YOUR CHALLENGE
In todays cost-conscious environment, companies are turning to the Internet
to connect remote offices to applications, information, and other corporate
resources. You need to efficiently deploy and manage tens, hundreds, or even
thousands of VPN gatewayswith limited IT staff. You need cost-effective,
reliable security gateways that integrate into your infrastructure and protect
against increasingly sophisticated Internet-based attacks.
OUR SOLUTION
Check Points VPN-1 UTM EdgeTM security appliances provide enterprises
with secure connectivity for their remote sites. By delivering Check Point
firewall, VPN, intrusion prevention, and antivirus technologies in a single
solution, VPN-1 UTM Edge ensures remote sites stay as secure as the
corporate site. To simplify security management for large remote site deployments, VPN-1 UTM Edge devices can be centrally managed alongside other
Check Point security solutions. The Check Point SMART (Security Management
Architecture) portfolio of management solutions enables IT administrators to
apply a consistent security policy across remote sites with the same tools
used to manage their main sites.
Reliable security for the network edge
To prevent remote offices from becoming securitys weak links, VPN-1
UTM Edge appliances provide the same level of firewall, intrusion prevention,
and antivirus protection relied on at the main campus. They secure all
popular Internet services with Check Points patented Stateful Inspection
and Application Intelligence technologies. It supports more than 150
predefined applications, services, and protocols out-of-the-box, including
Web applications, instant messaging, peer-to-peer applications, VoIP,
and multimedia services. To ensure that remote offices stay secure,
PRODUCT DESCRIPTION
VPN-1 UTMTM EdgeTM appliances
integrate firewall, VPN, intrusion
prevention, and antivirus technologies
into a single solution, enabling
businesses to provide connectivity
for their remote sites without compromising security. All VPN-1 UTM Edge
gateways can be centrally deployed
and managed with SmartCenterTM
or Provider-1, ensuring consistent
policy management across both
central and remote networks.
PRODUCT FEATURES
Centralized, large-scale
management
PRODUCT BENEFITS
NGX HIGHLIGHTS
Unified management
Automatic, centralized
security updates
VPN-1 UTM Edge appliances include port-based authentication. Administrators can require employees to authenticate
against a RADIUS server before gaining network access,
quarantining them if authentication fails.
Preemptive defenses against attacks
VPN-1 UTM Edge includes SmartDefenseTM, Check Points
integrated intrusion prevention technology, to provide preemptive network- and application-layer security for remote
sites. This ensures that remote sites are protected from
worms, viruses, DoS and DDoS assaults, and other known
and unknown attacks. SmartDefense prevents worms and
viruses from entering the network and minimizes the need
to invest in standalone intrusion prevention systems (IPS)
at the edge of the network. With the SmartDefense Wizard,
administrators can ensure correct configuration simply
and effectively.
Corporate
Headquarters
Partner
Site
VPN-1 Power or
VPN-1 UTM
Primary ISP
Backup ISP
SMART
Check Point
Centralized Management
Internet
VLAN 3
VLAN 1
Retail Sites
VLAN 2
Branch Offices
VPN-1 UTM Edge security appliances provide distributed enterprises with secure connectivity for their remote sites, such as branch offices,
retail stores, and partner sites, and can be centrally managed by Check Point SMART management.
2
SMART MANAGEMENT
To reduce the management costs involved in remote offices,
VPN-1 UTM Edge appliances can be centrally managed by
Provider-1 or SmartCenter. These management products
allow you to centrally define a security policy across your
entire networkmain sites, remote sites, SSL VPNs, and
internal securityall via SmartDashboardTM, the central
console for managing Check Point security solutions.
This unified security architecture reduces the complexity
of security audits by providing a single place for all
security information.
Companies that need to provision security to hundreds
or thousands of remote sites without increasing the
management cost can turn to Smart Large-Scale Manager
(SmartLSMTM), part of SmartCenter ProTM. With centralized
profile-based management, SmartLSM enables security
administrators to define a single security profile and apply it
simultaneously to thousands of VPN-1 UTM Edge appliances.
Provider-1 addresses the requirements of organizations that
must manage multiple policies within their environments
such as a service provider or a large global enterprise. For
service providers, it consolidates and centralizes management for thousands of customers. For enterprise network
operations centers, it can simplify a complex security policy
by segmenting it into manageable subpolicies for geographic,
functional, or other groupings.
Centrally managed software updates
SmartUpdateTM, available with SmartCenter Pro or as an
optional module, helps you centrally manage software
upgrades and licenses. It ensures that security is always
current by automating the delivery and installation of security
for remote sites. This provides greater control and efficiency
over a distributed security architecture while dramatically
decreasing maintenance costs of managing global
security installations.
X8
X16
X32
XU
16
32
Unlimited
Continued on page 4
3
X8
X16
X32
XU
80 Mbps
8,000
80 Mbps
8,000
80 Mbps
8,000
150 Mbps
8,000
20 Mbps
1 user
Included
20 Mbps
10 users
Included
20 Mbps
15 users
Included
30 Mbps
25 users
Included
Site-to-site
Remote access (to VPN-1 Power)
Remote access (to VPN-1 UTM Edge)
Certificate generation for remote access
Centralized management support
Management software
Software updates
Reporting and monitoring
Local Web-based management
Installation wizard
Firewall wizard
VPN wizard
Local logs
HTTPS remote access
Additional management options
CLI via SSH
CLI via serial port
SNMP support
Other hardware specifications
Dimensions H x W x L
Weight
Power
Regulatory compliance
Warranty
IMAP, NUR FTP, NBT, POP3, SMTP, user-defined TCP and UDP ports
POP3, SMTP
Provider-1, SmartCenter, SmartCenter Pro/SmartLSM, SmartCenter Express, SmartCenter Express Plus, SMP
SmartUpdate
Eventia Reporter, SmartView Monitor, SmartView Tracker, Syslog
2006 Check Point Software Technologies Ltd. All rights reserved. Check Point, Application Intelligence, Check Point Express, the Check Point logo, AlertAdvisor, ClusterXL, Cooperative Enforcement,
ConnectControl,Connectra,CoSa,CooperativeSecurityAlliance,Eventia,EventiaAnalyzer,EventiaReporter,FireWall-1,FireWall-1GX,FireWall-1SecureServer,FloodGate-1,HackerID,IMsecure,INSPECT,
INSPECT XL, Integrity, InterSpect, IQ Engine, Open Security Extension, OPSEC, Policy Lifecycle Management, Provider-1, Safe@Home, Safe@Office, SecureClient, SecureKnowledge, SecurePlatform,
SecuRemote, SecureXL Turbocard, SecureServer, SecureUpdate, SecureXL, SiteManager-1, SmartCenter, SmartCenter Pro, Smarter Security, SmartDashboard, SmartDefense, SmartLSM, SmartMap,
SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SofaWare, SSL Network Extender, Stateful Clustering, TrueVector, Turbocard, UAM,
User-to-Address Mapping, UserAuthority, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 UTM, VPN-1 Power, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1
SecureServer, VPN-1 VSX, VPN-1 XL, Web Intelligence, ZoneAlarm, ZoneAlarm Pro, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software
Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this
document are protected by U.S. Patent No. 5,606,668, 5,835,726, 6,496,935, 6,873,988 and 6,850,943 and may be protected by other U.S. Patents, foreign patents,
or pending applications.
May 5, 2006 P/N 502125
Worldwide Headquarters
U.S. Headquarters
800 Bridge Parkway
Redwood City, CA 94065
Tel: 800-429-4391; 650-628-2000
Fax: 650-654-4233
www.checkpoint.com