Check Point Safe@Office 500 UTM Frequently Asked Questions



Similar documents
Cisco Small Business ISA500 Series Integrated Security Appliances

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

Configuring High Availability for Embedded NGX Gateways in SmartCenter

CHECK POINT. Software Blade Architecture. Secure. Flexible. Simple.

The Evolution of IPS. Intrusion Prevention (Protection) Systems aren't what they used to be

Securing the Small Business Network. Keeping up with the changing threat landscape

Cisco SA 500 Series Security Appliances

Who s Endian?

Wireless Services. The Top Questions to Help You Choose the Right Wireless Solution for Your Business.

CHECK POINT. Software Blade Architecture

CHECK POINT TOTAL SECURITY APPLIANCES. Flexible Deployment. Centralized Management.

Unified Threat Management, Managed Security, and the Cloud Services Model

Endpoint Security VPN for Mac

Portal On-Demand Cost-effective and hosted managed security

Cisco SA 500 Series Security Appliances

Check Point Software Blade Architecture. Achieving the right balance between security protection and investment

SofaWare Management Architecture Basics

Firewall and UTM Solutions Guide

White Paper. ZyWALL USG Trade-In Program

Solution Brief. Branch on Demand. Extending and Securing Access Across the Organization

Check Point Software Blade Architecture. Achieving the right balance between security protection and investment

Endpoint Security VPN for Mac

Cisco ASA 5500 Series Anti-X Edition for the Enterprise

BroadScan. Security Appliances. in-one Security Solution for SMB Combining Performance, ease of use and affordability. A Breakthrough all-in

SonicWALL Team Nordic Recommendations for safe Unified Threat Management (UTM) Deployments*

The Ultimate WLAN Management and Security Solution for Large and Distributed Deployments

Solution Brief. Branch on Demand. Extending and Securing Access Across the Organization

Network protection and UTM Buyers Guide

Question: 1 Which Cisco Small Business portfolio product is targeted to customers who leverage technology s a strategic advantage in their business?

Remote Access Clients for Windows

Edgewater Routers User Guide

Simple security is better security Or: How complexity became the biggest security threat

SonicWALL Advantages Over WatchGuard

SSL-VPN 200 Getting Started Guide

Customer Advantage Program

Cisco ASA 5500 Series Content Security Edition for the Enterprise

Small Business Network Security 101

Best Practices for Outdoor Wireless Security

Simplify Your Network Security with All-In-One Unified Threat Management

Cisco ASA 5500 Series Business Edition

Edgewater Routers User Guide

APPENDIX 3 LOT 3: WIRELESS NETWORK

Using SonicWALL NetExtender to Access FTP Servers

Protecting the Extended Enterprise Network Security Strategies and Solutions from ProCurve Networking

Next Gen Firewall and UTM Buyers Guide

Secure Remote Access for the Distributed Business. Challenges, trends, and considerations

Cisco RV220W Network Security Firewall

Meraki MX Family Cloud Managed Security Appliances

How To Choose A Dell Sonicwall Firewall From Awna.Com

Cisco ASA 5500 Series Content Security Edition for the Enterprise

Best Practices in Deploying a Secure Wireless Network

Using Cisco UC320W with Windows Small Business Server

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Assessing Business Continuity Solutions

Cloud Managed Security with Meraki MX

Zscaler Internet Security Frequently Asked Questions

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation

Using a Firewall General Configuration Guide

How To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses

WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6

TechGuard Firewall Products Specs/Parts/Competitive Analysis

Partner with the UK s leading. Managed Security Service Provider

ALLNET ALL-VPN10. VPN/Firewall WLAN-N WAN Router

LICENSE GUIDE. Software Blades products. Number of Strings. SKU Prefix Name Description Additive

Endpoint Security Considerations for Achieving PCI Compliance

Cisco RV220W Network Security Firewall

How to Get NAC Up-and-Running in One Hour. For Check Point Firewall or Endpoint Security Administrators

