UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 1 of 11

Application as Network

DPtech Unified Threat Management 2000 Series

Unified Threat Management 2000 provides unified threat prevention solutions for 100 Mbps,

Gigabit and 10-Gigabit network environments.

Most of the security problems are impacting users network, such as unauthorized access,

virus, Trojan, spyware, vulnerability attacks, unauthorized web visit, spam, and bandwidth

abuse. These problems often cause service interruption. To address these problems,

DPtech has developed UTM2000 Series UTMs. This series integrates firewall, VPN,

intrusion detection and prevention, anti-virus, content filtering, spam prevention, application

control and behavior auditing on one platform. By upgrading the signature database of

individual module, this series can provide security defense from Layer 2 to Layer 7, so it is

the most feature-rich UTM in the world.

To ensure that the high performance will not be affected with all security features being

enabled, this series adopts high performance multi-core, multi-thread security architecture,

which makes the products cost-effective. This series rigidly conforms to the EU Restriction of

Hazardous Substances Directive (RoHS), therefore, it is the best choice for enterprises that

want to choose green and secure products.

Product Overview

The DPtech UTM2000 series products are new

generation of United Threat Management device

designed for small- and medium-sized enterprises

and branches. It uses the multi-core processor and

multi-thread technology to construct a

high-performance platform. Besides the legacy

firewall and VPN functions, the product provides

more security services such as anti-virus, IPS, URL

filtering, anti-SPAM, P2P/IM application flow control,

and user behavior auditing. The design allows the

product to provide all security features without

affecting the system performance, and thus makes

it a cost-effective product. The UTM2000 not only

protects the network effectively, but also supports

management through SNMP and TR-069. This

greatly reduces the operation cost and complexity.

UTM2000-MS-N

UTM2000-MA-N

UTM2000-ME-N

UTM2000-GS-N

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 2 of 11

The following are the DPtech UTM2000 series products portfolio.

Features and Benefits

Comprehensive support for FW/VPN feature

Enhanced firewall functions: The UTM2000

series products provide such basic functions as

security zone configuration, static/dynamic blacklist,

MAC-IP binding, ACL application, and instruction

prevention. In addition, it offers enhanced functions

like status-based filtering, virtual firewall, and

transportation of 802.1Q-tagged packets. It protects

the network against attacks of ARP spoofing, invalid

TCP flag, large ICMP packets, Challenge Collapse

(CC), SYN flooding, address/port scanning.

Abundant VPN features: The UTM2000 series

products support access through L2TP, GRE, IPSec VPN, and SSL VPN. The integrated

hardware encryption engine implements VPN handling of high performance.

Full support of NAT applications: The UTM2000 series products support NAT applications

including many-to-one, many-to-many, static NAT, dual translation, IP Masquerade and

DNS mapping. It supports NAT traversal with multiple protocols, and delivers NAT ALG

functions such as DNS, FTP, SIP, RTSP, H.323, and NBT.

High available feature: supports the modes of active/active and active/passive,

implementing load balancing and service backup.

Meantime Between Failure (MTBF): Up to 36 years.

Easy-to-use Web-based management system; Management based on SNMP and

TR-069; support Centralized management by UMC (Unified Management Center).

UTM2000-GM-N

UTM2000-GA-N

UTM2000-GE-N

UTM2000-TS-N

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 3 of 11

Advanced Security Service

Powerful intrusion prevention capability: The UTM2000 series products provide more

than 4000 IPS signatures. It can exactly identify and prevent various network attacks and

abuses.

Real-time anti-virus: The UTM2000 series products adopt Kaspersky's anti-virus engine to

detect and remove codes of malicious attacks in time.

Real-time anti-SPAM: The UTM2000 series products filter spam in real time, which purify

your mai system.

URL filtering: The UTM2000 series products implements user-based URL access control to

deny access to unauthorized Websites, such as the phishing websites.

Applications identify and control: The UTM2000 series products identify P2P and IM

applications of BitTorrent, Thunder, MSN, QQ, and so on. It also supports alarms, rate

limiting, and interruption to ensure the operation of core services.

Behavior auditing: The UTM2000 series products audit the applications of P2P, instant

message, web game, mails, and data transmission, and generate logs to implement

behavior auditing in granularity.

