QuickSpecs. Models HP U200-A UTM Appliance



Similar documents
Models HP U200-A UTM Appliance

HP VPN Firewall Module Family

HP Firewall Series. Product overview. Key features. Data sheet

QuickSpecs. Models HP F5000 Firewall Standalone Chassis HP F1000-S-EI VPN Firewall Appliance

QuickSpecs. Models. Features and benefits Configuration. HP VCX x3250m2 IP Telecommuting Module. HP VCX x3250m2 IP Telecommuting Module Overview

QuickSpecs. Models. Features and benefits Application highlights. HP 7500 SSL VPN Module with 500-user License

Introduction of Quidway SecPath 1000 Security Gateway

Cisco RV 120W Wireless-N VPN Firewall

QuickSpecs. Models HP MSR Open Application Platform (OAP) with VMware vsphere MIM Module

Gigabit Multi-Homing VPN Security Router

Cisco WRVS4400N Wireless-N Gigabit Security Router: Cisco Small Business Routers

How To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses

Gigabit SSL VPN Security Router

Network Security. Lecture 3

QuickSpecs. Models HP 110 ADSL-B Wireless-N Router

Cisco RV220W Network Security Firewall

HP ProCurve Threat Management Services zl Module

Cisco RV220W Network Security Firewall

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

(d-5273) CCIE Security v3.0 Written Exam Topics

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

Network Security Firewall

Securing Networks with PIX and ASA

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

Unified Services Routers

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Cisco RV180 VPN Router

Unified Services Routers

HP E4210 Switch Series

Models HP NJ2000G IntelliJack

Cisco SR 520-T1 Secure Router

HP AP8760 Dual Radio a/b/g Access Point Overview

Gigabit Multi-Homing VPN Security Router

Models HP 1405C-5 Switch* IEEE 802.1p prioritization: delivers data to devices based on the priority and type of traffic

NetDefend UTM Firewall Series

CCIE Security Written Exam ( ) version 4.0

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

HP ProCurve Wireless Access Point 10ag Overview

How To Power A Power Supply Shelf With A Power Unit (Hp 2920)

APV9650. Application Delivery Controller

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

Wireless Controller DWC-1000

Unified Services Routers

ACCESS POINTS. Configuration Specifications

NetDefend UTM Firewall Series

3COM H3C SECBLADE ADVANCED VPN FIREWALL MODULE

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

ProCurve Networking. Hardening ProCurve Switches. Technical White Paper

INDIAN INSTITUTE OF TECHNOLOGY BOMBAY MATERIALS MANAGEMENT DIVISION : (+91 22) (DR)

QuickSpecs. Models HP S Mbps IPS

Gigabit Content Security Router

HP V1905 Switch Series. Product overview. Key features. Data sheet

Load Balance Router R258V

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239

HP 3100 SI Switch Series

IINS Implementing Cisco Network Security 3.0 (IINS)

Chapter 4: Security of the architecture, and lower layer security (network security) 1

Network Access Security. Lesson 10

HP VSR1000 Virtual Services Router Series

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Cradlepoint COR IBR350 Specifications

NetDefend UTM Firewall Series

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Security Gateway 10er Serie

Cisco VPN 3000 Concentrator Series

Huawei Eudemon200E-N Next-Generation Firewall

QuickSpecs. Models HP WA2110 Single Radio a/b/g Access Point HP WA2220 Dual Radio a/b/g Access Point

QuickSpecs. Models HP TippingPoint S8010F Next Generation Firewall Appliance

USG6600 Next-Generation Firewall

Network Security Fundamentals

Cisco ASA, PIX, and FWSM Firewall Handbook

HIGH DENSITY ACCESS POINT

USG6300 Next-Generation Firewall

RuggedCom Solutions for

NETASQ MIGRATING FROM V8 TO V9

Cisco RV215W Wireless-N VPN Router

NetDefend UTM Firewall Series

CradlepointCOR IBR350Specifications

TP-LINK L2 Managed Switch

Cisco RV110W Wireless-N VPN Firewall

Cisco RV110W Wireless-N VPN Firewall

HP ProCurve Switch 2500 Series

How To Set Up A Cisco Rv110W Wireless N Vpn Network Device With A Wireless Network (Wired) And A Wireless Nvv (Wireless) Network (Wireline) For A Small Business (Small Business) Or Remote Worker

