Key Exchange (IKE), Perfect Forward Secrecy (PFS), IPSec Compression, IPSec NAT Traversal (NAT-T) | |||
| L2TP VPN Server | |
|||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| Wireless LAN (UTM-1 Edge XW, UTM-1 Edge XW ADSL) | ||||
| Wireless Protocols | IEEE 802.11b/g | IEEE 802.11b/g | ||
| Wireless Security | 802.1x, IPSec over Wireless, MAC address filtering, WEP, WPA, WPA2, WPA-PSK | 802.1x, IPSec over Wireless, MAC address filtering, WEP, WPA, WPA2, WPA-PSK | ||
| Wireless Range (Standard Mode) | Up to 100 meters indoors/Up to 300 meters outdoors | Up to 100 meters indoors/Up to 300 meters outdoors | ||
| Wireless Distribution System (WDS) | |
|
||
| Multiple Access Points | |
|
||
| Dual Diversity Antennas | |
|
||
| Wireless Multimedia QoS (WMM) | |
|
||
| Hot Spot Mode | |
|
||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
| Networking | ||||
| Supported Standards | Static IP, DHCP, PPPoE, PPTP, Telstra | Static IP, DHCP, PPPoE, PPTP, Telstra, EoA, PPPoA | ||
| Backup ISP & Load Balancing | |
|||
| Dialup Backup | Serial | Serial, USB | Serial, USB | Serial, USB |
| Traffic Shaper (QoS) | Advanced | |||
| Automatic Gateway Failover (HA) | |
|||
| Dynamic Routing | BGP, OSPF | |||
| Print Server | - | |
|
|
| Integrated DNS server | |
|||
| USB Rapid Deployment | |
|||
| Interface Monitor | |
|||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| Management | ||||
| HTTP / HTTPS / SSH / SNMP / SmartCenter / SmartLSM / Provider-1 / SMP / SMP-On-Demand | |
|||
| Local Diagnostic Tools | Ping, WHOIS, Packet Sniffer, VPN Tunnel Monitor, Connection Table Monitor, Wireless Monitor, Active Computers Display, Local Logs | |||
UTM-1 Edge X |
UTM-1 Edge W |
UTM-1 Edge X ADSL |
UTM-1 Edge W ADSL |
|
|---|---|---|---|---|
| Physical Specifications | ||||
| Dimensions (HxWxD) | 20.32 x 3.05 x 12.19 cm (8’ x 1.2’ x 4.8’) | |||
| Weight | 0.7 kg (1.56 lbs) | |||
| Operating Environmental Range | Temperature | Operational: 0ºC - 40ºC Storage/Transport: -5ºC - 80ºC | ||
| Humidity | 10% - 90% (non-condensed) | |||
| Power | 100-240 VAC, 50-60 Hz (Depending on Country) | |||
| MTBF | 68,000 Hours | |||
| Regulatory compliance | FCC Part 15 Class B, CE | |||
| Warranty | 1 year | |||
| UTM-1 Edge Industrial
|
|||
|---|---|---|---|
| Physical Attributes | |||
| Dimensions (width x height x depth) |
200 x 32 x 128 mm (7.87 x 1.26 x 5.04 inches) | ||
| Weight | Without DIN rail adapter: 650 g (1.43 lbs) With DIN rail adapter: 750 g (1.65 lbs) | ||
| Retail box dimensions (width x height x depth) |
290 x 250 x 76 mm (11.42 x 3.14 x 9.84 inches) | ||
| Retail box weight | 1.35 kg (2.98 lbs) | ||
| 24V DC Power Input | |||
| Power Supply Nominal Output | +24V DC @ 0.6A | ||
| Max. Power Consumption | 9W 14W (including USB devices) |
||
| 5V Power Supply Unit | |||
| Power Supply Nominal Input | 9W 100 ~ 240 VAC; 47 ~ 63Hz |
||
| Power Supply Nominal Output | +5V DC @ 3A | ||
| Max. Power Consumption | 9W 14W (including USB devices) |
||
| EMI | |||
| Power Supply Nominal Input | 9W 100 ~ 240 VAC; 47 ~ 63Hz |
||
| Max. Power Consumption | 9W 14W (including USB devices) |
||
| EMI | ||||
|---|---|---|---|---|
| Standard | Description | Comments | ||
| CISPR 22 EN 55022 |
Radiated and Conducted EMI Limits | Class B | ||
| EN 61000-3-2 | Harmonic current emission | Class A | ||
| EN 61000-3-3 | Voltage fluctuations & flicker | Pst Measurement: 0.001, Limit: 1.0 Plt Measurement: 0.001, Limit: 0.65 Tdt (ms) Measurement: 0, Limit: 500 dmax (%) Measurement: 0, Limit: 4% dc (%)Measurement: 0, Limit: 3.3% |
||
| EN 55024 | Immunity | |||
| IEC 61000-4-2 | Electrostatic Discharge (ESD) | 8 kV air discharge, 4 kV Contact discharge, Performance Criterion B |
||