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 4 of 11

Product Specifications

Table 1. Lists of features and performance of DPtech UTM2000-MS, MA, ME

and GS models:

UTM2000-MS-N UTM2000-MA-N UTM2000-ME-N UTM2000-GS-N

Interface 1xConsole ,

8xGE Copper ,

2xUSB

1xConsole ,

8xGE Copper ,

2xUSB

1xConsole , 8xGE

Copper , 2xUSB

1xConsole,

2xGE SFP, 6xGE

Copper, 2xUSB

Slot 2 slot 2 slot 2 slot 1 slot

CF card 1GB 1GB 1GB 1GB

DDR SDRAM 2G 2G 2G 2G

Dimensions

(H W D)

44*430*261 mm 44*430*261 mm 44*430*261 mm 44*430*261 mm

Rated voltage Max

Current

100-240VAC;

1.5A

100-240VAC;

1.5A

100-240VAC;

1.5A

100-240VAC;

1.5A

Max Power

Consumption

54 W 54 W 54 W 54 W

MTBF 36 years 36 years 36 years 36 years

Operating Temperature

0C to 45C

(32 to 113F)

0C to 45C

(32 to 113F)

0C to 45C

(32 to 113F)

0C to 45C

(32 to 113F)

Relative Humidity 10% to 95% 10% to 95% 10% to 95% 10% to 95%

Weight 3.1 kg 3.1 kg 3.1 kg 3.1 kg

Firewall

Throughput

300Mbps 600Mbps 1Gbps 2Gbps

VPN Throughput 100Mbps 200Mbps 300Mbps 600Mbps

Anti-Virus

Throughput

50Mbps 100Mbps 200Mbps 300Mbps

IPS Throughput 50Mbps 100Mbps 200Mbps 300Mbps

Concurrent

Connections

300,000 500,000 800,000 1,000,000

New Connections

Persecond

10,000 15,000 20,000 32,000

IPSEC Tunnels 1000 1000 1000 8000

Max Policy 10,000 10,000 10,000 10,000

Security Zones 64 64 128 128

VLAN numbers 4096 4096 4096 4096

Virtual Firewall 64 64 128 128

SSL VPN Users 50 100 200 500

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 5 of 11

Table 2. Lists of features and performance of DPtech UTM2000-GM, GA, GE

and TS models:

Hardware Item UTM2000-GM-N UTM2000-GA-N UTM2000-GE-N UTM2000-TS-N

Interface 1xConsole ;

2xGE SFP,

6xGE Copper,

2xUSB

1xConsole ,

6xGE SFP,

6xGE Copper,

2xUSB

1xConsole, 12xGE SFP, 12xGE Copper, 2x10GE, 2xUSB

1xConsole, 12xGE SFP, 12xGE Copper, 2x10GE, 2xUSB

Slot 1 slot -- -- --

CF card 1GB 2GB 2GB 2GB

DDR SDRAM 2G 2G 2G 2G

Dimensions

(H W D)

44*430*261 mm 44.4*436*470

mm

88*436*470 mm 88*436*470 mm

Rated voltage Max

Current

100-240VAC;

1.5A

100-240VAC;

1.8A

100-240VAC; 4A

100-240VAC; 4A

Max Power

Consumption

54 W 150 W 300w 300w

MTBF 36 years 36 years 36 years 36 years

Operating Temperature

0C to 45C

(32 to 113F)

0C to 45C

(32 to 113F)

0C to 45C

(32 to 113F)

0C to 45C

(32 to 113F)

Relative Humidity 10% to 95% 10% to 95% 10% to 95% 10% to 95%

Weight 3.1 kg 8kg 10kg 10kg

Firewall Throughput 4Gbps 6Gbps 10Gbps 18Gbps

VPN Throughput 1Gbps 2Gbps 4Gbps 6Gbps

Anti-Virus

Throughput

500Mbps 1Gbps 6Gbps 10Gbps

IPS Throughput 500Mbps 1Gbps 6Gbps 10Gbps

Concurrent

Connections

1,500,000 2,000,000 3,000, 000 4,000, 000

New connections

Per second

60,000 100,000 150,000 200,000

IPSEC Tunnels 8,000 20,000 20,000 20,000

Max Policy 10,000 20,000 30,000 50,000

Security Zones 256 256 512 1024

VLAN Numbers 4096 4096 4096 4096

Virtual Firewall 256 256 512 1024

SSL VPN Users 1,000 3,000 5,000 10,000

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 6 of 11

Table 3 lists the features of DPtech UTM2000 series products

Item Description

Operating mode Routing mode

Transparent mode

Hybrid mode

Network Security AAA services RADIUS authentication

PKI/CA (x.509 format) authentication

Domain authentication

CHAP authentication

PAP authentication

Firewall Virtual firewall

Security zone configuration

Defense against attacks of ARP spoofing, invalid TCP flag, large ICMP packets, SYN flooding, address/port scanning.