How To Manage A Network With An Ipc (Ipc) And Ipc V2 (Ipv) On An Ipa (Ipa) On A Network On An Hp Zl (Ips) And V2 On A Pc (

Recommended IP Telephony Architecture

TABLE OF CONTENTS NETWORK SECURITY 2...1

Advanced Network Routers. Datasheet. Model: ERLite-3, ERPoe-5. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Securing Cisco Network Devices (SND)

"Charting the Course...

HP E-M110 Access Point Series. Product overview. Key features. Data sheet

Implementing Cisco IOS Network Security

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

HP ProCurve Mobility Security IDS/IPS Series

Transcription:

Overview Models HP U200-S UTM Appliance HP U200-A UTM Appliance JD273A JD275A Key features Flexible security zone and virtual firewall Advanced VPN Comprehensive threat protection Antivirus, antispam, and URL filtering options Intelligent Web-based management Product overview The HP U200 UTM appliance series are a group of purpose-built security devices designed to provide comprehensive protection for distributed environments such as branch offices and remote sites. Utilizing a state-of-the-art multicore platform and advanced hardware acceleration, the HP U200 UTM appliance series deliver robust protection against malicious attacks that could compromise networks and their critical assets. Sharing the same proven technology as the HP VPN Firewall Module Family, the HP U200 UTM appliance series provide protection against known threats such as malware and denial-of-service (DoS) attacks while providing optional services such as antivirus, antispam, and URL filtering capabilities, thereby providing manageable, flexible security options for organizations and their unique deployment needs. Features and benefits Application highlights Enhanced firewall functions: HP U200 unified threat management appliance series provide such basic functions as security zone configuration, static/dynamic blacklist, MAC-IP binding, and ACL application; offer enhanced functions like status-based filtering, virtual firewall, and transportation of 802.1Q-tagged packets; protect the network against attacks from ARP spoofing, invalid TCP flag, large ICMP packets, Challenge Collapsar (CC), SYN flooding, and address/port scanning Abundant VPN features: The HP U200 UTM appliances support access through L2TP VPN, GRE VPN, and IPSec VPN; the integrated hardware encryption engine implements VPN handling of high performance Zone-based access policies: logically groups virtual LANs (VLANs) into zones that share common security policies; allows both unicast and multicast policy settings by zones instead of by individual VLANs Application-level gateway (ALG): deep packet inspection in the firewall discovers the IP address and service port information embedded in the application data; the firewall then dynamically opens appropriate connections for specific applications Full support of NAT applications: HP U200 UTM appliances support NAT applications, including many-to-one, many-tomany, static NAT, dual translation, easy IP, and DNS mapping; support NAT traversal with multiple protocols, and deliver NAT ALG functions such as DNS, FTP, H.323, and NBT Real-time antivirus: HP U200 UTM appliances adopt Kaspersky's antivirus engine to detect and remove codes of malicious attacks in a timely manner Real-time spam filtering: HP U200 UTM appliances filter spam in real time, which purifies mail systems URL filtering: HP U200 UTM appliances implement user-based URL access control to deny access to unauthorized websites Enterprise-class high availability: dual-box failover protects against loss of connectivity due to hardware failure, with automatic configuration and state table synchronization to simplify administration and remove scope for security policy inconsistencies Management DA - 14175 Worldwide Version 1 September 26, 2011 Page 1

