4400 Appliance Datasheet

Published on May 2016 | Categories: Types, School Work | Downloads: 61 | Comments: 0 | Views: 296
of 5
Download PDF   Embed   Report

Comments

Content

Datasheet:
Check Point 4400 Appliance

4400
Enterprise-grade security
appliance (223 SPU/5Gbps)—
fast networking and fiber and
copper connectivity options

Check Point 4400 Appliance
Today the enterprise gateway is more than a firewall. It is a security device presented
with an ever-increasing number of sophisticated threats. As an enterprise security
gateway it must use multiple technologies to control network access, detect
sophisticated attacks and provide additional security capabilities like data loss
prevention and protection from web-based threats. The proliferation of mobile
devices like smartphones and Tablets and new streaming, social networking and
P2P applications requires a higher connection capacity and new application control
technologies. Finally, the shift towards enterprise private and public cloud services,
in all its variations, changes the company borders and requires enhanced capacity
and additional security solutions.
Check Point’s new appliances combine fast networking technologies with high
performance multi-core capabilities—providing the highest level of security without
compromising on network speeds to keep your data, network and employees secure.
Optimized for the Software Blades Architecture, each appliance is capable of running
any combination of Software Blades—providing the flexibility and the precise level of
security for any business at every network location by consolidating multiple security
technologies into a single integrated solution.
Each Check Point Appliance supports the Check Point 3D security vision of
combining policies, people and enforcement for unbeatable protection and is
optimized for enabling any combination of the following Software Blades: (1) Firewall,
(2) VPN, (3) IPS, (4) Application Control, (5) Mobile Access, (6) DLP, (7) URL Filtering,
(8) Antivirus, (9) Anti-spam, (10) Anti-Bot, (11) Identity Awareness and (12) Advanced
Networking & Clustering.

OVERVIEW
The Check Point 4400 Appliance offers a complete and consolidated security
solution, with leading performance in a 1U form factor.
In addition to eight onboard 1 Gigabit copper Ethernet ports, the 4400 also comes
with an available expansion slot for the option of adding four 1 Gigabit copper or 2 or 4
fiber Ethernet ports. With 223 SecurityPower Units, max firewall throughput of over 5
Gbps and IPS performance up to 3.5 Gbps the 4400 is capable of securing any small
to mid-size office.

KEY FEATURES
n

223 SecurityPower™
5 Gbps of firewall throughput
n 3.5 Gbps of IPS throughput
n Up to 12 10/100/1000Base-T ports
n Up to 4 1GbE Fiber ports
n

n

1 rack unit appliance

KEY BENEFITS
n

Entry level, enterprise-grade appliance
Delivers everything you need to secure
your network in one appliance
n Simplifies administration with a single
integrated management console
n Ensures data security for remote access
and site-to-site communications
n Provides comprehensive security and
protects against emerging threats with
Extensible Software Blade Architecture
n

GATEWAY SOFTWARE BLADES
4407

4408

4410

Firewall

n

n

n

IPsec VPN

n

n

n

Mobile Access
(5 users)

n

n

n

Advanced Networking
& Clustering

n

n

n

Identity Awareness

n

n

n

IPS

n

n

n

Application Control

n

n

n

Data Loss Prevention

*

n

*

URL Filtering

*

*

n

Antivirus

*

*

n

Anti-spam

*

*

n

Anti-Bot

*

*

*

* Optional

©2012 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Protected] - All rights reserved 1

|

Datasheet: Check Point 4400 Appliance

4400
1 Standard rack mount (Slide rails optional)
2 One network expansion slot
3 8 x 10/100/1000Base-T RJ45 ports
4 Two USB ports for ISO installation
5 Console port RJ45
6 Graphic LCD display for management
IP address and image management

1

2

SECURITYPOWER
Until today security appliance selection has been based upon
selecting specific performance measurements for each security
function, usually under optimal lab testing conditions and using
a security policy that has one rule. Today customers can select
security appliances by their SecurityPower ratings which are
based on real-world customer traffic, multiple security functions
and a typical security policy.
SecurityPower is a new benchmark that measures the capability
and capacity of an appliance to perform multiple advanced
security functions (Software Blades) such as IPS, DLP and
Application Control in real world traffic conditions. This provides
an effective metric to better predict the current and future
behavior of appliances under security attacks and in day-to-day
operations. Customer SecurityPower Unit (SPU) requirements,
determined using the Check Point Appliance Selection Tool,
can be matched to the SPU ratings of Check Point Appliances
to select the right appliance for their specific requirements.

