Вы находитесь на странице: 1из 11

Application as Network

UTM2000 Data Sheet

DPtech Unified Threat Management 2000 Series


Unified Threat Management 2000 provides unified threat prevention solutions for 100 Mbps,
Gigabit and 10-Gigabit network environments.
Most of the security problems are impacting users network, such as unauthorized access,
virus, Trojan, spyware, vulnerability attacks, unauthorized web visit, spam, and bandwidth
abuse. These problems often cause service interruption. To address these problems,
DPtech has developed UTM2000 Series UTMs. This series integrates firewall, VPN,
intrusion detection and prevention, anti-virus, content filtering, spam prevention, application
control and behavior auditing on one platform. By upgrading the signature database of
individual module, this series can provide security defense from Layer 2 to Layer 7, so it is
the most feature-rich UTM in the world.
To ensure that the high performance will not be affected with all security features being
enabled, this series adopts high performance multi-core, multi-thread security architecture,
which makes the products cost-effective. This series rigidly conforms to the EU Restriction of
Hazardous Substances Directive (RoHS), therefore, it is the best choice for enterprises that
want to choose green and secure products.

Product Overview
The DPtech UTM2000 series products are new
generation of United Threat Management device
designed for small- and medium-sized enterprises
and branches. It uses the multi-core processor and

UTM2000-MS-N

multi-thread technology to construct a


high-performance platform. Besides the legacy
firewall and VPN functions, the product provides

UTM2000-MA-N

more security services such as anti-virus, IPS, URL


filtering, anti-SPAM, P2P/IM application flow control,
and user behavior auditing. The design allows the
product to provide all security features without

UTM2000-ME-N

affecting the system performance, and thus makes


it a cost-effective product. The UTM2000 not only
protects the network effectively, but also supports
management through SNMP and TR-069. This

UTM2000-GS-N

greatly reduces the operation cost and complexity.

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 1 of 11

UTM2000 Data Sheet

The following are the DPtech UTM2000 series products portfolio.

Features and Benefits


Comprehensive support for FW/VPN feature
Enhanced firewall functions: The UTM2000

UTM2000-GM-N

series products provide such basic functions as


security zone configuration, static/dynamic blacklist,
MAC-IP binding, ACL application, and instruction
prevention. In addition, it offers enhanced functions

UTM2000-GA-N

like status-based filtering, virtual firewall, and


transportation of 802.1Q-tagged packets. It protects
the network against attacks of ARP spoofing, invalid

UTM2000-GE-N

TCP flag, large ICMP packets, Challenge Collapse


(CC), SYN flooding, address/port scanning.

UTM2000-TS-N
Abundant VPN features: The UTM2000 series
products support access through L2TP, GRE, IPSec VPN, and SSL VPN. The integrated
hardware encryption engine implements VPN handling of high performance.

Full support of NAT applications: The UTM2000 series products support NAT applications
including many-to-one, many-to-many, static NAT, dual translation, IP Masquerade and
DNS mapping. It supports NAT traversal with multiple protocols, and delivers NAT ALG
functions such as DNS, FTP, SIP, RTSP, H.323, and NBT.

High available feature: supports the modes of active/active and active/passive,


implementing load balancing and service backup.

Meantime Between Failure (MTBF): Up to 36 years.

Easy-to-use Web-based management system; Management based on SNMP and


TR-069; support Centralized management by UMC (Unified Management Center).

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 2 of 11

UTM2000 Data Sheet

Advanced Security Service


Powerful intrusion prevention capability: The UTM2000 series products provide more
than 4000 IPS signatures. It can exactly identify and prevent various network attacks and
abuses.

Real-time anti-virus: The UTM2000 series products adopt Kaspersky's anti-virus engine to
detect and remove codes of malicious attacks in time.

Real-time anti-SPAM: The UTM2000 series products filter spam in real time, which purify
your mai system.

URL filtering: The UTM2000 series products implements user-based URL access control to
deny access to unauthorized Websites, such as the phishing websites.

Applications identify and control: The UTM2000 series products identify P2P and IM
applications of BitTorrent, Thunder, MSN, QQ, and so on. It also supports alarms, rate
limiting, and interruption to ensure the operation of core services.

Behavior auditing: The UTM2000 series products audit the applications of P2P, instant
message, web game, mails, and data transmission, and generate logs to implement
behavior auditing in granularity.