Overview Complete session logging: provides detailed information for problem identification and resolution Manager and operator privilege levels: enable read-only (operator) and read-write (manager) access on CLI and Web browser management interfaces Secure Web GUI: provides a secure, easy-to-use graphical interface for configuring the module via HTTPS Command-line interface (CLI): provides a secure, easy-to-use command-line interface for configuring the module via SSH or a switch console; provides direct real-time session visibility SNMPv1, v2c, and v3: facilitate centralized discovery, monitoring, and secure management of networking devices Remote monitoring (RMON): uses standard SNMP to monitor essential network functions; supports events, alarm, history, and statistics group plus a private alarm extension group FTP, TFTP, and SFTP support: FTP allows bidirectional transfers over a TCP/IP network and is used for configuration updates; Trivial FTP is a simpler method using User Datagram Protocol (UDP) Warranty and support 1-year warranty: with advance replacement and 30-calendar-day delivery (available in most countries) Electronic and telephone support: limited electronic and telephone support is available from HP; refer to www.hp.com/networking/warranty for details on the support provided and the period during which support is available Software releases: refer to www.hp.com/networking/warranty for details on the software releases provided and the period during which software releases are available for your product(s) DA - 14175 Worldwide Version 1 September 26, 2011 Page 2

HP U200-S UTM Appliance (JD273A) Ports Physical characteristics Memory and processor Performance Environment Electrical characteristics Safety Emissions Management Notes Services 1 RJ-45 serial console port 5 auto-negotiating 10/100/1000 ports (IEEE 802.3 Type 10BASE-T, IEEE 802.3u Type 100BASE-TX, IEEE 802.3ab Type 1000BASE-T) 1 Compact Flash port 1 module slot Dimensions Weight 512 MB DDR2 SDRAM MAC address table size Operating temperature Operating relative humidity Voltage Current Maximum power rating Frequency Notes 10.59(d) x 11.81(w) x 1.72(h) in. (26.9 x 30 x 4.36 cm) (1U height) 5.51 lb. (2.5 kg) 4000 entries 32 F to 113 F (0 C to 45 C) 10% to 95%, noncondensing 100-240 VAC 1.5 A 54 W 50 / 60 Hz Maximum power rating and maximum heat dissipation are the worst-case theoretical maximum numbers provided for planning the infrastructure with fully loaded PoE (if equipped), 100% traffic, all ports plugged in, and all modules populated. EN60950-1 :First Edition; IEC 60950-1 :Second Edition ; UL60950-1 :First Edition VCCI Class B; EN 55022 Class B; ICES-003 Class B; FCC Part 15, Class B; EN 61000-3-2; EN 61000-3-3 IMC - Intelligent Management Center; command-line interface; Web browser; SNMP Manager; Telnet; HTTPS; FTP; Support HP A-IMC UTM Manager Software as unified management platform 200 Mbps firewall throughput 60,000 concurrent connections under firewall mode/16,000 concurrent connections under UTM mode 6,000 new connections per second under firewall mode/2,000 new connections per second under UTM mode 1,000 security policies 100 Mbps 3DES/AES VPN throughput 100 IPSec tunnels 30 Mbps antivirus throughput Refer to the HP website at: www.hp.com/networking/services for details on the service-level descriptions and product numbers. For details about services and response times in your area, please contact your local HP sales office. DA - 14175 Worldwide Version 1 September 26, 2011 Page 3