ALL-INCLUSIVE SECURITY SOLUTION
The Check Point 4400 Appliance offers a complete and
consolidated security solution in a 1U form factor based on the
Check Point Software Blade architecture. Available in three
software packages of 7, 8 and 10 Blades, the platform provides
up-to-date and extensible security protection.

INTEGRATED SECURITY MANAGEMENT
The appliance can either be managed locally with its available
integrated security management or via central unified
management. Using local management, the appliance
can manage itself and one adjacent appliance for high
availability purposes.

3

4

5

6

REMOTE ACCESS CONNECTIVITY
FOR MOBILE DEVICES
Each appliance arrives with mobile access connectivity for
5 users, using the Mobile Access Blade. This license provides
secure remote access to corporate resources from a wide
variety of devices including smartphones, tablets, PCs,
Mac and Linux.

GAiA—THE UNIFIED SECURITY OS
Check Point GAiA™ is the next generation Secure Operating
System for all Check Point appliances, open servers and
virtualized gateways. GAiA combines the best features from
IPSO and SecurePlatform into a single unified OS providing
greater efficiency and robust performance. By upgrading to GAiA,
customers will benefit from improved appliance connection
capacity and reduced operating costs. With GAiA, customers will
gain the ability to leverage the full breadth and power of all Check
Point Software Blades. GAiA secures IPv4 and IPv6 networks
utilizing the Check Point Acceleration & Clustering technology
and it protects the most complex network environments by
supporting dynamic routing protocols like RIP, OSPF, BGP,
PIM (sparse and dense mode) and IGMP. As a 64-Bit OS, GAiA
increases the connection capacity of select appliances.
GAiA simplifies management with segregation of duties by
enabling role-based administrative access. Furthermore, GAiA
greatly increases operation efficiency by offering Automatic
Software Updates. The intuitive and feature-rich Web interface
allows for instant search of any commands or properties. GAiA
offers full compatibility with IPSO and SecurePlatform command
line interfaces, making it an easy transition for existing Check
Point customers.

©2012 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Protected] - All rights reserved 2

|

Datasheet: Check Point 4400 Appliance

TECHNICAL SPECIFICATIONS

1

Base Configuration

High Availability

8 x 10/100/1000Base-T RJ45 ports

Active/Active - L3 mode

250 GB hard disk drive

Active/Passive - L3 mode

One AC power supply

Session synchronization for firewall and VPN

Standard rack mount

Session failover for routing change

Network Expansion Slot Options

Device failure detection

4 x 10/100/1000Base-T RJ45 ports

Link failure detection

2 x 1000Base-F SFP ports

ClusterXL or VRRP

4 x 1000Base-F SFP ports

Dimensions

Max Configuration

Enclosure: 1U

12 x 10/100/1000Base-T RJ45 ports

Standard (W x D x H): 17.25 x 12.56 x 1.73 in.

8 x 10/100/1000Base-T RJ45 + 4 x 1000Base-F SFP ports

Metric (W x D x H): 438 x 320 x 44 mm

Performance

Weight: 7.5 kg (16.53 lbs.)