Cisco Virtual Office Express

Gigabit Multi-Homing VPN Security Router

Advantages of Managed Security Services

Integrated Security Solutions You Can Trust

Cisco IOS Advanced Firewall

Astaro Gateway Software Applications

Lucent VPN Firewall Security in x Wireless Networks

Cisco SR 520-T1 Secure Router

Unified Threat Management Systems (UTMS), Open Source Routers and Firewalls. Tim Hooks Scott Rolf

Results of Testing: Juniper Branch SRX Firewalls

WAN Traffic Management with PowerLink Pro100

WAN Failover Scenarios Using Digi Wireless WAN Routers

Is Your Network Ready for VoIP?

FEATURE OVERVIEW. FGX Series firewall. Last updated February 2012

Small, Medium and Large Businesses

Remote Access VPN Solutions

Introduction to Cloud Networking. Meraki Solution Overview

Cisco RV 120W Wireless-N VPN Firewall

How To - Setup Cyberoam VPN Client to connect to a Cyberoam for the remote access using preshared key

CISCO SMB CLASS MOBILITY AND WIRELESS SOLUTIONS: THE RESPONSIVE WORKFORCE

NATIONAL GATEWAY SECURITY SURVEY

The All-in-One, Intelligent WLAN Controller

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Neutralizing Spyware in the Enterprise Environment

TECHNICAL WHITEPAPER. Author: Tom Kistner, Chief Software Architect. Table of Contents

The All-in-One, Intelligent NXC Controller

Deploying Firewalls Throughout Your Organization

The Attacker s Target: The Small Business

Cisco Meraki solution overview Cisco and/or its affiliates. All rights reserved.

Internet Security for Small to Medium Sized Businesses

Intelligent WLAN Controller with Advanced Functions

Enterprise Wireless LAN. Key Features. Benefits. Hotspot/Service Gateway Series

ADMINISTRATION GUIDE Cisco Small Business

Transcription:

For internal use only Check Point Safe@Office 500 UTM Frequently Asked Questions Business Related Questions What are Safe@Office appliances? Designed specifically to meet the needs of small businesses, Check Point Safe@Office 500 Unified Threat Management (UTM) appliances deliver proven Internet security by incorporating Check Point patented technology. Safe@Office 500 UTM appliances can protect networks of up to 100 users from a multitude of Internet threats such as viruses, hacking attempts, denial of service attacks and phishing. Safe@Office 500 UTM Wireless (W) appliances integrate a Wireless LAN access point, delivering the same security found in Safe@Office 500 appliances together with the highest levels of security for wireless networks. The Safe@Office 500 UTM wired and wireless models are also available with an integrated ADSL2/2+ modem, thus meeting small businesses needs for connectivity and network security out-of-the-box. Who are the target customers for Safe@Office 500 UTM appliances? Safe@Office 500 UTM customers are small to medium businesses (1-100 users) that need a comprehensive, all-in-one security solution, and Managed Security Service Providers (MSSPs) who offer outsourced network and security management services to small-medium businesses. Vertical markets include: - Retail, Hospitality (hotels, restaurants, coffee shops) - Healthcare - Finance/ Investment Firms - Insurance & Law Firms - Government / Municipality entities Who are the primary decision makers? For most small businesses, the CEO/President/Owner is the primary decision maker (in many cases acting also as an IT manager). For larger businesses (~30 employees and up), a part-time/full-time IT manager may be onsite, making him/her the key decision maker. In this case, key influencers are the CEO/President/Owner. Why is integrated security so important for small businesses? Small businesses face a variety of IT related challenges, including network security threats, networking and connectivity issues and regulation compliancy. This is a challenge for most small businesses as they usually have only limited IT resources and no dedicated security expert, even though they are just as dependent on their network as large Enterprises. The lack of dedicated IT staff, limited IT budgets and a lower level of awareness regarding network security threats, makes small businesses susceptible to cyber-attacks and internet threats. For these reasons, small businesses can greatly benefit from an 2003-2007 Check Point Software Technologies Ltd. All rights reserved. 1