HP U200-A UTM Appliance (JD275A) Ports Physical characteristics Memory and processor Performance Environment Electrical characteristics Safety Emissions Management Notes Services RJ-45 serial console port 6 auto-negotiating 10/100/1000 ports (IEEE 802.3 Type 10BASE-T, IEEE 802.3u Type 100BASE-TX, IEEE 802.3ab Type 1000BASE-T) 1 Compact Flash port 2 module slots Dimensions Weight 1 GB DDR2 SDRAM MAC address table size Operating temperature Operating relative humidity Voltage Current Maximum power rating Frequency Notes 16.06(d) x 17.4(w) x 1.74(h) in. (40.8 x 44.2 x 4.42 cm) (1U height) 8.82 lb. (4 kg) 4000 entries 32 F to 113 F (0 C to 45 C) 10% to 95%, noncondensing 100-240 VAC 2.5 A 100 W 50 / 60 Hz Maximum power rating and maximum heat dissipation are the worst-case theoretical maximum numbers provided for planning the infrastructure with fully loaded PoE (if equipped), 100% traffic, all ports plugged in, and all modules populated. EN60950-1 :First Edition; IEC 60950-1 :Second Edition ; UL60950-1 :First Edition VCCI Class B; EN 55022 Class B; ICES-003 Class B; FCC Part 15, Class B; EN 61000-3-2; EN 61000-3-3 IMC - Intelligent Management Center; command-line interface; Web browser; SNMP Manager; Telnet; HTTPS; FTP; Support HP A-IMC UTM Manager Software as unified management platform Performance 800 Mbps firewall throughput 500,000 concurrent connections under firewall mode/100,000 concurrent connections under UTM mode 10,000 new connections per second under firewall mode/5,000 newconnections per second under UTM mode 10,000 security policies 400 Mbps 3DES/AES VPN throughput 1000 IPSec tunnels 100 Mbps antivirus throughput 100Mbps Anti-Virus throughput 100Mbps Anti-Virus throughput Refer to the HP website at www.hp.com/networking/services for details on the service-level descriptions and product numbers. For details about services and response times in your area, please contact your local HP sales office. Standards and protocols (applies to all products in series) IPv6 RFC 1981 IPv6 Path MTU Discovery RFC 2460 IPv6 Specification RFC 2465 Management Information Base for IP Anti virus Virus definition-based detection Library upgrading manually and automatically Flow handing mode DA - 14175 Worldwide Version 1 September 26, 2011 Page 4

Version 6: Textual Conventions and General Group(partially support, only "IPv6 Interface Statistics table") RFC 3484 Default Address Selection for IPv6 RFC 3513 IPv6 Addressing Architecture RFC 3587 IPv6 Global Unicast Address Format RFC 4007 IPv6 Scoped Address Architecture RFC 4862 IPv6 Stateless Address Autoconfiguration Security RFC 1321 The MD5 Message-Digest Algorithm RFC 1334 PPP Authentication Protocols (PAP) RFC 1994 PPP Challenge Handshake Authentication Protocol (CHAP) RFC 2104 Keyed-Hashing for Message Authentication RFC 2138 RADIUS Authentication RFC 2618 RADIUS Authentication Client MIB RFC 2620 RADIUS Accounting Client MIB RFC 2716 PPP EAP TLS Authentication Protocol RFC 2865 RADIUS Authentication RFC 2866 RADIUS Accounting RFC 2867 RADIUS Accounting Modifications for Tunnel Protocol Support RFC 2868 RADIUS Attributes for Tunnel Protocol Support RFC 2869 RADIUS Extensions draft-grant-tacacs-02 (TACACS) Supporting protocols of HTTP, FTP, SMTP, and POP3. Preventing virus types of Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus Supporting virus logs and reports URL filtering Custom-defined URL filtering library Supporting Java Blocking and ActiveX Blocking Mail filtering Blacklist of IP addresses Matching keywords of the mail address, attachment name, content, sender, and receiver Security logs and statistics User behavior flow logs NAT translation logs Real time logs of attacks Blacklist logs Address binding log Traffic alarm logs Traffic statistics and analysis Global/security zone-based connection rate monitoring Global/security zone-based protocol packet rate monitoring Events statistics E-mail notification of real-time alarms Information distribution through E-mail VPN RFC 1701 Generic Routing Encapsulation (GRE) RFC 1702 Generic Routing Encapsulation over IPv4 networks. RFC 1828 IP Authentication using Keyed MD5 RFC 1829 The ESP DES-CBC Transform RFC 1853 IP in IP Tunneling RFC 2085 HMAC-MD5 IP Authentication with Replay Prevention RFC 2401 Security Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC 2403 The Use of HMAC-MD5-96 within ESP and AH RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH RFC 2405 The ESP DES-CBC Cipher Algorithm With Explicit IV RFC 2406 IP Encapsulating Security Payload (ESP) RFC 2410 The NULL Encryption Algorithm and Its NAT NAPT PAT NAT Server Port mapping Bidirectional NAT Static NAT L2TP VPN LNS, LAC L2TP Multi-instance GRE VPN IPSec/IKE AH/ESP protocols Manual SA setup or through IKE ESP supports encryption algorithms of DES, 3DES, AES Algorithms of MD5 and SHA-1 IKE main mode and aggressive mode DA - 14175 Worldwide Version 1 September 26, 2011 Page 5

