GPO 125 Network Security/Firewall Appliance
„Next Generation UTM Appliances“
The “Next Generation UTM Appliances” from gateProtect are characterized by optimal scalability, security and performance. Thanks to a unique and patented eGUI technology, gateProtect sets standards when it comes to the configuration of modern security systems.
gateProtect’s eGUI technology raises operating security and efficiency to a previously unattained level. Furthermore, gateProtect is the only manufacturer worldwide to implement the ISO NORM 9241 standard.
Like all large gateProtect solutions, GPO 125 Next Generation UTM Appliances have extensive features including VLAN, Layer-8 technology, single sign-on, bridging, VPN SSL via x.509 certificates & VPN IPSec, IDS/ IPS, traffic shaping, antivirus, zero hour mail protection, web filtering and the very latest procedure oriented eGUI technology.
Manufacturer Part Number
GPO-125-UTM-12
Full Product Specifications
Note:
- The full product specifications below are from the manufacturer and may contain information related to other package quantities that will not apply to the product that you are reviewing. Please confirm the actual content and/or package quantity from the main product specifications page.
- These specifications may represent the entire product series/model/line to which this product belongs with specific configuration differences between the individual products stated.
- These specifications may have been copied from the same product in other region/country in which case there might be minor differences in region-specific data such as Input Voltage, Terms of Warranty etc.
Hardware Specifications
Dimensions DxWxH (mm): 154 x 252 x 44
Weight: 2,9 kg
Input Voltage: AC 100-240
Consumption (Full load): 30 W
Operating Temperature: C° 0~40
Firewall throughput: 200 Mbps
UTM throughput: 35 Mbps
VPN IPSec throughput: 70 Mbps
IDS / IPS throughput: 90 Mbps
Network interfaces: 4 Ports (3 Ports) 100 MBit: 4 (3)
Concurrent sessions: 150 000
New sessions per second: 2 500
Feature Specifications
Firewall
- Stateful inspection
- Connection-tracking TCP/UDP/ICMP
- SPI and proxy combinable
- Time controlled firewall rules, content filter and internet connection
- IP-ranges, IP-groups
- Layer7-filter
- Port-ranges
- Selfand predefined ports
- Supported protocols:
- TCP, UDP, ICMP, GRE, ESP, AH
- eGUI technology
- ISO 9241 certified
- visual feedback immediately supplied for each setting
- self-explanatory functions
- overview of all active services
- overview of the whole network
- Layer and zoom function
- Languages: English, German, French, Italian
- Role-based firewall administration
- Role-based statistic-client
- SSH-CLI
- Desktop configuration saved / restored separately from backup
- CLI on serial line
- Object oriented firewall configuration
- Ethernet 10/100/1000/10 000 Mbit/s
- Twisted-Pair / Fibre-Optics
- MTU changeable (Ethernet/DSL)
- PPPoE, PPTPoE
- ISDN
- PPP-PAP, PPP-CHAP authentication
- Inactivity timeout
- Forced disconnect time
- Cablemodem, xDSL
- Concurrent connections
- Backup-connections
- Connection availability check
- Loadbalancing
- Time controlled internet connections
- Manual and automatic DNS assignment
- Multiple dyn-DNS support
- Supports 8 different dyn-DNS-services
- Source based routing
- Routing protocols RIP, OSPF
- Active Directory supported
- Active Directory groups integration
- OpenLDAP supported
- Local userdatabase
- Web-interface authentication (port changeable)
- Windows-client authentication
- Authentication on domain login
- Single sign on with Kerberos
- Singleand multi login
- Login and logoff auditing
- Userand group statistics
- DHCP-relay
- DHCP-client
- DHCP-server (dynamic and fixed IP)
- Port forwarding
- PAT
- Dedicated DMZ-links
- DMZ-wizard
- Proxy supported (SMTP)
- Max. 4094 VLAN per interface possible
- 802.1q ethernet header tagging
- Combinable with bridging
- OSI-layer 2 firewall-function
- Spanning tree (bride-ID, port-cost)
- Unlimited bridges