affordable, easy-to-use, all-in-one security solution that is based on proven and tested Check Point technology. What Business Problems do Safe@Office Appliances solve? Safe@Office appliances address key security, networking and connectivity pain points: Enable employees (teleworkers, road-warriors) and business partners to securely access information from remote with IPSec VPN Reduce downtime and abuse of business resources Simplify ongoing security management and administration Facilitate compliance with industry-specific network security regulations (PCI-DSS, HIPAA etc.) Who are the main competitors in this market? SonicWall (TZ product line), Fortinet (FortiGate/FortiWifi 50/60), WatchGuard (Firebox X Edge e-series), Juniper (SSG5/20 and Netscreen 5GT), Cisco (PIX and ASA5505). What is the difference between UTM-1 Edge appliances and Safe@Office appliances? UTM-1 Edge appliances are typically employed by Enterprises in-order to secure their branch-offices and remote sites, as part of a centrally managed deployment using Check Point SMART management solutions (SmartCenter, SmartLSM, Provider-1 ). On the other hand, Safe@Office 500 UTM appliances target small businesses with one or more sites, where each site is a standalone deployment either managed locally, or centrally managed via SMP /SMP On-Demand. Safe@Office appliances cannot be managed by SmartCenter, SmartLSM, or Provider-1. UTM-1 Edge / Safe@Office Comparison UTM-1 Edge Safe@Office 500 User count 8,16,32,Unlimited 5,25,Unlimited Enhanced networking & security features Yes (built-in) Optional (Requires PowerPack upgrade) Integrated WiFi access-point and/or ADSL modem Yes (optional) Yes (optional) List Price Starts at $600 Start at $299 Complementary Products and Services Central Management Support & Software Subscription UTM-1 Edge Safe@Office 500 Check Point SMART Management SMP, SMP On-Demand (SmartCenter,SmartLSM,Provider- 1, SMP, SMP On-Demand) Purchase CES contract Purchase Safe@Office Basic Support contract or purchase services from Small-Business MSSP partners 2

Antivirus Updates Service Web Filtering Service Purchase Antivirus Updates Service for UTM-1 Edge Use 3rd party OPSEC web filtering server such as SurfControl Purchase Safe@Office AntiVirus, Support & Subscription contract or purchase services from Small- Business MSSP partners Purchase the SofaWare Web Filtering Annual Subscription or purchase services from Small-Business MSSP partners Reporting Use Check Point Eventia Monthly reports are delivered as part of the Safe@Office Basic Support Plan or purchase services from Small- Business MSSP partners Safe@Office Product Questions What is the difference between Safe@Office 500 and Safe@Office 500W? The W Series appliances integrate a Wireless LAN access point supporting the 802.11b/g/Super G standards. For additional information regarding the WLAN capabilities, please refer to the Safe@Office 500 datasheet via the following link: http://www.checkpoint.com/products/downloads/safe@office_datasheet.pdf What types of add-on services are available for Safe@Office appliances? Customers can add the following: One of the following annual support plans: Basic Support and Services plan with: Security and firmware updates; Email, web and chat support; Advanced replacement and Dynamic DNS Advanced Support and Services plan with Security and firmware updates; Email, web and chat support; Advanced replacement; Dynamic DNS; Gateway antivirus updates and SmartDefense updates Annual category-based URL filtering services - integrated Web filtering using an extensive database of threat categories and associated URLs. A web-access policy can be defined to protect from threats such as spyware and viruses, as well as new risks from inappropriate web content, and to improve employee productivity by limiting access to specific content. License upgrades (number of users) What Safe@Office appliances and upgrades/services are available? Users Safe@Office 500 CPSB-500G Safe@Office 500 Series Safe@Office 500W CPSB-500WG Safe@Office 500 ADSL CPSB-500G-ADSL Safe@Office 500W ADSL CPSB-500WG-ADSL 5 $299 $449 $399 $549 25 $599 $749 $699 $849 Unlimited $999 $1149 $1099 $1249 3