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 3 of 11

UTM2000 Data Sheet

Product Specifications
Table 1. Lists of features and performance of DPtech UTM2000-MS, MA, ME
and GS models:
UTM2000-MS-N

UTM2000-MA-N

UTM2000-ME-N

UTM2000-GS-N

Interface

1xConsole ,
8xGE Copper ,
2xUSB

1xConsole ,
8xGE Copper ,
2xUSB

1xConsole , 8xGE
Copper , 2xUSB

1xConsole,
2xGE SFP, 6xGE
Copper, 2xUSB

Slot

2 slot

2 slot

2 slot

1 slot

CF card

1GB

1GB

1GB

1GB

DDR SDRAM

2G

2G

2G

2G

Dimensions
(H W D)

44*430*261 mm

44*430*261 mm

44*430*261 mm

44*430*261 mm

Rated voltage Max


Current

100-240VAC;
1.5A

100-240VAC;
1.5A

100-240VAC;
1.5A

100-240VAC;
1.5A

Max Power
Consumption

54 W

54 W

54 W

54 W

MTBF

36 years

36 years

36 years

36 years

Operating
Temperature

0C to 45C

0C to 45C

0C to 45C

0C to 45C

(32 to 113F)

(32 to 113F)

(32 to 113F)

(32 to 113F)

Relative Humidity

10% to 95%

10% to 95%

10% to 95%

10% to 95%

Weight

3.1 kg

3.1 kg

3.1 kg

3.1 kg

Firewall
Throughput

300Mbps

600Mbps

1Gbps

2Gbps

VPN Throughput

100Mbps

200Mbps

300Mbps

600Mbps

Anti-Virus
Throughput

50Mbps

100Mbps

200Mbps

300Mbps

IPS Throughput

50Mbps

100Mbps

200Mbps

300Mbps

Concurrent
Connections

300,000

500,000

800,000

1,000,000

New Connections
Persecond

10,000

15,000

20,000

32,000

IPSEC Tunnels

1000

1000

1000

8000

Max Policy

10,000

10,000

10,000

10,000

Security Zones

64

64

128

128

VLAN numbers

4096

4096

4096

4096

Virtual Firewall

64

64

128

128

SSL VPN Users

50

100

200

500

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 4 of 11

UTM2000 Data Sheet

Table 2. Lists of features and performance of DPtech UTM2000-GM, GA, GE


and TS models:

Hardware Item

UTM2000-GM-N

UTM2000-GA-N

UTM2000-GE-N

Interface

1xConsole ;
2xGE SFP,
6xGE Copper,
2xUSB

1xConsole ,
6xGE SFP,
6xGE Copper,
2xUSB

1xConsole,
12xGE SFP,
12xGE Copper,
2x10GE,
2xUSB

1xConsole,
12xGE SFP,
12xGE Copper,
2x10GE,
2xUSB

Slot

1 slot

--

--

CF card

1GB

2GB

2GB

2GB

DDR SDRAM

2G

2G

2G

2G

Dimensions
(H W D)

44*430*261 mm

44.4*436*470
mm

88*436*470 mm

88*436*470 mm

Rated voltage Max


Current

100-240VAC;
1.5A

100-240VAC;
1.8A

100-240VAC;
4A

100-240VAC;

Max Power
Consumption

54 W

150 W

300w

300w

MTBF

36 years

36 years

36 years

36 years

Operating
Temperature

0C to 45C

0C to 45C

0C to 45C

0C to 45C

(32 to 113F)

(32 to 113F)

(32 to 113F)

(32 to 113F)

Relative Humidity

10% to 95%

10% to 95%

10% to 95%

10% to 95%

Weight

3.1 kg

8kg

10kg

10kg

Firewall Throughput

4Gbps

6Gbps

10Gbps

18Gbps

VPN Throughput

1Gbps

2Gbps

4Gbps

6Gbps

Anti-Virus
Throughput

500Mbps

1Gbps

6Gbps

10Gbps

IPS Throughput

500Mbps

1Gbps

6Gbps

10Gbps

Concurrent
Connections

1,500,000

2,000,000

3,000, 000

4,000, 000

New connections
Per second

60,000

100,000

150,000

200,000

IPSEC Tunnels

8,000

20,000

20,000

20,000

Max Policy

10,000

20,000

30,000

50,000

Security Zones

256

256

512

1024

VLAN Numbers

4096

4096

4096

4096

Virtual Firewall

256

256

512

1024

SSL VPN Users

1,000

3,000

5,000

10,000

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

--

UTM2000-TS-N

Page 5 of 11

4A

UTM2000 Data Sheet

Table 3 lists the features of DPtech UTM2000 series products


Item

Description

Operating mode

Routing mode

Transparent mode

Hybrid mode

Network Security

RADIUS authentication

PKI/CA (x.509 format) authentication

Domain authentication

CHAP authentication

PAP authentication

Virtual firewall

Security zone configuration

Defense against attacks of ARP spoofing, invalid TCP


flag, large ICMP packets, SYN flooding, address/port
scanning.

