Check Point UTM-1 Edge Appliances
Comprehensive UTM security for branch offices
- Integrates enterprise-class Firewall, IPS,VPN, NAC, URL Filtering, Anti-malware and Messaging Security
- Comprehensive, all-in-one security appliances for SMB/MSSP segments-starting at just $600
Easy Deployment and Management
- Manage thousands of remote appliances from a single, central console
- Automatic software updates, monitoring and reporting-all built-in
Advanced Connectivity
- Seamless 802.11n WiFi and 3G wireless connectivity
- Support for ADSL annexe A or B
High availability and performance
- Gigabit Firewall performance and multi-Gigabit port-density for increased bandwidth demands
- High availability and load balancing for persistent connectivity and service availability
Security
UTM-1 Edge appliances include the industry's most proven security solution to secure your business.
Best-in-class Integrated Firewall and IPS
UTM-1 Edge appliances include the industry’s most proven firewall technology, based on the same Check Point technologies that secure the Fortune 100. Comprehensive network access control (NAC) allows blocking of unwanted applications such as IM and P2P, while an advanced intrusion prevention system (IPS) ensures protection of remote sites from both known and unknown threats, such as Denial-of-Service, port scans and buffer overflows.
Secure Connectivity
IPSec VPN connectivity secures communications between site-to-site and remote locations. Support for multiple VPN clients - such as Check Point Endpoint Connect, SecureClient, SecuRemote and L2TP - offers flexibility for users.
Anti-malware and Messaging Security
Malware protection is integrated at the gateway, blocking worms and viruses before they enter the network. On-the-fly decompression of unlimited file sizes enables thorough scanning. Check Point Messaging Security blocks spam and provides comprehensive protection for an organizations’ messaging infrastructure.
|
IP reputation anti-spam |
Checks the sender's reputation against a dynamic database of known-bad IP addresses, blocking spam and malware at the connection level.
|
|
Content-based anti-spam |
Blocks known spam by comparing a ’fingerprint’ of each incoming email with a dynamic database containing millions of known spam signatures. |
| Block/allow list anti-spam |
Blocks email offenders while allowing trusted senders. Can block or allow entire domains.
|
| Mail antivirus |
Blocks worms and viruses at the gateway. Supports standard email protocols (POP3, IMAP, and SMTP), including Web-based email.
|
| IPS email server protection |
Protects against a broad range of threats, including denial-of-service attacks that target the messaging infrastructure itself.
|
Web Filtering
Best-of-breed URL filtering services allow companies to define Web access policies. Access to potentially malicious Web sites containing spyware and viruses, as well as inappropriate Web content can be blocked.
Network Access Control (NAC)
802.1X port-based authentication allows NAC based on user privileges and policy compliance at branch offices. Built-in support for the extended authentication protocol (EAP) enables WPA Enterprise and 802.1X access control without an external RADIUS server. This makes NAC easier to use, even in small networks.
Network
Includes integrated ADSL modem, secure hot spot support, high availability, QoS and advanced wireless feature-set
Integrated ADSL Modem
UTM appliances are available with integrated, high-speed ADSL modems, eliminating need for external modems and providing deployment simplicity. The latest standards, including ADSL v2/2+, Annex A and Annex B are supported.
Secure Hot Spot Support
Administrators can easily enable guest access to networks by creating Web-based secure hot spots. User authentication and/or terms-of-use can be required before granting access to corporate resources.
High Availability
High-availability options ensure that security functions keep pace with business-critical applications and other network activity. UTM-1 Edge appliances support WAN redundancy and load-balancing to ensure persistent connectivity and service availability. Should the broadband connection become unavailable, dialup support can provide a backup Internet connection.
Quality–of–Service (QoS)
Comprehensive traffic management parameters - such as weighted priorities, bandwidth guarantees and bandwidth limits – can guarantee QoS for business-critical or latency-sensitive traffic over a single Internet connection. Wireless Multimedia QoS allows companies to prioritize traffic from multiple audio, video and voice applications.
Management
UTM-1 appliances are easy to configure, deploy and centrally managed.
Centralized, Large Scale Management
Administrators can define security policy for the entire network - including internal security, main sites, and remote sites – from a single, centrally located Check Point Security Management or Provider-1 console. With the addition of SmartProvisioning™, a profile-based management add-on designed for large-scale VPN and security installations, administrators can define a single security profile and apply it simultaneously to thousands of UTM-1 Edge appliances - dramatically reducing deployment time and administrative overhead.