Functionality Upgrades Power Pack CPSB-500-UPG-PPACK Upgrade from Safe@Office 5 Users to 25 Users CPSB-500-UPG-5TO25 Upgrade from Safe@Office 5 Users to Unlimited Users CPSB-500-UPG-5TOU Upgrade from Safe@Office 25 Users to Unlimited Users CPSB-500-UPG-25TOU List Price $499 $360 $760 $520 Support plans and additional services Users Annual Safe@Office 500 Support Plans Basic Support Plan Advanced Support Plan ST-CPSB STAV-CPSB Annual Category-based URL filtering Web Filtering WF-CPSB 5 $79 $179 $49 25 $99 $299 $199 Unlimited $199 $449 $299 For the full features table see http://www.checkpoint.com/products/safe@office/safe@office_moreinfo.html For up-to-date pricing and SKUs see https://pricelist.checkpoint.com/pricelist/us/plushomeoffice/holist.jsp Are all Safe@Office models based on the same hardware? The base hardware of the Safe@Office appliances is the same, with the exception of support for Wireless and ADSL capabilities, as well as availability of USB ports for the Safe@Office 500W and ADSL models. All appliance versions can run the most recent Embedded NGX firmware. What features are included with the Power Pack? The Power Pack is an upgrade option that activates the following high-end security and networking features: 4

25 Remote Access VPN profiles (only 5 profiles without Power Pack) Unlimited Site-to-site VPN profiles (only 2 without Power Pack) Port-based and Tag-based VLAN (only available with Power Pack) Port-based Security (802.1x) (only available with Power Pack) Secure HotSpot (Guest Access) (only available with Power Pack) Automatic Gateway Failover (High Availability) (only available with Power Pack) Dynamic Routing (OSPF) (only available with Power Pack) Wireless Distribution System (WDS) (only available with Power Pack) Multiple Access Points (only 1 access point without Power Pack) Multiple bridge support (only 1 without Power Pack) Advanced Traffic Shaper (QoS) (basic Traffic Shaper without Power Pack, including four static preconfigured classes) The Power Pack upgrade is independent of the user count, that is, it can be installed on any Safe@Office 500/500W appliance, regardless of the number of users the appliance supports. For more information on the features included in the Power Pack upgrade, please refer to the following link: http://www.checkpoint.com/products/safe@office/safe@office_moreinfo.html What happened to the Safe@Office 100, 200 and 400W models? These models are no longer available for purchase. Embedded NGX 7.0 firmware is available for all 400W, 200, 100B and 100C appliances with a valid software subscription plan. Is there any change to the service pricing for 100/200/400W models? Yes. Subscription pricing is updated as follows: 105/405 110/410 225/425 225U/425U Annual Support and Subscription $79 $89 $99 $199 Annual Support and Subscription with Antivirus and SmartDefense updates $179 $219 $299 $449 What central management platforms are supported by Safe@Office? For multi-site deployments, Safe@Office can be centrally managed by SMP or SMP On-Demand. Check Point Small-Business MSSP partners will use these management solutions to provide out-sourced security services. Do Safe@Office 500 UTM appliances support SmartDefense? Yes. A reduced feature set of the main SmartDefense updates relevant for small businesses is periodically available for Safe@Office with firmware updates. Does Safe@Office support cellular connectivity? Yes. Safe@Office supports comprehensive connectivity capabilities include extensive support for USBbased cellular modems (2G/3G), allowing various high availability deployments and connectivity in areas where regular Internet infrastructure is unavailable. Other USB modems (56K, ISDN) are also supported. 5