Interface-based access control

Time range-based access control

Dynamic packet filtering

Static and dynamic blacklists

MAC-IP binding

MAC-based access control

Transportation of 802.1Q-tagged packets

Virus definition-based detection

Library upgrading manually and automatically

Flow handing mode

Supporting protocols of HTTP, FTP, SMTP, and POP3.

Preventing virus types of Backdoor, Email-Worm,


IM-Worm, P2P-Worm, Trojan, Ad Ware, Virus

Supporting virus logs and reports

Custom-defined URL filtering library

Supporting Java Blocking and ActiveX Blocking

Blacklist of IP addresses

Matching keywords of the mail address, attachment


name, content, sender, and receiver

Application
Identify

Supporting to identify P2P and IM applications like BT

IPS

Preventing hiker attacks, worms, and Trojans.

Security logs
and statistics

User behavior flow logs

NAT translation logs

Real-time logs of attacks

Blacklist logs

Address binding log

Traffic alarm logs

AAA services

Firewall

Anti-virus

URL filtering

Anti-SPAM

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 6 of 11

UTM2000 Data Sheet

Item

Description

Traffic statistics and analysis

Global/security zone-based connection rate monitoring

Global/security zone-based protocol packet rate


monitoring

Events statistics

E-mail notification of real-time alarms

Information distribution through E-mail

Many-to-one NAT

Many-to-many NAT

One-to-one NAT

Translation of source address and destination address

Accessing internal network from an external host

IP Masquerade

DNS mapping

NAT aging time

NAT ALG for multiple application protocols, including DNS,


FTP, H.323, ILS, MSN, NBT, PPTP, SIP

Initiating tunneling requests to specific LNS for users with fully


qualified name or the domain name

Address allocation of VPN users

LCP re-negotiation and mandatory CHAP authentication

AH/ESP protocols

Manual SA setup or through IKE

ESP supports encryption algorithms of DES, 3DES, AES

Algorithms of MD5 and SHA-1

IKE main mode and aggressive mode

NAT traversal

DPD detection

Ethernet_II

Ethernet_SNAP

802.1Q VLAN

Link layer protocol

PPPoE

IP services

IPv4/v6

ARP

Domain name resolution

DHCP relay

DHCP server

DHCP client

Static routing

RIP v1/2

OSPF

BGP

Policy routing

NAT

VPN

L2TP VPN

GRE VPN
IPSec/IKE

SSL VPN
Network
connectivity

Network protocols

LAN protocols

IP routing

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 7 of 11

UTM2000 Data Sheet

Item

Description

High reliability

Support Active/Active and Active/Passive modes

Support VRRP

QoS

Configuration
management

Restriction

Traffic policing

CLI

Support LLQ, WRR and CBWFQ

Support WRED and CAR

Local configuration through console port

Local or remote configuration through Telnet or SSH

Authorization of commands by user levels, so that


unauthorized users cannot log in to the device

Detailed debugging information for troubleshooting

Login and management through Telnet

FTP Server/Client for downloading and uploading


configuration files and application programs

Logging function

Configuration of user interface to configure authentication


modes and authorize functions to users

Supporting SNMPv3, and is compatible with SNMPv2c and SNMPv1

Supporting time synchronization through NTP

Supporting Web-based management

Supporting SNMP and TR-069

Supporting management through DPtech UMC(Unified Management Center)

RoHS Comply

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 8 of 11

UTM2000 Data Sheet

Order Information
Hardware and Advanced Service
Part No.