Quick and Easy Setup
UTM-1 Edge appliances can be set up in less than 10 minutes, offering truly simple deployment to sites that have minimal IT resources. Even non-technical staff can easily perform initial setup and configuration
Centralized, Automatic Updates
Optional Check Point Update Service provide updates for IPS protections, antivirus signatures, anti-spam database and Web filtering services. Updates can be downloaded automatically and distributed to remote locations at preset intervals. Configuration and ‘best practices’ security policies are also included.
UTM-1 Edge N Series
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Firmware Version | Embedded NGX 8.2 | |||
| Concurrent Users | 16/32/Unlimited | |||
Hardware Features
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Firewall Throughput (Mbps) | 1,000 | |||
| VPN Throughput (Mbps) | 200 | |||
| Concurrent Firewall Connections | 60,000 | |||
| LAN Switch | 4 Ports, 10/100/1000 Mbps | |||
| WAN Port | 10/100/1000 Mbps | ADSL 2/2+ | ||
| DMZ/WAN2 Port | 10/100/1000 Mbps | |||
| USB Ports | 0 | 2 | 2 | 1 |
| SFP Port | 0 | 1 | 0 | |
| ExpressCard 3G Modem Slot | ✔ | |||
| Console Port (Serial) | ✔ | |||
| Cellular Connectivity | ✔ | |||
| Wall Mounting Kit | ✔ | |||
Firewall & Security Features
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Check Point Patented Stateful Inspection Firewall | ✔ | |||
| Application Intelligence (IPS) | ✔ | |||
| Instant Messenger and P2P Blocking/ Monitoring | ✔ | |||
| Port-based and Tag-based VLAN | ✔ | |||
| Network Access Control (802.1x) | ✔ | |||
| Integrated RADIUS Server | ✔ | |||
| Secure HotSpot (Guest Access) | ✔ | |||
Add-on Services*
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Gateway Antivirus | ✔ | |||
| Antivirus Supported Protocols | HTTP, FTP, NBT, POP3, IMAP, SMTP, user-defined TCP and UDP ports | |||
| On-the-Fly Decompression | ✔ | |||
| Embedded Antispam | ✔ | |||
| Web Filtering | ✔ | |||
VPN
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Remote Access Client Software | Check Point VPN-1 SecuRemote (included)/L2TP IPSec VPN client, Endpoint Connect VPN client | |||
| Site-to-site VPN | ✔ | |||
| Remote Access VPN | ✔ | |||
| VPN Tunnels | 400 (with management) | |||
| Remote Access VPN Profiles | Unlimited | |||
| Site-to-site VPN Profiles | Unlimited | |||
| IPSec Features | Hardware accelerated DES, 3DES, AES, MD5, SHA-1, Hardware Random Number Generator (RNG), Internet Key Exchange (IKE), Perfect Forward Secrecy (PFS), IPSec compression, IPSec NAT Traversal (NAT-T) | |||
| L2TP VPN Server | ✔ | |||
Networking
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Supported Standards | Static IP, DHCP, PPPoE, PPTP, Telstra, L2TP | |||
| Backup ISP and Load Balancing | ✔ | |||
| Dialup Backup | Serial | USB, Serial | ||
| Traffic Shaper (QoS) | Advanced* | |||
| Automatic Gateway Failover (HA) | ✔* | |||
| Dynamic Routing * | OSPF, BGP, RIP | |||
| Multicast Routing * | DVMRP, PIM SM v2 | |||
| Print Server | n/a | ✔ | ||
Management
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| HTTP / HTTPS / SSH / SNMP / SMP / SMP On-Demand | ✔ | |||
| Local Diagnostic Tools | Ping, WHOIS, Packet Sniffer, VPN Tunnel Monitor, Connection Table Monitor, Network Monitor, Active Computers Display, Local Logs, Traffic Monitor | |||
ADSL Modem Specifications
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Supported Standards | ADSL2, ADSL2+, T.1413 G.DMT (G.992.1) G.Lite (G.992.2) ANNEX A (ADSL over POTS), ANNEX B (ADSL over ISDN) | |||
