GateProtect WMZ 2500 Leaflet

xUTM appliances by gateProtect combine state-of-the-art security and network features such as 
firewalls, bridging, VLAN, single sign-on, traffic shaping, QoS, IPSec/SSL (X.509), IDS/IPS, web 
filtering, virus filtering, real-time spam detection, HTTPs proxy, and VPN Crypto acceleration in a 
single unified system. 

With its unique, patented eGUI

®

 technology (ergonomic Graphic User Interface) gateProtect‘s xUTM 

appliances increase the effective IT security in your business, set new standards in improving main-
tenance efficiency, and lower the resulting operating costs. 

Highly flexible, gateProtect xUTM appliances are perfectly suited to business networks of any size.

Clarity · Perfection · Security

-  Stateful inspection

-  Connection-tracking TCP/UDP/ICMP

-  SPI and proxy combinable

-  Time controlled firewall rules, 

  content filter and internet connection

-  IP-ranges, IP-groups

-  Layer7-filter

-  Port-ranges

-  Self- and predefined ports

-  Supported protocols:  

  TCP, UDP, ICMP, GRE, ESP, AH

Management
-  eGUI technology

    -  ISO 9241 certified

    -  visual feedback immediately supplied  

      for each setting

    -  self-explanatory functions

    -  overview of all active services

    -  overview of the whole network

    -  Layer and zoom function
-  Languages: English, German, French, Italian

-  Role-based firewall administration 

-  Role-based statistic-client

-  SSH-CLI

-  Desktop configuration saved / restored  

  separately from backup

-  CLI on serial line

-  Object oriented firewall configuration

-  Ethernet 10/100/1000/10 000 Mbit/s

-  Twisted-Pair / Fibre-Optics

-  MTU changeable (Ethernet/DSL)

-  PPPoE, PPTPoE

-  ISDN

-  PPP-PAP, PPP-CHAP authentication

-  Inactivity timeout

-  Forced disconnect time

-  Cablemodem, xDSL

-  Concurrent connections

-  Backup-connections

-  Connection availability check

-  Loadbalancing

-  Time controlled internet connections

-  Manual and automatic DNS assignment

-  Multiple dyn-DNS support

-  Supports 8 different dyn-DNS-services

-  Source based routing 

-  Routing protocols RIP, OSPF

-  Active Directory supported

-  Active Directory groups integration

-  OpenLDAP supported 

-  Local userdatabase

-  Web-interface authentication  

  (port changeable)

-  Windows-client authentication

-  Authentication on domain login

-  Single sign on with Kerberos

-  Single- and multi login

-  Login and logoff auditing

-  User- and group statistics

-

DHCP-relay

-  DHCP-client

-  DHCP-server (dynamic and fixed IP)

-  Port forwarding

-  PAT

-  Dedicated DMZ-links

-  DMZ-wizard

-  Proxy supported (SMTP) 

-  Max. 4094 VLAN per interface possible

-  802.1q ethernet header tagging

-  Combinable with bridging 

-  OSI-layer 2 firewall-function

-  Spanning tree (bride-ID, port-cost)

-  Unlimited bridges

-  Unlimited interfaces per bridge 

-  Combinable with VPN-SSL

-  Up- and  download shapeable

-  Multiple internet connection separately  

  shapeable

-  All services separately shapeable

-  Maximum and guaranteed bandwidth  

  adjustable

-  QoS with TOS-flags supported

-  QoS inside VPN connection supported

-  HTTP (transparent or intransparent)

