dptech utm2000 series data sheet
Post on 09-Nov-2015
44 Views
Preview:
DESCRIPTION
TRANSCRIPT
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 1 of 11
Application as Network
DPtech Unified Threat Management 2000 Series
Unified Threat Management 2000 provides unified threat prevention solutions for 100 Mbps,
Gigabit and 10-Gigabit network environments.
Most of the security problems are impacting users network, such as unauthorized access,
virus, Trojan, spyware, vulnerability attacks, unauthorized web visit, spam, and bandwidth
abuse. These problems often cause service interruption. To address these problems,
DPtech has developed UTM2000 Series UTMs. This series integrates firewall, VPN,
intrusion detection and prevention, anti-virus, content filtering, spam prevention, application
control and behavior auditing on one platform. By upgrading the signature database of
individual module, this series can provide security defense from Layer 2 to Layer 7, so it is
the most feature-rich UTM in the world.
To ensure that the high performance will not be affected with all security features being
enabled, this series adopts high performance multi-core, multi-thread security architecture,
which makes the products cost-effective. This series rigidly conforms to the EU Restriction of
Hazardous Substances Directive (RoHS), therefore, it is the best choice for enterprises that
want to choose green and secure products.
Product Overview
The DPtech UTM2000 series products are new
generation of United Threat Management device
designed for small- and medium-sized enterprises
and branches. It uses the multi-core processor and
multi-thread technology to construct a
high-performance platform. Besides the legacy
firewall and VPN functions, the product provides
more security services such as anti-virus, IPS, URL
filtering, anti-SPAM, P2P/IM application flow control,
and user behavior auditing. The design allows the
product to provide all security features without
affecting the system performance, and thus makes
it a cost-effective product. The UTM2000 not only
protects the network effectively, but also supports
management through SNMP and TR-069. This
greatly reduces the operation cost and complexity.
UTM2000-MS-N
UTM2000-MA-N
UTM2000-ME-N
UTM2000-GS-N
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 2 of 11
The following are the DPtech UTM2000 series products portfolio.
Features and Benefits
Comprehensive support for FW/VPN feature
Enhanced firewall functions: The UTM2000
series products provide such basic functions as
security zone configuration, static/dynamic blacklist,
MAC-IP binding, ACL application, and instruction
prevention. In addition, it offers enhanced functions
like status-based filtering, virtual firewall, and
transportation of 802.1Q-tagged packets. It protects
the network against attacks of ARP spoofing, invalid
TCP flag, large ICMP packets, Challenge Collapse
(CC), SYN flooding, address/port scanning.
Abundant VPN features: The UTM2000 series
products support access through L2TP, GRE, IPSec VPN, and SSL VPN. The integrated
hardware encryption engine implements VPN handling of high performance.
Full support of NAT applications: The UTM2000 series products support NAT applications
including many-to-one, many-to-many, static NAT, dual translation, IP Masquerade and
DNS mapping. It supports NAT traversal with multiple protocols, and delivers NAT ALG
functions such as DNS, FTP, SIP, RTSP, H.323, and NBT.
High available feature: supports the modes of active/active and active/passive,
implementing load balancing and service backup.
Meantime Between Failure (MTBF): Up to 36 years.
Easy-to-use Web-based management system; Management based on SNMP and
TR-069; support Centralized management by UMC (Unified Management Center).
UTM2000-GM-N
UTM2000-GA-N
UTM2000-GE-N
UTM2000-TS-N
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 3 of 11
Advanced Security Service
Powerful intrusion prevention capability: The UTM2000 series products provide more
than 4000 IPS signatures. It can exactly identify and prevent various network attacks and
abuses.
Real-time anti-virus: The UTM2000 series products adopt Kaspersky's anti-virus engine to
detect and remove codes of malicious attacks in time.
Real-time anti-SPAM: The UTM2000 series products filter spam in real time, which purify
your mai system.
URL filtering: The UTM2000 series products implements user-based URL access control to
deny access to unauthorized Websites, such as the phishing websites.
Applications identify and control: The UTM2000 series products identify P2P and IM
applications of BitTorrent, Thunder, MSN, QQ, and so on. It also supports alarms, rate
limiting, and interruption to ensure the operation of core services.
Behavior auditing: The UTM2000 series products audit the applications of P2P, instant
message, web game, mails, and data transmission, and generate logs to implement
behavior auditing in granularity.