Use With IPsec RFC 2411 IP Security Document Roadmap RFC 2451 The ESP CBC-Mode Cipher Algorithms RFC 2473 Generic Packet Tunneling in IPv6 Specification RFC 2529 Transmission of IPv6 over IPv4 Domains without Explicit Tunnels RFC 2661 Layer Two Tunneling Protocol "L2TP" RFC 2784 Generic Routing Encapsulation (GRE) RFC 2868 RADIUS Attributes for Tunnel Protocol Support RFC 2893 Transition Mechanisms for IPv6 Hosts and Routers RFC 3602 The AES-CBC Cipher Algorithm and Its Use with IPsec RFC 4214 Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) IKEv1 RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP). RFC 2409 The Internet Key Exchange (IKE) RFC 2412 The OAKLEY Key Determination Protocol RFC 3526 More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE) RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers PKI RFC 2510 Internet X.509 Public Key Infrastructure Certificate Management Protocols RFC 2511 Internet X.509 Certificate Request Message Format RFC 3279 Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile RFC 3280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile draft-nourse-scep-06: PKCS#1 PKCS#10 PKCS#12 PKCS#7 Operating mode Routing mode Transparent mode Hybrid mode NAT traversal DPD detection IP services IPv4/v6 ARP Domain name resolution IP unnumbered DHCP relay DHCP server DHCP client IP routing Static routing RIP v1/2 OSPF BGP Policy routing High reliability (only for U200-A) Active/Active mode Active/Passive mode Session Synchronization for Firewall Attack prevention DDoS DNS query/syn/icmp/udp/arp flood SYN cookie proxy SQL injection filtering IP/MAC binding IP spoofing detection ARP reverse query checking Management interfaces disabled by default System and administration Web interface via HTTP/HTTPS Command line interface via console, telnet, SSH RADIUS/TACACS+ server and local database authentication DNS support for dynamic IP allocation SNMP v1, 2c and 3 IPv6 Routing & Multicast RIPng OSPFv3 BGP4+ Static Route policy Route PIM-SM/DM IPv6 Security NAT-PT Manual tunnel IPV6 OVER IPv4 GRE tunnel DA - 14175 Worldwide Version 1 September 26, 2011 Page 6

AAA services RADIUS authentication HWTACACS authentication PKI/CA (x.509 format) authentication Domain authentication CHAP authentication PAP authentication 6to4 tunnel (RFC3056) ISATAP Tunnel IPv6 Packet Filter Radius NAT64 Firewall Virtual firewall Security zone configuration Basic and extended ACLs Interface-based access control Time range-based access control Dynamic packet filtering ASPF packet filtering Static and dynamic blacklists MAC-IP binding MAC-based access control Transportation of 802.1Q-tagged packets DA - 14175 Worldwide Version 1 September 26, 2011 Page 7

Accessories HP U200-S UTM Appliance (JD273A) HP U200-S 2-port Gig-T Module HP U200-S 1-year Anti-Virus Service License HP A-U200-S 1-year Anti-Spam Service License HP A-U200-S 1-year URL Filter Service License JD265A JG076A JG075A JG078A HP U200-A UTM Appliance (JD275A) HP U200-A 2-port Gig-T Module HP U200-A 4-port GbE SFP Module HP U200-A 1-year Anti-Spam Service License HP A-U200-A 1-year Anti-Virus Service License HP A-U200-A 1-year URL Filter Service License JD266A JD267A JG064A JG065A JG067A To learn more, visit: www.hp.com/networking Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. DA - 14175 Worldwide Version 1 September 26, 2011 Page 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information