-  Support for Radius-server, AD-server, 

  local user-database

-  HTTPS, FTP,POP3,SMTP,SIP

-  Integrated URL-/ content-filter

-  Integrated antivirus-filter

-  Integrated spam-filter

-  Time-controlled

-  HTTP, HTTPS, FTP, POP3, SMTP

-  Scans compressed data and archives

-  Scans ISO 9660-files

-  Exceptions definable

-  Manual and automatic updates

-  URL-filter

-  Content-filter

-  Block rules up to user-level

-  Black-/ white-lists

-  Im- / export of URL-lists

-  File-extension blocking

-  Category-based website-blocking 

-  Self definable categories

-  Scan-technology with online-database

-  Transparent HTTP-proxy support

-  Intransparent HTTP-proxy support

-  Online-scanner

-  Scan-level adjustable

-  Real-time-detection-center

-  Black- / white-email-sender-lists 

-  Mail-filter 

    -  Black- / white-email-recipients-lists

    -  Automatically reject emails

    -  Automatically delete emails 

    -  AD-email-addresses import 

-  Active-passive HA

-  Synchronisation on single / multiple  

  dedicated links  

-  Manually switch roles

-  Snort scan-engine

-  5000+ IDS-pattern

-  Security-level adjustable

-  Rule groups selectable

-  Exceptions definable

-  Email on IDS events

-  DoS, DDoS, portscan protection

-  Invalid network packet protection

-  Remote backup creation

-  Small backup files (kb) 

-  Remote backup restore

-  Restore backup on installation

-  Automatic and time based creation 

  of backups

-  Automatic upload of backups on FTP-  

  or SCP-Server

-  Auto-install-USB-stick with backup  

  integrated

-  System-Info

-  CPU- / memory usage 

-  Long-term-statistic

-  HDD-status (partitions, usage, RAID)

-  Network status (interfaces, routing, traffic, 

errors)

-  Process-monitoring

-  VPN-monitoring

-  User-authentication-monitoring

-  Email notification

-  Logging to multiple syslog-servers

-  Categorized messages 

-  Report in admin-client (with filter)

-  Export report to CSV-files

-  SNMPv2c

-  SNMP-traps

-  Auditing of:
    -  CPU / Memory

    -  HDD / RAID

    -  Ethernet-interfaces

    -  Internet-connections

    -  VPN-tunnel

    -  Users

    -  Statistics, updates

    -  DHCP

    -  HA

-  IP and IP-group statistic

-  Separate services 

-  Single user / groups

-  TOP-lists (surfcontrol)

-  IDS-statistics

-  Traffic-statistics

-  Antivirus- / antispam-statistics

-  Defence statistics

-  Export statistic to CSV-files

-  VPN-wizard

-  Certificate-wizard

IPSec

-  Site-to-site 

-  Client-to-Site (Road warrior)

-  Tunnel-Mode

-  IKEv1, IKEv2

-  PSK

-  X.509-certificates

-  3DES, AES (128, 192, 256)

  Blowfish (128, 192, 256)

-  DPD (Dead Peer Detection)

-  NAT-T

-  Compression

-  PFS (Perfect Forward Secrecy)

-  MD5, SHA1, SHA2 (256, 384, 512)

-  Diffi Hellman group 

  (1, 2, 5, 14, 15, 16,17,18)

-  export to One-Click-Connection

-  XAUTH, L2TP

SSL

-  Site-to-site

-  Client-to-Site (Road warrior)

-  Routing-Mode-VPN

-  Bridge-Mode-VPN

-  X.509-certificates

-  TCP/UDP port changeable

-  Compression

-  specify WINS- and DNS-servers

-  3DES, AES (128, 192, 256)

  CAST5, Blowfish

-  Export to One-Click-Connection

PPTP

-  Windows-PPTP compatible

-  Specify WINS- and DNS-servers

-  MSCHAPv2

X.509 certificates

-  CRL

-  OCSP

-  Templates

-  Multi CA support

-  Multi host-cert. support

-  IPSec-client

-  SSL-client (OpenVPN)

-  NAT-T

-  AES (128, 192, 256), 3DES

  CAST,  Blowfish

-  X.509 certificates

-  PSK

-  One-Click-Connection

-  Log-export

-  eGUI technology, ISO 9241 certified

-  Monitor 500+ firewalls

-  Active configuration of 500+ firewalls

-  VPN connections centrally creatable

-  Single- and group-backup

-  Plan automatic backup in groups

-  Single- and group update & licensing

-  Create and apply templates on multiple  

  firewalls

-  Certificate based 4096 bit encrypted  

  connections to the firewalls

-  Display settings of all firewalls

-  Role based command center user  

  management

-  VPN-monitoring

March 2010