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 4 of 11
Product Specifications
Table 1. Lists of features and performance of DPtech UTM2000-MS, MA, ME
and GS models:
UTM2000-MS-N UTM2000-MA-N UTM2000-ME-N UTM2000-GS-N
Interface 1xConsole ,
8xGE Copper ,
2xUSB
1xConsole ,
8xGE Copper ,
2xUSB
1xConsole , 8xGE
Copper , 2xUSB
1xConsole,
2xGE SFP, 6xGE
Copper, 2xUSB
Slot 2 slot 2 slot 2 slot 1 slot
CF card 1GB 1GB 1GB 1GB
DDR SDRAM 2G 2G 2G 2G
Dimensions
(H W D)
44*430*261 mm 44*430*261 mm 44*430*261 mm 44*430*261 mm
Rated voltage Max
Current
100-240VAC;
1.5A
100-240VAC;
1.5A
100-240VAC;
1.5A
100-240VAC;
1.5A
Max Power
Consumption
54 W 54 W 54 W 54 W
MTBF 36 years 36 years 36 years 36 years
Operating Temperature
0C to 45C
(32 to 113F)
0C to 45C
(32 to 113F)
0C to 45C
(32 to 113F)
0C to 45C
(32 to 113F)
Relative Humidity 10% to 95% 10% to 95% 10% to 95% 10% to 95%
Weight 3.1 kg 3.1 kg 3.1 kg 3.1 kg
Firewall
Throughput
300Mbps 600Mbps 1Gbps 2Gbps
VPN Throughput 100Mbps 200Mbps 300Mbps 600Mbps
Anti-Virus
Throughput
50Mbps 100Mbps 200Mbps 300Mbps
IPS Throughput 50Mbps 100Mbps 200Mbps 300Mbps
Concurrent
Connections
300,000 500,000 800,000 1,000,000
New Connections
Persecond
10,000 15,000 20,000 32,000
IPSEC Tunnels 1000 1000 1000 8000
Max Policy 10,000 10,000 10,000 10,000
Security Zones 64 64 128 128
VLAN numbers 4096 4096 4096 4096
Virtual Firewall 64 64 128 128
SSL VPN Users 50 100 200 500
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 5 of 11
Table 2. Lists of features and performance of DPtech UTM2000-GM, GA, GE
and TS models:
Hardware Item UTM2000-GM-N UTM2000-GA-N UTM2000-GE-N UTM2000-TS-N
Interface 1xConsole ;
2xGE SFP,
6xGE Copper,
2xUSB
1xConsole ,
6xGE SFP,
6xGE Copper,
2xUSB
1xConsole, 12xGE SFP, 12xGE Copper, 2x10GE, 2xUSB
1xConsole, 12xGE SFP, 12xGE Copper, 2x10GE, 2xUSB
Slot 1 slot -- -- --
CF card 1GB 2GB 2GB 2GB
DDR SDRAM 2G 2G 2G 2G
Dimensions
(H W D)
44*430*261 mm 44.4*436*470
mm
88*436*470 mm 88*436*470 mm
Rated voltage Max
Current
100-240VAC;
1.5A
100-240VAC;
1.8A
100-240VAC; 4A
100-240VAC; 4A
Max Power
Consumption
54 W 150 W 300w 300w
MTBF 36 years 36 years 36 years 36 years
Operating Temperature
0C to 45C
(32 to 113F)
0C to 45C
(32 to 113F)
0C to 45C
(32 to 113F)
0C to 45C
(32 to 113F)
Relative Humidity 10% to 95% 10% to 95% 10% to 95% 10% to 95%
Weight 3.1 kg 8kg 10kg 10kg
Firewall Throughput 4Gbps 6Gbps 10Gbps 18Gbps
VPN Throughput 1Gbps 2Gbps 4Gbps 6Gbps
Anti-Virus
Throughput
500Mbps 1Gbps 6Gbps 10Gbps
IPS Throughput 500Mbps 1Gbps 6Gbps 10Gbps
Concurrent
Connections
1,500,000 2,000,000 3,000, 000 4,000, 000
New connections
Per second
60,000 100,000 150,000 200,000
IPSEC Tunnels 8,000 20,000 20,000 20,000
Max Policy 10,000 20,000 30,000 50,000
Security Zones 256 256 512 1024
VLAN Numbers 4096 4096 4096 4096
Virtual Firewall 256 256 512 1024
SSL VPN Users 1,000 3,000 5,000 10,000
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 6 of 11
Table 3 lists the features of DPtech UTM2000 series products
Item Description
Operating mode Routing mode
Transparent mode
Hybrid mode
Network Security AAA services RADIUS authentication
PKI/CA (x.509 format) authentication
Domain authentication
CHAP authentication
PAP authentication
Firewall Virtual firewall
Security zone configuration
Defense against attacks of ARP spoofing, invalid TCP flag, large ICMP packets, SYN flooding, address/port scanning.
