GateProtect WMX 800 Leaflet
xUTM appliances by gateProtect combine state-of-the-art security and network features such as
firewalls, bridging, VLAN, single sign-on, traffic shaping, QoS, IPSec/SSL (X.509), IDS/IPS, web
filtering, virus filtering, real-time spam detection, HTTPs proxy, and VPN Crypto acceleration in a
single unified system.
firewalls, bridging, VLAN, single sign-on, traffic shaping, QoS, IPSec/SSL (X.509), IDS/IPS, web
filtering, virus filtering, real-time spam detection, HTTPs proxy, and VPN Crypto acceleration in a
single unified system.
With its unique, patented eGUI
®
technology (ergonomic Graphic User Interface) gateProtect‘s xUTM
appliances increase the effective IT security in your business, set new standards in improving main-
tenance efficiency, and lower the resulting operating costs.
tenance efficiency, and lower the resulting operating costs.
Highly flexible, gateProtect xUTM appliances are perfectly suited to business networks of any size.
Feature Specifications
Clarity · Perfection · Security
Firewall
- Stateful inspection
- Connection-tracking TCP/UDP/ICMP
- SPI and proxy combinable
- Time controlled firewall rules,
content filter and internet connection
- IP-ranges, IP-groups
- Layer7-filter
- Port-ranges
- Self- and predefined ports
- Supported protocols:
TCP, UDP, ICMP, GRE, ESP, AH
Management
- eGUI technology
- eGUI technology
- ISO 9241 certified
- visual feedback immediately supplied
for each setting
- self-explanatory functions
- overview of all active services
- overview of the whole network
- Layer and zoom function
- Languages: English, German, French, Italian
- Languages: English, German, French, Italian
- Role-based firewall administration
- Role-based statistic-client
- SSH-CLI
- Desktop configuration saved / restored
separately from backup
- CLI on serial line
- Object oriented firewall configuration
LAN / WAN-support
- Ethernet 10/100/1000/10 000 Mbit/s
- Twisted-Pair / Fibre-Optics
- MTU changeable (Ethernet/DSL)
- PPPoE, PPTPoE
- ISDN
- PPP-PAP, PPP-CHAP authentication
- Inactivity timeout
- Forced disconnect time
- Cablemodem, xDSL
- Concurrent connections
- Backup-connections
- Connection availability check
- Loadbalancing
- Time controlled internet connections
- Manual and automatic DNS assignment
- Multiple dyn-DNS support
- Supports 8 different dyn-DNS-services
- Source based routing
- Routing protocols RIP, OSPF
User authentication
- Active Directory supported
- Active Directory groups integration
- OpenLDAP supported
- Local userdatabase
- Web-interface authentication
(port changeable)
- Windows-client authentication
- Authentication on domain login
- Single sign on with Kerberos
- Single- and multi login
- Login and logoff auditing
- User- and group statistics
DHCP
-
DHCP-relay
- DHCP-client
- DHCP-server (dynamic and fixed IP)
DMZ
- Port forwarding
- PAT
- Dedicated DMZ-links
- DMZ-wizard
- Proxy supported (SMTP)
VLAN
- Max. 4094 VLAN per interface possible
- 802.1q ethernet header tagging
- Combinable with bridging
Bridge-mode
- OSI-layer 2 firewall-function
- Spanning tree (bride-ID, port-cost)
- Unlimited bridges
- Unlimited interfaces per bridge
- Combinable with VPN-SSL
Traffic shaping
- Up- and download shapeable
- Multiple internet connection separately
shapeable
- All services separately shapeable
- Maximum and guaranteed bandwidth
adjustable
- QoS with TOS-flags supported
- QoS inside VPN connection supported
Proxies
- HTTP (transparent or intransparent)
- Support for Radius-server, AD-server,
local user-database
- HTTPS, FTP,POP3,SMTP,SIP
- Integrated URL-/ content-filter
- Integrated antivirus-filter
- Integrated spam-filter
- Time-controlled