Wireless Specifications***
| UTM-1 Edge N | UTM-1 Edge NW | UTM-1 Edge N ADSL | UTM-1 Edge NW ADSL | |
|---|---|---|---|---|
| Wireless Protocols | 802.11b (11Mbps), 802.11g (54Mbps), 802.11n (300Mbps) |
802.11b (11Mbps), 802.11g (54Mbps), 802.11n (300Mbps) |
||
| Wireless Security | VPN over wireless, WEP, WPA2 (802.11i), WPA-PSK, 802.1x |
VPN over wireless, WEP, WPA2 (802.11i), WPA-PSK, 802.1x |
||
| Wireless Distribution System (WDS) | ✔* | ✔* | ||
| Multiple Access Points | ✔* | ✔* |
| Physical Specifications | ||||
|---|---|---|---|---|
| Dimensions (HxWxD) | 20.32 x 3.05 x 12.19 cm (8 x 1.2 x 4.8 inches) | |||
| Weight | 0.7 kg (1.56 lbs) | |||
| Operating Environmental Range | Temp |
Operational: 0ºC - 40ºC |
||
| Humidity | 10% - 90% (non-condensed) | |||
| Power | 100-240 VAC, 50-60 Hz (depending on country) | |||
| MTBF | 68,000 Hours | |||
| Regulatory Compliance | FCC Part 15 Class B, CE | |||
| Warranty | 1 year | |||
UTM-1 Edge Industrial
| Physical Attributes | ||||
|---|---|---|---|---|
| Dimensions (HxWxD) |
32 x 200 x 128 mm (1.26 x 7.87 x 5.04 inches) | |||
| Weight | Without DIN rail adapter: 650 g (1.43 lbs) with DIN rail adapter: 750 g (1.65 lbs) | |||
| Retail Box Dimensions (HxWxD) |
250 x 290 x 76 mm (3.14 x 11.42 x 9.84 inches) | |||
| Retail Box Weight | 1.35 kg (2.98 lbs) | |||
| 24V DC Power Input | ||||
| Power Supply Nominal Output | +24V DC @ 0.6A | |||
| Max. Power Consumption | 9W 14W (including USB devices) |
|||
| 5V Power Supply Unit | ||||
| Power Supply Nominal Input | 9W 100 ~ 240 VAC; 47 ~ 63Hz |
|||
| Power Supply Nominal Output | +5V DC @ 3A | |||
| Max. Power Consumption | 9W 14W (including USB devices) |
|||
| EMI | ||||
| Power Supply Nominal Input | 9W 100 ~ 240 VAC; 47 ~ 63Hz |
|||
| Max. Power Consumption | 9W 14W (including USB devices) |
|||
| EMI | ||||
|---|---|---|---|---|
| Standard | Description | Comments | ||
| CISPR 22 EN 55022 |
Radiated and conducted EMI limits | Class B | ||
| EN 61000-3-2 | Harmonic current emission | Class A | ||
| EN 61000-3-3 | Voltage fluctuations & flicker |
Pst measurement: 0.001, Limit: 1.0
Plt measurement: 0.001, Limit: 0.65 Tdt (ms) measurement: 0, Limit: 500 dmax (%) measurement: 0, Limit: 4% dc (%) measurement: 0, Limit: 3.3% |
||
| EN 55024 | Immunity | |||
| IEC 61000-4-2 | Electrostatic Discharge (ESD) |
8 kV air discharge, 4 kV contact discharge, Performance Criterion B
|
||
| IEC 61000-4-3 | Radiated, radio-frequency, electromagnetic field immunity |
80-1000 MHz, 3 V/m, 80% AM (1 kHz), Performance Criterion A
|
||
| IEC 61000-4-4 | Electrical fast transient / burst immunity | AC power line: 1 kV, DC power line: 0.5 kV Signal line: 0.5 kV Performance Criterion B |
||
| IEC 61000-4-5 | Surge immunity | 1.2/50 us open circuit voltage, 8/20 us Ssort circuit current AC power line: line to line 1 kV, line to earth 2 kV DC power line: line to earth 0.5 kV Signal line: 1 kV Performance Criterion B |
||
| IEC 61000-4-6 | Immunity to conducted disturbances, induced by radio-frequency fields | 0.15-80 MHz, 3 Vrms, 80% AM, 1 kHz, Performance Criterion A | ||
| IEC 61000-4-8 | Power frequency magnetic field immunity. | 50 Hz, 1 A/m, Performance Criterion A | ||
| IEC 61000-4-11 | Voltage dips, short interruptions and voltage variations immunity | i) >95% reduction -0.5 period, Performance Criterion B ii) 30% reduction – 25 period, Performance Criterion C Voltage interruptions: i) >95% reduction – 250 period, Performance Criterion C |
||
| Safety | ||||
|---|---|---|---|---|