Interface-based access control
Time range-based access control
Dynamic packet filtering
Static and dynamic blacklists
MAC-IP binding
MAC-based access control
Transportation of 802.1Q-tagged packets
Anti-virus Virus definition-based detection
Library upgrading manually and automatically
Flow handing mode
Supporting protocols of HTTP, FTP, SMTP, and POP3.
Preventing virus types of Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, Ad Ware, Virus
Supporting virus logs and reports
URL filtering Custom-defined URL filtering library
Supporting Java Blocking and ActiveX Blocking
Anti-SPAM Blacklist of IP addresses
Matching keywords of the mail address, attachment name, content, sender, and receiver
Application Identify
Supporting to identify P2P and IM applications like BT
IPS Preventing hiker attacks, worms, and Trojans.
Security logs and statistics
User behavior flow logs
NAT translation logs
Real-time logs of attacks
Blacklist logs
Address binding log
Traffic alarm logs
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 7 of 11
Item Description
Traffic statistics and analysis
Global/security zone-based connection rate monitoring
Global/security zone-based protocol packet rate monitoring
Events statistics
E-mail notification of real-time alarms
Information distribution through E-mail
NAT Many-to-one NAT
Many-to-many NAT
One-to-one NAT
Translation of source address and destination address
Accessing internal network from an external host
IP Masquerade
DNS mapping
NAT aging time
NAT ALG for multiple application protocols, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP
VPN L2TP VPN Initiating tunneling requests to specific LNS for users with fully qualified name or the domain name
Address allocation of VPN users
LCP re-negotiation and mandatory CHAP authentication
GRE VPN
IPSec/IKE AH/ESP protocols
Manual SA setup or through IKE
ESP supports encryption algorithms of DES, 3DES, AES
Algorithms of MD5 and SHA-1
IKE main mode and aggressive mode
NAT traversal
DPD detection
SSL VPN
Network connectivity
LAN protocols Ethernet_II
Ethernet_SNAP
802.1Q VLAN
Link layer protocol PPPoE
Network protocols IP services IPv4/v6
ARP
Domain name resolution
DHCP relay
DHCP server
DHCP client
IP routing Static routing
RIP v1/2
OSPF
BGP
Policy routing
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 8 of 11
Item Description
High reliability Support Active/Active and Active/Passive modes
Support VRRP
QoS Traffic policing Support LLQ, WRR and CBWFQ
Support WRED and CAR
Configuration management
CLI Local configuration through console port
Local or remote configuration through Telnet or SSH
Authorization of commands by user levels, so that unauthorized users cannot log in to the device
Detailed debugging information for troubleshooting
Login and management through Telnet
FTP Server/Client for downloading and uploading configuration files and application programs
Logging function
Configuration of user interface to configure authentication modes and authorize functions to users
Supporting SNMPv3, and is compatible with SNMPv2c and SNMPv1
Supporting time synchronization through NTP
Supporting Web-based management
Supporting SNMP and TR-069
Supporting management through DPtech UMC(Unified Management Center)
Restriction RoHS Comply
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 9 of 11
Order Information
Hardware and Advanced Service
Part No. Item Remarks
02050051 UTM2000-MS-N Host Required
53010091 UTM2000-MS-N,Application Signature Update Service,1 Year Optional
53010092 UTM2000-MS-N,AV Signature Update Service,1 Year Optional
53010093 UTM2000-MS-N,IPS Signature Update,1 Year Optional
52010094 UTM2000-MS-N,URL-Filter Signature Update Service,1 Year Optional
02050049 UTM2000-MA-N Host Required
53010087 UTM2000-MA-N,Application Signature Update Service,1 Year Optional
53010088 UTM2000-MA-N,AV Signature Update Service,1 Year Optional
