GateProtect GPA 300 GPA-300-UN Leaflet
Product codes
GPA-300-UN
The Next Generation UTM Appliances from gateprotect are characterized by optimal scalability, security and performance.
Thanks to a unique and patented eGUI
Thanks to a unique and patented eGUI
®
Technology, gateprotect sets standards when it comes to the confi guration of modern security systems.
gateprotect’s eGUI
®
Technology raises operating security and effi ciency to a previously unattained level. Furthermore, gateprotect is the only
manufacturer worldwide to implement the ISO NORM 9241 standard. gateprotect was recently honored with the Frost & Sullivan Best Practices Award 2011.
“gateprotect provides UTM products that stand-out from the competition due to their ease-of-use and
security effectiveness. The gateprotect ergonomic graphical user interface (eGUI) provides the most
intuitive and effective visual UTM management interface available in the marketplace.”
security effectiveness. The gateprotect ergonomic graphical user interface (eGUI) provides the most
intuitive and effective visual UTM management interface available in the marketplace.”
Frost & Sullivan, August 2011
Feature Specifi cations
2011
GLOBAL UNIFIED THREAT MANAGEMENT
PRODUCT DIFFERENTIATION EXCELLENCE AWARD
MANAGEMENT
- Role based Firewall Administration
- SSH-CLI
- Desktop confi guration saved / restored
- SSH-CLI
- Desktop confi guration saved / restored
separately from backup
- Object oriented fi rewall confi guration
- Direct Client Update function
- Direct Client Update function
Ergonomic Graphic User Interface
- ISO 9241 compliant
- Immediate visual feedback for each setting
- Self-explanatory functions
- Overview of all active services
- Overview of the whole network
- Layer and zoom function
- ISO 9241 compliant
- Immediate visual feedback for each setting
- Self-explanatory functions
- Overview of all active services
- Overview of the whole network
- Layer and zoom function
LAN / WAN-SUPPORT
- Ethernet 10/100 MBits/s
- Gigabit Ethernet
- MTU changeable (Ethernet/DSL)
- PPP-PAP, PPP-CHAP authentication
- Inactivity timeout / Forced disconnect time
- xDSL
- Multi WAN support
- WAN failover
- Loadbalancing
- Time controlled internet connections
- Manual and automatic DNS assignment
- Multiple dynDNS support
- Source based routing
- Routing protocols RIP, OSPF
- DHCP
- DMZ
- Gigabit Ethernet
- MTU changeable (Ethernet/DSL)
- PPP-PAP, PPP-CHAP authentication
- Inactivity timeout / Forced disconnect time
- xDSL
- Multi WAN support
- WAN failover
- Loadbalancing
- Time controlled internet connections
- Manual and automatic DNS assignment
- Multiple dynDNS support
- Source based routing
- Routing protocols RIP, OSPF
- DHCP
- DMZ
VLAN
- 4094 VLAN per interface
- 802.1q ethernet header tagging
- Combinable with bridging
- 4094 VLAN per interface
- 802.1q ethernet header tagging
- Combinable with bridging
Bridge-mode
- OSI-Layer 2 fi rewall function
- Spanning tree (bride-ID, port-cost)
- Unlimited interfaces per bridge
- Combinable with VPN-SSL
- OSI-Layer 2 fi rewall function
- Spanning tree (bride-ID, port-cost)
- Unlimited interfaces per bridge
- Combinable with VPN-SSL
MONITORING
- System Info (CPU, HDD, RAM)
- Network (interfaces, routing, traffi c, errors)
- Processes
- VPN
- User Authentication
- Network (interfaces, routing, traffi c, errors)
- Processes
- VPN
- User Authentication
SNMP
- SNMPv2c
- SNMP-traps
- HA*
- SNMPv2c
- SNMP-traps
- HA*
UNIFIED THREAT MANAGEMENT
Web-fi lter
- URL-Filter with safe search enforcement
- Content Filter
- Block rules up to user-level
- Black-/ White lists
- Import / Export of URL lists
- File Extension blocking
- Category based website-blocking
- Self defi nable categories
- Scan technology with online-database
- Intransparent HTTP-proxy support
- URL-Filter with safe search enforcement
- Content Filter
- Block rules up to user-level
- Black-/ White lists
- Import / Export of URL lists
- File Extension blocking
- Category based website-blocking
- Self defi nable categories
- Scan technology with online-database
- Intransparent HTTP-proxy support
Application Control
- Layer 7 Packet fi lter (DPI)
- Filter Applications instead of ports
- Detection & Control of Skype, Bittorrent
and others as well as Web 2.0 Applications
like Facebook
- Layer 7 Packet fi lter (DPI)
- Filter Applications instead of ports
- Detection & Control of Skype, Bittorrent
and others as well as Web 2.0 Applications
like Facebook
Antivirus
- Kaspersky Anti-Virus Engine
- Complete Protection from all malware
- HTTP, HTTPS
- FTP, POP3, SMTP
- Exceptions defi nable
- Manual and automatic updates
- Kaspersky Anti-Virus Engine
- Complete Protection from all malware
- HTTP, HTTPS
- FTP, POP3, SMTP
- Exceptions defi nable
- Manual and automatic updates
Antispam