Does Safe@Office support QoS management? Yes. Safe@Office supports QoS through Traffic Shaping, which offers weighted priorities, guarantees and limits to ensure that business-critical traffic is given priority over non-critical traffic. Note that Safe@Office includes basic traffic shaping capabilities with preset levels. Advanced traffic shaping is available with the Power Pack upgrade. Does Safe@Office support VLANs? VLAN support is available with the Safe@Office Power Pack upgrade. This allows for the segmentation of internal networks into several virtual networks. It enables non-intrusive deployment into an existing VLAN configuration. Port-based and tag-based VLANs are supported: Port-based VLAN allows splitting the four LAN ports into four segmented networks Tag-based VLAN allows UTM-1 Edge to be connected to a switch via a VLAN trunk, thereby expanding port density Does Safe@Office support VPN access from within the internal network? Yes. Safe@Office supports an internal VPN server to provide VPN access from internal networks, such as wireless connectivity within the internal network. It allows SecuRemote clients to connect from internal networks. It is useful for wireless deployments, independent of the client s physical location (in the wireless network or on the road). Does Safe@Office support rack mounting? Yes. End users can purchase the Safe@Office rack-mount shelf kit that can be used to mount units of all types (wired, wireless) on a 19-inch rack. Each shelf can host two units. Rack-mount shelf kit SKU: CPUTM-EDGE-XG-IND-RM-KIT. Does Safe@Office appliance support wall mounting? Yes. The Safe@Office appliance includes a wall mounting kit. Is there an option for desktop-type power supply? Yes. It is possible to purchase desktop-type power supplies (as opposed to the wall-mount type supplied with the appliance). The SKU for this item is CPWR-12V-DG. Is it possible to purchase a spare power supply unit? Yes. It is possible to purchase a spare power supply unit for UTM-1 Edge. The SKU for this item is CPWR-5V-G. For more information, contact regular distribution channels or your Check Point sales representative. Is there a way to protect the Safe@Office appliance from theft? Yes. The Safe@Office appliance features a security slot to the rear of the right panel, which enables you to secure your appliance against theft by using a standard anti-theft security device available on the market. How are Safe@Office appliances set-up and deployed at the customer premises? Small businesses can use the built-in installation wizard to easily setup a Safe@Office appliance at their office. During installation, customers will be prompted to connect to a Service Center. This is relevant if the customer purchased services for the appliance (either 6

via Check Point or through a Managed Security Service Provider (MSSP)). Alternatively, for mass deployments by MSSPs, it is possible to pre-configure the security and networking settings so that the appliance automatically connects to the service provider s Service Center. Further security updates are done centrally via a Service Center and additional management is done either locally via the local user interface or remotely by a MSSP. Do Safe@Office appliances support High Availability (HA)? The High Availability feature is included in the Power Pack upgrade. Customers can purchase a second appliance to create a HA cluster. There are no special SKUs or discounts for HA appliances. What kind of Antivirus is included with Safe@Office appliances? Safe@Office includes Vstream Antivirus protection, which is an embedded stream-based antivirus engine integrated with Check Point Stateful Inspection and Application Intelligence technologies. The Vstream Antivirus performs virus scanning at the kernel level. It scans files for malicious content on the fly, without downloading the files into intermediate storage. This means minimal added latency and support for unlimited file sizes; and since VStream Antivirus stores only minimal state information per connection, it can scan thousands of connections concurrently. Does Safe@Office include licenses for remote access VPN clients? Yes. Each Safe@Office license includes licenses for Check Point VPN-1 SecuRemote to be used with Safe@Office. Can VPN-1 SecureClient connect to Safe@Office? Yes. Does Safe@Office support VPN-1 SecureClient security features? VPN-1 SecureClient interoperates with Safe@Office appliances supporting the internal VPN server and OfficeMode. The Safe@Office appliance does not support the policy server functionality. Dedicated desktop security via VPN-1 SecureClient is supported with other Check Point solutions which support the policy server functionality (for example, VPN-1 Express or VPN-1 Pro gateway). Licensing, Support and Upgrades How do I order Safe@Office 500 UTM appliances? For indirect VARs: Safe@Office is available through regular distribution channels. For direct VARS and service providers: Safe@Office orders should be submitted via your regular distribution channels. Safe@Office appliances are Category III products. 7