| Standard | Description | |||
| EN 60950-1 | Safety of Information Technology Equipment | |||
| Reliability | ||
|---|---|---|
| Standard | Description | Comments |
| EN 300 019-2-1 T1.2 | Environment (storage) | Low temperature: -5°C, 72 Hours High temperature: 55°C, 72 Hours Humidity: 30°C, 93%, 96 Hours Sine vibration: 5-62-200Hz/5°/s,2g,1 octave/minute, 5 cycles/axis, 96 hours Random vibration: 5-10-50-100Hz/+12dB-0.0002g2/Hz - 12dB, 30 minutes/axis, 3 hours |
| EN 300 019-2-2 T2.3 | Environment (transportation) | Low temperature: -40°C, 72 Hours High temperature: 70°C, 72 Hours Temperature change: -40°C~+30°C, 3 hours dwell, 5 cycles, 1°C/minute Humidity: 40°C, 93%, 96 Hours Humidity cycling: 40°C, 95%, 2 cycles Water: 0.01m3/minute, 90 Kpa, 15 minutes Random vibration: 5-20-200Hz/0.01g2/Hz - 3dB, 30 minutes/axis, 1.5 hours Bump: 6ms, 18g, 100 bumps per face Drop: 100 cm, 1 corner, 3 edges and 6 face |
| EN 300 019-2-3 T3.2 | Environment (operational) | Low temperature: -5°C, 16 Hours (with cold start test) High temperature: 55°C, 16 Hours (with hot start test) Temperature change: 25°C~+55°C, 3 hours dwell, 5 cycles, 0.5°C/minute, 30 hours Humidity: 30°C, 93%, 96 Hours Humidity cycling: 55°C, 50~95%, 1 cycles Sine vibration: 5-62-200Hz/5°/s-0.2g,1 octave/minute, 5 cycles/axis, X, Y and Z axes, 6 hours Random vibration: 5-10-50-100Hz/+12dB-0.0002g2/Hz - 12dB, 30 minutes/axis, X, Y and X axes, 1.5 hours Shock: Half-sine, 11ms, 3g, 6 shocks per axis |
| Extended Temperatures | Extended temperatures test | Temperature change: -20°C~+ 55°C, 12 cycles, 72 hours, with cold start / hot start test. Low temperature: -20°C, 24 hours High temperature: 55°C, 24 hours |
| MTBF | 370,000 hours | Telcordia (Bellcore) model, SR-332, with Hirschmann RPS30 Industrial 24V DC power supply. |
| Environment | ||||
|---|---|---|---|---|
| Standard | Description | |||
| RoHS | EC Directive on Restriction of Hazardous Substances | |||
| WEEE | EC Directive on Waste Electrical and Electronic Equipment (WEEE) | |||
* Additional services might be needed
** Subject to change in different environments
- Products A-Z
- Appliances
- Appliances Overview
- 2200 Appliances
- 4000 Appliances
- 12000 Appliances
- 21400 Appliance
- 61000 Security System
- SecurityPower
- Power-1
- UTM-1
- Series 80
- UTM-1 Edge
- IP Appliances
- VSX-1
- DLP-1
- IPS-1
- Safe@Office
- Smart-1
- Smart-1 SmartEvent
- Integrated Appliance Solution
- IAS Bladed Hardware
- Software Blades
- Software Blades Overview
- Security Gateway
- Firewall
- IPsec VPN
- IPS
- Mobile Access
- Application Control
- Identity Awareness
- DLP
- Web Security
- URL Filtering
- Anti-Bot
- Antivirus & Anti-Malware
- Anti-Spam & Email Security
- Advanced Networking & Clustering
- Voice over IP (VoIP)
- Security Management
- Network Policy Management
- Endpoint Policy Management
- Logging & Status
- SmartWorkflow
- Monitoring
- Management Portal
- User Directory
- SmartProvisioning
- SmartReporter
- SmartEvent
- Multi-Domain Security Management
- Virtualization Security
- Security Gateway Virtual Edition
- Cloud Security
- Virtual Appliance for Amazon Web Services
- Security Systems
- Security Systems Overview
- Endpoint Security
- Endpoint Security
- Full Disk Encryption
- Media Encryption
- Anti-Malware & Program Control
- Remote Access VPN
- Firewall & Compliance
- Check Point WebCheck
- Check Point GO
- Solutions
- Remote Access
- Consumer Products
- ZoneAlarm Antivirus
- ZoneAlarm ForceField
- ZoneAlarm Internet Security Suite