Item

Remarks

02050051

UTM2000-MS-N Host

Required

53010091

UTM2000-MS-N,Application Signature Update Service,1 Year

Optional

53010092

UTM2000-MS-N,AV Signature Update Service,1 Year

Optional

53010093

UTM2000-MS-N,IPS Signature Update,1 Year

Optional

52010094

UTM2000-MS-N,URL-Filter Signature Update Service,1 Year

Optional

02050049

UTM2000-MA-N Host

Required

53010087

UTM2000-MA-N,Application Signature Update Service,1 Year

Optional

53010088

UTM2000-MA-N,AV Signature Update Service,1 Year

Optional

53010089

UTM2000-MA-N,IPS Signature Update,1 Year

Optional

53010090

UTM2000-MA-N,URL-Filter Signature Update Service,1 Year

Optional

02050052

UTM2000-ME-N Host

Required

53010083

UTM2000-ME-N,Application Signature Update Service,1 Year

Optional

53010084

UTM2000-ME-N,AV Signature Update Service,1 Year

Optional

53010085

UTM2000-ME-N,IPS Signature Update,1 Year

Optional

53010086

UTM2000-ME-N,URL-Filter Signature Update Service,1 Year

Optional

02050050

UTM2000-GS-N Host

Required

53010079

UTM2000-GS-N,Application Signature Update Service,1 Year

Optional

53010080

UTM2000-GS-N,AV Signature Update Service,1 Year

Optional

53010081

UTM2000-GS-N,IPS Signature Update,1 Year

Optional

53010082

UTM2000-GS-N,URL-Filter Signature Update Service,1 Year

Optional

02050053

UTM2000-GM-N Host

Required

53010075

UTM2000-GM-N,Application Signature Update Service,1 Year

Optional

53010076

UTM2000-GM-N,AV Signature Update Service,1 Year

Optional

53010077

UTM2000-GM-N,IPS Signature Update,1 Year

Optional

53010078

UTM2000-GM-N,URL-Filter Signature Update Service,1 Year

Optional

02050054

UTM2000-GA-N Host

Required

53010071

UTM2000-GA-N,Application Signature Update Service,1 Year

Optional

53010072

UTM2000-GA-N,AV Signature Update Service,1 Year

Optional

53010073

UTM2000-GA-N,IPS Signature Update,1 Year

Optional

53010074

UTM2000-GA-N,URL-Filter Signature Update Service,1 Year

Optional

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 9 of 11

UTM2000 Data Sheet

Part No.

Item

Remarks

TBA

UTM2000-GE-N Host

Required

TBA

UTM2000-GE-N,Application Signature Update Service,1 Year

Optional

TBA

UTM2000-GE-N,AV Signature Update Service,1 Year

Optional

TBA

UTM2000-GE-N,IPS Signature Update,1 Year

Optional

TBA

UTM2000-GE-N,URL-Filter Signature Update Service,1 Year

Optional

TBA

UTM2000-TS-N Host

Required

TBA

UTM2000-TS-N,Application Signature Update Service,1 Year

Optional

TBA

UTM2000-TS-N,AV Signature Update Service,1 Year

Optional

TBA

UTM2000-TS-N,IPS Signature Update,1 Year

Optional

TBA

UTM2000-TS-N,URL-Filter Signature Update Service,1 Year

Optional

SSL VPN License


53010137

SSL VPN 10 User License

Optional

53010138

SSL VPN 50 User License

Optional

53010139

SSL VPN 100 User License

Optional

53010140

SSL VPN 250 User License

Optional

53010141

SSL VPN 500 User License

Optional

53010142

SSL VPN 1000 User License

Optional

53010143

SSL VPN 2500 User License

Optional

53030145

SSL VPN 5000 User License

Optional

Interface Module
Interface module

Remarks

02010023

4-Port 1000M Ethernet Electrical Interface Module

Optional

02010036

4-Port 1000M Ethernet Optical Interface Module

Optional

02010005

1000BASE-SX SFP Transceiver, Multi-Mode (850nm, 550m, LC)

Optional

02010004

1000BASE-LX SFP Transceiver, Single Mode (1310nm, 10km, LC)

Optional

02000013

1000BASE-LH40 SFP Transceiver, Single Mode (1310nm, 40km,


LC)

Optional

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 10 of 11

UTM2000 Data Sheet

02010014

1000BASE-LH40 SFP Transceiver, Single Mode (1550nm, 40km,


LC)

Optional

02010008

10GBASE-SR XFP Module, Multi-Mode (850nm, 300m, LC)

Optional

02010018

10GBASE-LR/LW XFP Module, Single Mode (1310nm, 10km, LC)

Optional

02010016

10GBASE-ER/EW XFP Module, Single Mode (1550nm, 40km, LC)

Optional

Unified Management Center


Item

Remarks

02010001

UMC Management Platform Software

Optional

53010113

UMC Unified Threat Management t Manager License

Optional

Note:
Required indicates that the item described is provided directly with the ordered host. The user does
not need to purchase it specially.
Optional indicates the item described should be purchased by the user if it is needed.
TBA refer to coming book opened .

Copyright 2008 DPtech Technologies,Co., Ltd. All rights reserved. The information contained herein is subject to change without notice. While every effort is made to
ensure the information given is accurate.

UTM2000/2011/05-1

Copyright 2008 DPtech Technologies Co., Ltd. All rights reserved.

Page 11 of 11