- Unlimited interfaces per bridge
- Combinable with VPN-SSL
- Upand download shapeable
- Multiple internet connection separately shapeable
- All services separately shapeable
- Maximum and guaranteed bandwidth adjustable
- QoS with TOS-flags supported
- QoS inside VPN connection supported
- HTTP (transparent or intransparent)
- Support for Radius-server, AD-server, local user-database
- FTP,POP3,SMTP,SIP
- Integrated URL-/ content-filter
- Integrated antivirus-filter
- Integrated spam-filter
- Time-controlled
- HTTP, FTP, POP3, SMTP
- Scans compressed data and archives
- Scans ISO 9660-files
- Exceptions definable
- Manual and automatic updates
- URL-filter
- Content-filter
- Block rules up to user-level
- Black-/ white-lists
- Im/ export of URL-lists
- File-extension blocking
- Category-based website-blocking
- Self definable categories
- Scan-technology with online-database
- Transparent HTTP-proxy support
- Intransparent HTTP-proxy support
- Online-scanner
- Scan-level adjustable
- Real-time-detection-center
- Black/ white-email-sender-lists
- Mail-filter
- Black/ white-email-recipients-lists
- Automatically reject emails
- Automatically delete emails
- AD-email-addresses import
- Active-passive HA
- Synchronisation on single / multiple dedicated links
- Manually switch roles
- Snort scan-engine
- 5000+ IDS-pattern
- Individual custom rules
- Security-level adjustable
- Rule groups selectable
- Exceptions definable
- Scanning of all interfacesEmail on IDS events
- DoS, DDoS, portscan protection
- Invalid network packet protection Backup
- Remote backup creation
- Small backup files (kb)
- Remote backup restore
- Restore backup on installation
- Automatic and time based creation of backups
- Automatic upload of backups on FTPor SCP-Server
- Auto-install-USB-stick with backup integrated
- System-Info
- CPU/ memory usage
- Long-term-statistic
- HDD-status (partitions, usage, RAID)
- Network status (interfaces, routing, traffic, errors)
- Process-monitoring
- VPN-monitoring
- User-authentication-monitoring
- Email notification
- Logging to multiple syslog-servers
- Categorized messages
- Report in admin-client (with filter)
- Export report to CSV-files
- SNMPv2c
- SNMP-traps
- Auditing of:
- CPU / Memory
- HDD / RAID
- Ethernet-interfaces
- Internet-connections
- VPN-tunnel
- Users
- Statistics, Updates
- DHCP
- HA
- IP and IP-group statistic
- Separate services
- Single user / groups
- TOP-lists (surfcontrol)
- IDS-statistics
- Traffic-statistics
- Antivirus/ antispam-statistics
- Defence statistics
- Export statistic to CSV-files
- VPN-wizard
- Certificate-wizard
- IPSec
- Site-to-site
- Client-to-Site (Road warrior)
- Tunnel-Mode
- IKEv1, IKEv2
- PSK
- X.509-certificates
- 3DES, AES (128, 192, 256) Blowfish (128, 192, 256)
- DPD (Dead Peer Detection)
- NAT-T
- Compression
- PFS (Perfect Forward Secrecy)
- MD5, SHA1, SHA2 (256, 384, 512)
- Diffi Hellman group (1, 2, 5, 14, 15, 16,17,18)
- export to One-Click-Connection
- XAUTH, L2TP
- SSL
- Site-to-site
- Client-to-Site (Road warrior)
- Routing-Mode-VPN
- Bridge-Mode-VPN
- X.509-certificates
- TCP/UDP port changeable
- Compression
- specify WINSand DNS-servers
- 3DES, AES (128, 192, 256) CAST5, Blowfish
- Export to One-Click-Connection
- PPTP
- Windows-PPTP compatible
- Specify WINSand DNS-servers
- MSCHAPv2
- X.509 certificates
- CRL
- OCSP
- Templates
- Multi CA support
- Multi host-cert. support
- IPSec-client
- SSL-client (OpenVPN)
- NAT-T
- AES (128, 192, 256), 3DES CAST, Blowfish
- X.509 certificates
- PSK
- One-Click-Connection
- Log-export
- eGUI technology, ISO 9241 certified
- Monitor 500+ firewalls
- Active configuration of 500+ firewalls
- VPN connections centrally creatable
- Singleand group-backup
- Plan automatic backup in groups
- Singleand group update & licensing
- Create and apply templates on multiple firewalls
- Certificate based 4096 bit encrypted connections to the firewallsDisplay settings of all firewalls
- Role based command center user management
- VPN-monitoriing