- Scan-level adjustable
- Real-time Spam Detection
- GlobalView Cloud using Recurrent
- Scan-level adjustable
- Real-time Spam Detection
- GlobalView Cloud using Recurrent
Pattern Detection (RPD)
- Mail Filter
- Black- / White lists
- Automatically reject/delete emails
- AD Email address import
- Black- / White lists
- Automatically reject/delete emails
- AD Email address import
Intrusion Prevention
- Individual custom rules
- Security-level adjustable
- Rule groups selectable
- Exceptions defi nable
- Scanning of all interfaces
- DoS, portscan protection
- Malicious network packet protection
- Individual custom rules
- Security-level adjustable
- Rule groups selectable
- Exceptions defi nable
- Scanning of all interfaces
- DoS, portscan protection
- Malicious network packet protection
Proxies
- HTTP (transparent or intransparent)
- HTTPS
- Support for Radius server, AD server,
local user database
- FTP, POP3, SMTP, SIP
- Time-controlled
- HTTP (transparent or intransparent)
- HTTPS
- Support for Radius server, AD server,
local user database
- FTP, POP3, SMTP, SIP
- Time-controlled
HIGH AVAILABILITY
- Active-passive HA
- State synchronization
- Single and Multiple dedicated links support
- Stateful Failover
- State synchronization
- Single and Multiple dedicated links support
- Stateful Failover
VPN
- VPN wizard
- Certifi cate wizard
- Site-to-Site
- Client-to-Site (Road Warrior)
- PPTP
- Export to One-Click-Connection
- Certifi cate wizard
- Site-to-Site
- Client-to-Site (Road Warrior)
- PPTP
- Export to One-Click-Connection
X.509 certifi cates
- CRL
- OCSP
- Multi CA support
- Multi Host-cert support
- CRL
- OCSP
- Multi CA support
- Multi Host-cert support
IPSec
- Tunnel mode
- IKEv1, IKEv2
- PSK / Certifi cates
- DPD (Dead Peer Detection)
- NAT-T
- XAUTH, L2TP
- Tunnel mode
- IKEv1, IKEv2
- PSK / Certifi cates
- DPD (Dead Peer Detection)
- NAT-T
- XAUTH, L2TP
SSL
- Routing mode VPN
- Bridge mode VPN
- TCP/UDP
- Specify WINS- and DNS-Servers
- Routing mode VPN
- Bridge mode VPN
- TCP/UDP
- Specify WINS- and DNS-Servers
USER AUTHENTICATION
- Active Directory / OpenLDAP support
- Local User database
- Web-interface authentication
- Windows-client authentication
- Single sign on with Kerberos
- Single- and Multi login
- Web Landing page
- Local User database
- Web-interface authentication
- Windows-client authentication
- Single sign on with Kerberos
- Single- and Multi login
- Web Landing page
TRAFFIC SHAPING / QOS
- Multiple Internet connections separately
shapeable
- All services separately shapeable
- Maximum and guaranteed bandwidth
adjustable
- QoS with TOS-fl ags support
- QoS inside VPN connection support
shapeable
- All services separately shapeable
- Maximum and guaranteed bandwidth
adjustable
- QoS with TOS-fl ags support
- QoS inside VPN connection support
BACKUP & RECOVERY
- Small backup fi les
- Remote backup & restore
- Restore backup on installation
- Automatic and time based backups
- Automatic upload of backups on FTP-
or SCP-Server
- USB Drive recovery option
- Remote backup & restore
- Restore backup on installation
- Automatic and time based backups
- Automatic upload of backups on FTP-
or SCP-Server
- USB Drive recovery option
LOGS, REPORTS, STATISTICS
- Email Reporting
- Logging to multiple syslog-servers
- Logs in admin-client (with fi lter)
- Export to CSV-fi les
- IP and IP-group statistics
- Separate services
- Single user / groups
- TOP-lists (Surfcontrol)
- IDS- / Traffi c-statistics
- Application Control traffi c statistics
- Antivirus- / Antispam-statistics
- Defence statistics
- Logging to multiple syslog-servers
- Logs in admin-client (with fi lter)
- Export to CSV-fi les
- IP and IP-group statistics
- Separate services
- Single user / groups
- TOP-lists (Surfcontrol)
- IDS- / Traffi c-statistics
- Application Control traffi c statistics
- Antivirus- / Antispam-statistics
- Defence statistics
COMMAND CENTER
- Monitor & Active Confi guration of
500+ fi rewalls
- Central Confi guration and Monitoring
of VPN Connections
- Single and group backup
- Plan automatic backup in groups
- Single and group update & licensing
- Create confi guration templates and
apply on multiple fi rewalls
- Certifi cate Authority
- Certifi cate based 4096 bit encrypted
connections to the fi rewalls
- Display settings of all fi rewalls
- Role based User Management
500+ fi rewalls
- Central Confi guration and Monitoring
of VPN Connections
- Single and group backup
- Plan automatic backup in groups
- Single and group update & licensing
- Create confi guration templates and
apply on multiple fi rewalls
- Certifi cate Authority
- Certifi cate based 4096 bit encrypted
connections to the fi rewalls
- Display settings of all fi rewalls
- Role based User Management
FEATURE OVERVIEW
Next Generation UTM Appliances