End-user pricing for VARs, Distributors and E-tailers can be found in the end-user price list at http://pricelist.checkpoint.com/sections/home_office.asp How do I order Evaluation/Demo units? Evaluation units for all Safe@Office products can be ordered through the same channels as other Check Point evaluations (through VARs or Check Point). You can also purchase demo units for 200$ via the following link: http://cpi.checkpoint.com/docs/salesadminpublic/internal_ordering.asp Note: Demo units are intended for demonstration purposes only (including lending the unit to a potential customer for a limited period of time) and are not for resale. How is a user defined by the Safe@Office license? A user (or network node) is defined as a computing device that attempts to traverse the firewall. For example, any IP address that tries to pass through the firewall is counted. The IP address is counted even if it is blocked due to a specific rule configuration. Note: we do not differentiate between multiple users using a single machine, that is, a single IP address. In this scenario those individuals will still be counted as one user. What happens if the total user count is exceeded? Safe@Office enforces the count per license. When the count is exceeded, subsequent users will not be allowed access to the WAN. In addition, an error report will be logged and the customer will receive a warning. Is it possible to upgrade Safe@Office appliances? Yes. Additional users and features can be added to the Safe@Office appliance without the need for a hardware replacement. Customers receive a sales confirmation code, register online, and receive a permanent new product key that enables the new functionality. Please refer to the Functionality Upgrade section of the table under the What Safe@Office 500 UTM models are available? question for upgrade options. Note that user count upgrades increase the number of concurrent users and do not affect the features, while the Power Pack upgrade provides advanced features and does not affect the user count. The following calculation method is used for upgrades for the 100, 200 and 400W models: Price of the new model minus 80% of the price of the old model For example, the list price of a functionality upgrade from Safe@Office 405 to Safe@Office 410 is $400 (= $799 - $499 x 80%, where $799 is the list price of the new model). Do internal SecuRemote users count towards the remote access license limit? No. The remote access license limit relates only to external VPN connections on the WAN interface. How can a customer upgrade an existing Safe@Office appliance to an appliance with integrated ADSL modem or WiFi access-point, or to a newer hardware model? Safe@Office Wireless and ADSL models use different hardware than Safe@Office appliances without these capabilities. Upgrading an existing Safe@Office appliance to a wireless or ADSL model requires a hardware trade-in. For more information on hardware trade-ins, contact your reseller or Check Point sales representative. 8

What is the RMA (Return Materials Authorization) process? The Service Request and RMA processes are facilitated by the small business support team. Products that are under the initial one-year warranty or under a support plan, and which have been verified by the support team as having malfunctioned are eligible for the Returned Materials Authorization (RMA) process. To obtain an RMA number for a Safe@Office product, contact the small business support team at http://www.sofaware.com/support. VARs should contact their distributors for return policy information. What are the support options for Safe@Office appliances? Safe@Office appliances include a standard one-year hardware warranty. Currently, the following annual support and service plans are available from Check Point: Support and Subscription: Security and firmware updates Email, Web and chat support Advanced replacement Dynamic DNS Advanced Support and Subscription: Security and firmware updates Email, Web and chat support Advanced replacement Dynamic DNS VStream Antivirus signature updates Application Intelligence updates Note that customers can purchase either of the two Support and Subscription plans. The Web Filtering service can be purchased as a stand-alone or together with either Support plan. How do customers contact the small business support team? The best way to contact support is to open a ticket or chat with an agent via the SofaWare small business support team portal at http://www.sofaware.com/support Who does a VAR or distributor contact for technical questions? For presales technical support, contact your supporting Check Point Sales Engineer (SE). For post-sales support, contact the SofaWare small business support team at http://www.sofaware.com/support. Note: Before contacting the support team, make sure you have the customer details and MAC address of the unit in question. The MAC address is listed on the appliance's label and also appears in the Web user interface. Is there an available call-to-action item that can be used with prospective customers? The primary call-to-action is the Small Business Security 101 white paper, which can be found together with other information via the following PartnerMAP link: http://www.checkpoint.com/partners/resources/safe@office/index.html 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information