53010089 UTM2000-MA-N,IPS Signature Update,1 Year Optional
53010090 UTM2000-MA-N,URL-Filter Signature Update Service,1 Year Optional
02050052 UTM2000-ME-N Host Required
53010083 UTM2000-ME-N,Application Signature Update Service,1 Year Optional
53010084 UTM2000-ME-N,AV Signature Update Service,1 Year Optional
53010085 UTM2000-ME-N,IPS Signature Update,1 Year Optional
53010086 UTM2000-ME-N,URL-Filter Signature Update Service,1 Year Optional
02050050 UTM2000-GS-N Host Required
53010079 UTM2000-GS-N,Application Signature Update Service,1 Year Optional
53010080 UTM2000-GS-N,AV Signature Update Service,1 Year Optional
53010081 UTM2000-GS-N,IPS Signature Update,1 Year Optional
53010082 UTM2000-GS-N,URL-Filter Signature Update Service,1 Year Optional
02050053 UTM2000-GM-N Host Required
53010075 UTM2000-GM-N,Application Signature Update Service,1 Year Optional
53010076 UTM2000-GM-N,AV Signature Update Service,1 Year Optional
53010077 UTM2000-GM-N,IPS Signature Update,1 Year Optional
53010078 UTM2000-GM-N,URL-Filter Signature Update Service,1 Year Optional
02050054 UTM2000-GA-N Host Required
53010071 UTM2000-GA-N,Application Signature Update Service,1 Year Optional
53010072 UTM2000-GA-N,AV Signature Update Service,1 Year Optional
53010073 UTM2000-GA-N,IPS Signature Update,1 Year Optional
53010074 UTM2000-GA-N,URL-Filter Signature Update Service,1 Year Optional
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 10 of 11
Part No. Item Remarks
TBA UTM2000-GE-N Host Required
TBA UTM2000-GE-N,Application Signature Update Service,1 Year Optional
TBA UTM2000-GE-N,AV Signature Update Service,1 Year Optional
TBA UTM2000-GE-N,IPS Signature Update,1 Year Optional
TBA UTM2000-GE-N,URL-Filter Signature Update Service,1 Year Optional
TBA UTM2000-TS-N Host Required
TBA UTM2000-TS-N,Application Signature Update Service,1 Year Optional
TBA UTM2000-TS-N,AV Signature Update Service,1 Year Optional
TBA UTM2000-TS-N,IPS Signature Update,1 Year Optional
TBA UTM2000-TS-N,URL-Filter Signature Update Service,1 Year Optional
SSL VPN License
53010137 SSL VPN 10 User License Optional
53010138 SSL VPN 50 User License Optional
53010139 SSL VPN 100 User License Optional
53010140 SSL VPN 250 User License Optional
53010141 SSL VPN 500 User License Optional
53010142 SSL VPN 1000 User License Optional
53010143 SSL VPN 2500 User License Optional
53030145 SSL VPN 5000 User License Optional
Interface Module
Interface module Remarks
02010023 4-Port 1000M Ethernet Electrical Interface Module Optional
02010036 4-Port 1000M Ethernet Optical Interface Module Optional
02010005 1000BASE-SX SFP Transceiver, Multi-Mode (850nm, 550m, LC) Optional
02010004 1000BASE-LX SFP Transceiver, Single Mode (1310nm, 10km, LC) Optional
02000013 1000BASE-LH40 SFP Transceiver, Single Mode (1310nm, 40km,
LC)
Optional
-
UTM2000 Data Sheet
Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 11 of 11
02010014 1000BASE-LH40 SFP Transceiver, Single Mode (1550nm, 40km,
LC)
Optional
02010008 10GBASE-SR XFP Module, Multi-Mode (850nm, 300m, LC) Optional
02010018 10GBASE-LR/LW XFP Module, Single Mode (1310nm, 10km, LC) Optional
02010016 10GBASE-ER/EW XFP Module, Single Mode (1550nm, 40km, LC) Optional
Unified Management Center
Item Remarks
02010001 UMC Management Platform Software Optional
53010113 UMC Unified Threat Management t Manager License Optional
Note:
Required indicates that the item described is provided directly with the ordered host. The user does
not need to purchase it specially.
Optional indicates the item described should be purchased by the user if it is needed.
TBA refer to coming book opened .
Copyright 2008 DPtech Technologies,Co., Ltd. All rights reserved. The information contained herein is subject to change without notice. While every effort is made to
ensure the information given is accurate.
UTM2000/2011/05-1
top related