Antivirus
- HTTP, HTTPS, FTP, POP3, SMTP
- Scans compressed data and archives
- Scans ISO 9660-files
- Exceptions definable
- Manual and automatic updates
Web-filter
- URL-filter
- Content-filter
- Block rules up to user-level
- Black-/ white-lists
- Im- / export of URL-lists
- File-extension blocking
- Category-based website-blocking
- Self definable categories
- Scan-technology with online-database
- Transparent HTTP-proxy support
- Intransparent HTTP-proxy support
Antispam
- Online-scanner
- Scan-level adjustable
- Real-time-detection-center
- Black- / white-email-sender-lists
- Mail-filter
- Black- / white-email-recipients-lists
- Automatically reject emails
- Automatically delete emails
- AD-email-addresses import
High availability
- Active-passive HA
- Synchronisation on single / multiple
dedicated links
- Manually switch roles
IDS/IPS
- Snort scan-engine
- 5000+ IDS-pattern
- Security-level adjustable
- Rule groups selectable
- Exceptions definable
- Email on IDS events
- DoS, DDoS, portscan protection
- Invalid network packet protection
Backup
- Remote backup creation
- Small backup files (kb)
- Remote backup restore
- Restore backup on installation
- Automatic and time based creation
of backups
- Automatic upload of backups on FTP-
or SCP-Server
- Auto-install-USB-stick with backup
integrated
Monitoring
- System-Info
- CPU- / memory usage
- Long-term-statistic
- HDD-status (partitions, usage, RAID)
- Network status (interfaces, routing, traffic,
errors)
- Process-monitoring
- VPN-monitoring
- User-authentication-monitoring
Logging, reporting
- Email notification
- Logging to multiple syslog-servers
- Categorized messages
- Report in admin-client (with filter)
- Export report to CSV-files
SNMP
- SNMPv2c
- SNMP-traps
- Auditing of:
- CPU / Memory
- CPU / Memory
- HDD / RAID
- Ethernet-interfaces
- Internet-connections
- VPN-tunnel
- Users
- Statistics, updates
- DHCP
- HA
Statistics
- IP and IP-group statistic
- Separate services
- Single user / groups
- TOP-lists (surfcontrol)
- IDS-statistics
- Traffic-statistics
- Antivirus- / antispam-statistics
- Defence statistics
- Export statistic to CSV-files
VPN
- VPN-wizard
- Certificate-wizard
IPSec
- Site-to-site
- Client-to-Site (Road warrior)
- Tunnel-Mode
- IKEv1, IKEv2
- PSK
- X.509-certificates
- 3DES, AES (128, 192, 256)
Blowfish (128, 192, 256)
- DPD (Dead Peer Detection)
- NAT-T
- Compression
- PFS (Perfect Forward Secrecy)
- MD5, SHA1, SHA2 (256, 384, 512)
- Diffi Hellman group
(1, 2, 5, 14, 15, 16,17,18)
- export to One-Click-Connection
- XAUTH, L2TP
SSL
- Site-to-site
- Client-to-Site (Road warrior)
- Routing-Mode-VPN
- Bridge-Mode-VPN
- X.509-certificates
- TCP/UDP port changeable
- Compression
- specify WINS- and DNS-servers
- 3DES, AES (128, 192, 256)
CAST5, Blowfish
- Export to One-Click-Connection
PPTP
- Windows-PPTP compatible
- Specify WINS- and DNS-servers
- MSCHAPv2
X.509 certificates
- CRL
- OCSP
- Templates
- Multi CA support
- Multi host-cert. support
VPN-client
- IPSec-client
- SSL-client (OpenVPN)
- NAT-T
- AES (128, 192, 256), 3DES
CAST, Blowfish
- X.509 certificates
- PSK
- One-Click-Connection
- Log-export
Command center
- eGUI technology, ISO 9241 certified
- Monitor 500+ firewalls
- Active configuration of 500+ firewalls
- VPN connections centrally creatable
- Single- and group-backup
- Plan automatic backup in groups
- Single- and group update & licensing
- Create and apply templates on multiple
firewalls
- Certificate based 4096 bit encrypted
connections to the firewalls
- Display settings of all firewalls
- Role based command center user
management
- VPN-monitoring
Feature overview V8.6
- xUTM Appliances
March 2010