Interface-based access control

Time range-based access control

Dynamic packet filtering

Static and dynamic blacklists

MAC-IP binding

MAC-based access control

Transportation of 802.1Q-tagged packets

Anti-virus Virus definition-based detection

Library upgrading manually and automatically

Flow handing mode

Supporting protocols of HTTP, FTP, SMTP, and POP3.

Preventing virus types of Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, Ad Ware, Virus

Supporting virus logs and reports

URL filtering Custom-defined URL filtering library

Supporting Java Blocking and ActiveX Blocking

Anti-SPAM Blacklist of IP addresses

Matching keywords of the mail address, attachment name, content, sender, and receiver

Application Identify

Supporting to identify P2P and IM applications like BT

IPS Preventing hiker attacks, worms, and Trojans.

Security logs and statistics

User behavior flow logs

NAT translation logs

Real-time logs of attacks

Blacklist logs

Address binding log

Traffic alarm logs

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 7 of 11

Item Description

Traffic statistics and analysis

Global/security zone-based connection rate monitoring

Global/security zone-based protocol packet rate monitoring

Events statistics

E-mail notification of real-time alarms

Information distribution through E-mail

NAT Many-to-one NAT

Many-to-many NAT

One-to-one NAT

Translation of source address and destination address

Accessing internal network from an external host

IP Masquerade

DNS mapping

NAT aging time

NAT ALG for multiple application protocols, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP

VPN L2TP VPN Initiating tunneling requests to specific LNS for users with fully qualified name or the domain name

Address allocation of VPN users

LCP re-negotiation and mandatory CHAP authentication

GRE VPN

IPSec/IKE AH/ESP protocols

Manual SA setup or through IKE

ESP supports encryption algorithms of DES, 3DES, AES

Algorithms of MD5 and SHA-1

IKE main mode and aggressive mode

NAT traversal

DPD detection

SSL VPN

Network connectivity

LAN protocols Ethernet_II

Ethernet_SNAP

802.1Q VLAN

Link layer protocol PPPoE

Network protocols IP services IPv4/v6

ARP

Domain name resolution

DHCP relay

DHCP server

DHCP client

IP routing Static routing

RIP v1/2

OSPF

BGP

Policy routing

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 8 of 11

Item Description

High reliability Support Active/Active and Active/Passive modes

Support VRRP

QoS Traffic policing Support LLQ, WRR and CBWFQ

Support WRED and CAR

Configuration management

CLI Local configuration through console port

Local or remote configuration through Telnet or SSH

Authorization of commands by user levels, so that unauthorized users cannot log in to the device

Detailed debugging information for troubleshooting

Login and management through Telnet

FTP Server/Client for downloading and uploading configuration files and application programs

Logging function

Configuration of user interface to configure authentication modes and authorize functions to users

Supporting SNMPv3, and is compatible with SNMPv2c and SNMPv1

Supporting time synchronization through NTP

Supporting Web-based management

Supporting SNMP and TR-069

Supporting management through DPtech UMC(Unified Management Center)