| IEC 61000-4-3 | Radiated, radio-frequency, electromagnetic field immunity | 80-1000 MHz, 3 V/m, 80% AM (1 kHz), Performance Criterion A |
||
| IEC 61000-4-4 | Electrical fast transient / burst immunity | AC Power line: 1 kV, DC Power line: 0.5 kV Signal line: 0.5 kV Performance Criterion B |
||
| IEC 61000-4-5 | Surge immunity | 1.2/50 us Open Circuit Voltage, 8/20 us Short Circuit Current AC Power Line: line to line 1 kV, line to earth 2 kV DC Power Line: line to earth 0.5 kV Signal line: 1 kV Performance Criterion B |
||
| IEC 61000-4-6 | Immunity to conducted disturbances, induced by radio-frequency fields | 0.15-80 MHz, 3 Vrms, 80% AM, 1 kHz, Performance Criterion A |
||
| IEC 61000-4-8 | Power frequency magnetic field immunity. | 50 Hz, 1 A/m, Performance Criterion A |
||
| IEC 61000-4-11 | Voltage dips, short interruptions and voltage variations immunity | i) >95% reduction -0.5 period, Performance Criterion B ii) 30% reduction – 25 period, Performance Criterion C Voltage Interruptions: i) >95% reduction – 250 period, Performance Criterion C |
||
| Safety | ||||
|---|---|---|---|---|
| Standard | Description | |||
| EN 60950-1 | Safety of Information Technology Equipment | |||
| Reliability | ||
|---|---|---|
| Standard | Description | Comments |
| EN 300 019-2-1 T1.2 | Environment (Storage) | Low Temperature: -5°C, 72 Hours High Temperature: 55°C, 72 Hours Humidity: 30°C, 93%, 96 Hours Sine Vibration: 5-62-200Hz/5°/s,2g,1 octave/minute, 5 cycles/axis, 96 hours Random Vibration: 5-10-50-100Hz/+12dB-0.0002g2/Hz - 12dB, 30 minutes/axis, 3 hours |
| EN 300 019-2-2 T2.3 | Environment (Transportation) | Low Temperature: -40°C, 72 Hours High Temperature: 70°C, 72 Hours Temperature Change: -40°C~+30°C, 3 hours dwell, 5 cycles, 1°C/minute Humidity: 40°C, 93%, 96 Hours Humidity Cycling: 40°C, 95%, 2 cycles Water: 0.01m3/minute, 90 Kpa, 15 minutes Random Vibration: 5-20-200Hz/0.01g2/Hz - 3dB, 30 minutes/axis, 1.5 hours Bump: 6ms, 18g, 100 bumps per face Drop: 100 cm, 1 corner, 3 edges and 6 face |
| EN 300 019-2-3 T3.2 | Environment (Operational) | Low Temperature: -5°C, 16 Hours (with cold start test) High Temperature: 55°C, 16 Hours (with hot start test) Temperature change: 25°C~+55°C, 3 hours dwell, 5 cycles, 0.5°C/minute, 30 hours Humidity: 30°C, 93%, 96 Hours Humidity Cycling: 55°C, 50~95%, 1 cycles Sine Vibration: 5-62-200Hz/5°/s-0.2g,1 octave/minute, 5 cycles/axis, X, Y and Z axes, 6 hours Random Vibration: 5-10-50-100Hz/+12dB-0.0002g2/Hz - 12dB, 30 minutes/axis, X, Y and X axes, 1.5 hours Shock: Half-sine, 11ms, 3g, 6 shocks per axis |
| Extended Temperatures | Extended Temperatures Test | Temperature change: -20°C~+ 55°C, 12 cycles, 72 hours, with cold start / hot start test. Low temperature: -20°C, 24 hours High temperature: 55°C, 24 hours |
| MTBF | 370,000 hours | Telcordia (Bellcore) model, SR-332, with Hirschmann RPS30 Industrial 24V DC power supply. |
| Environment | ||||
|---|---|---|---|---|
| Standard | Description |
|||
| RoHS | EC Directive on Restriction of Hazardous Substances |
|||
| WEEE | EC Directive on Waste Electrical and Electronic Equipment (WEEE) |
|||
服务支持&维修
Check Point为客户提供了一系列的服务支持计划,涵盖各种软件和硬件的问题。
Check Point提供在线服务支持,包括电话和线上沟通,或者通过合作伙伴的网络为您提供服务支持。您可以通过Check Point User Center在线提交服务申请,获得服务支持。
针对硬件的服务计划
Check Point的硬件支持计划为您提供技术支持,软件更新和升级、对故障硬件给予置换。请访问我们的支持计划网页,了解更多的信息,或点击计划比较了解各项计划的不同之处
硬件保修
Check Point的安全设备在售出一年之内如硬件出现问题,可以免费获得保修。客户可通过RMA流程申请保修。具体信息请访问Hardware Warranty
Check Point企业支持生命周期策略
Check Point企业支持生命周期策略概述了产品生命周期的产品支持指南。本策略的目标在于标准化和规范化产品生命周期实践,以便Check Point客户获得更多有关采购、支持和升级决策的信息。
本策略涵盖所有Check Point产品(由Check Point销售的第三方产品除外)。在有效的支持与维护协议下运行Check Point产品的客户享有与本策略相关的优惠。
©2003-2008 Check Point Software Technologies Ltd. All rights reserved.