Restriction RoHS Comply

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 9 of 11

Order Information

Hardware and Advanced Service

Part No. Item Remarks

02050051 UTM2000-MS-N Host Required

53010091 UTM2000-MS-N,Application Signature Update Service,1 Year Optional

53010092 UTM2000-MS-N,AV Signature Update Service,1 Year Optional

53010093 UTM2000-MS-N,IPS Signature Update,1 Year Optional

52010094 UTM2000-MS-N,URL-Filter Signature Update Service,1 Year Optional

02050049 UTM2000-MA-N Host Required

53010087 UTM2000-MA-N,Application Signature Update Service,1 Year Optional

53010088 UTM2000-MA-N,AV Signature Update Service,1 Year Optional

53010089 UTM2000-MA-N,IPS Signature Update,1 Year Optional

53010090 UTM2000-MA-N,URL-Filter Signature Update Service,1 Year Optional

02050052 UTM2000-ME-N Host Required

53010083 UTM2000-ME-N,Application Signature Update Service,1 Year Optional

53010084 UTM2000-ME-N,AV Signature Update Service,1 Year Optional

53010085 UTM2000-ME-N,IPS Signature Update,1 Year Optional

53010086 UTM2000-ME-N,URL-Filter Signature Update Service,1 Year Optional

02050050 UTM2000-GS-N Host Required

53010079 UTM2000-GS-N,Application Signature Update Service,1 Year Optional

53010080 UTM2000-GS-N,AV Signature Update Service,1 Year Optional

53010081 UTM2000-GS-N,IPS Signature Update,1 Year Optional

53010082 UTM2000-GS-N,URL-Filter Signature Update Service,1 Year Optional

02050053 UTM2000-GM-N Host Required

53010075 UTM2000-GM-N,Application Signature Update Service,1 Year Optional

53010076 UTM2000-GM-N,AV Signature Update Service,1 Year Optional

53010077 UTM2000-GM-N,IPS Signature Update,1 Year Optional

53010078 UTM2000-GM-N,URL-Filter Signature Update Service,1 Year Optional

02050054 UTM2000-GA-N Host Required

53010071 UTM2000-GA-N,Application Signature Update Service,1 Year Optional

53010072 UTM2000-GA-N,AV Signature Update Service,1 Year Optional

53010073 UTM2000-GA-N,IPS Signature Update,1 Year Optional

53010074 UTM2000-GA-N,URL-Filter Signature Update Service,1 Year Optional

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 10 of 11

Part No. Item Remarks

TBA UTM2000-GE-N Host Required

TBA UTM2000-GE-N,Application Signature Update Service,1 Year Optional

TBA UTM2000-GE-N,AV Signature Update Service,1 Year Optional

TBA UTM2000-GE-N,IPS Signature Update,1 Year Optional

TBA UTM2000-GE-N,URL-Filter Signature Update Service,1 Year Optional

TBA UTM2000-TS-N Host Required

TBA UTM2000-TS-N,Application Signature Update Service,1 Year Optional

TBA UTM2000-TS-N,AV Signature Update Service,1 Year Optional

TBA UTM2000-TS-N,IPS Signature Update,1 Year Optional

TBA UTM2000-TS-N,URL-Filter Signature Update Service,1 Year Optional

SSL VPN License

53010137 SSL VPN 10 User License Optional

53010138 SSL VPN 50 User License Optional

53010139 SSL VPN 100 User License Optional

53010140 SSL VPN 250 User License Optional

53010141 SSL VPN 500 User License Optional

53010142 SSL VPN 1000 User License Optional

53010143 SSL VPN 2500 User License Optional

53030145 SSL VPN 5000 User License Optional

Interface Module

Interface module Remarks

02010023 4-Port 1000M Ethernet Electrical Interface Module Optional

02010036 4-Port 1000M Ethernet Optical Interface Module Optional

02010005 1000BASE-SX SFP Transceiver, Multi-Mode (850nm, 550m, LC) Optional

02010004 1000BASE-LX SFP Transceiver, Single Mode (1310nm, 10km, LC) Optional

02000013 1000BASE-LH40 SFP Transceiver, Single Mode (1310nm, 40km,

LC)

Optional

UTM2000 Data Sheet

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved. Page 11 of 11

02010014 1000BASE-LH40 SFP Transceiver, Single Mode (1550nm, 40km,

LC)

Optional

02010008 10GBASE-SR XFP Module, Multi-Mode (850nm, 300m, LC) Optional

02010018 10GBASE-LR/LW XFP Module, Single Mode (1310nm, 10km, LC) Optional

02010016 10GBASE-ER/EW XFP Module, Single Mode (1550nm, 40km, LC) Optional

Unified Management Center

Item Remarks

02010001 UMC Management Platform Software Optional

53010113 UMC Unified Threat Management t Manager License Optional

Note:

Required indicates that the item described is provided directly with the ordered host. The user does

not need to purchase it specially.

Optional indicates the item described should be purchased by the user if it is needed.

TBA refer to coming book opened .

Copyright 2008 DPtech Technologies,Co., Ltd. All rights reserved. The information contained herein is subject to change without notice. While every effort is made to

ensure the information given is accurate.

UTM2000/2011/05-1