223 SecurityPower 1

Power Requirements

5 Gbps of firewall throughput, 1518 byte UDP

AC Input Voltage: 100 - 240V

1.2 Gbps of VPN throughput, AES-128

Frequency: 50 - 60 Hz

3.5 Gbps of IPS throughput Default IPS profile

Single Power Supply Rating: 250 W

700 Mbps of IPS throughput Recommended IPS profile

Power Consumption Maximum: 90 W

1.2 million concurrent connections

Maximum thermal output: 240.1 BTU

40,000 connections per second

Operating Environmental Conditions

Network Connectivity

Temperature: 32° to 104°F / 0° to 40°C

IPv4 and IPv6

Humidity: 20% - 90% (non-condensing)

1024 VLANs

Storage Conditions

256 VLANs per interface

Temperature: –4° to 158°F / –20° to 70°C

802.3ad passive and active link aggregation

Humidity: 5% - 95% @ 60°C (non-condensing)

Layer 2 (transparent) and Layer 3 (routing) mode

Certifications

SecurityPower: A metric to measure appliance performance based on real
world traffic given the deployed software blades. Find the right appliance for
your performance and security needs.

Safety: CB, UL/cUL, CSA, TUV, NOM, CCC, IRAM, PCT/GoST
Emissions: FCC, CE, VCCI, C-Tick, CCC, ANATEL, KCC
Environmental: RoHS

©2012 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Protected] - All rights reserved 3

|

Datasheet: Check Point 4400 Appliance

SOFTWARE PACKAGE SPECIFICATIONS
Base Packages

SKU

4400 Appliance with 7 Security blades (including Firewall, VPN, Advanced Networking & Clustering, Identity Awareness,
Mobile Access for 5 concurrent users, IPS, and Application Control blades); bundled with local management for
up to 2 gateways

CPAP-SG4407

4400 Appliance with 8 Security blades (including Firewall, VPN, Advanced Networking & Clustering, Identity Awareness,
Mobile Access for 5 concurrent users, IPS, Application Control, and DLP blades)

CPAP-SG4408

4400 Appliance with 10 Security blades (including Firewall, VPN, Advanced Networking & Clustering, Identity Awareness,
and Mobile Access for 5 concurrent users, IPS, Application Control, URL Filtering, Antivirus, and Email Security blades);
bundled with local management for up to 2 gateways

CPAP-SG4410

4400 Appliance with 7 Security blades (including Firewall, VPN, Advanced Networking & Clustering, Identity Awareness,
Mobile Access for 5 concurrent users, IPS, and Application Control blades); bundled with local management for up to 2
gateways; for High Availability

CPAP-SG4407-HA

4400 Appliance with 8 Security blades (including Firewall, VPN, Advanced Networking & Clustering, Identity Awareness,
Mobile Access for 5 concurrent users, IPS, Application Control, and DLP blades); bundled with local management for up
to 2 gateways; for High Availability

CPAP-SG4408-HA

4400 Appliance with 10 Security blades (including Firewall, VPN, Advanced Networking & Clustering, Identity Awareness,
and Mobile Access for 5 concurrent users, IPS, Application Control, URL Filtering, Antivirus, and Email Security blades);
bundled with local management for up to 2 gateways; for High Availability

CPAP-SG4410-HA

Software Blades Packages

SKU

Check Point Extended Security Software Blades Package for 1 year for 4400 appliance (including IPS, URL Filtering,
Application Control, Antivirus, Email Security, and DLP blades)

CPSB-ESEC-6B-4400-1Y

Check Point UTM+ Software Blades Package for 1 year for 4400 appliance (including IPS, URL Filtering, Application
Control, Antivirus, and Email Security blades)

CPSB-UTMP-5B-4400-1Y

Check Point DLP+ Software Blades Package for 1 year for 4400 appliance (including IPS, Application Control, and DLP)

CPSB-DLPP-3B-4400-1Y

Check Point Extended Threat Protection Software Blades Package for 1 year for 4400 (including Application Control and
IPS blades)

CPSB-ETPR-2B-4400-1Y

Check Point Web Control Software Blades Package for 1 year for 4400 (including Application Control and
URL Filtering blades)

CPSB-WBCL-2B-4400-1Y

Check Point Anti-Malware Package for 1 year for 4400 (including Anti-Bot and AV blades)

CPSB-ABAV-2B-4400-1Y

Check Point Extended Security Software Blades Package for 1 year for 4400 appliance (including IPS, URL Filtering,
Application Control, Antivirus, Email Security, and DLP blades); for High Availability

CPSB-ESEC-6B-4400-1Y-HA

Check Point UTM+ Software Blades Package for 1 year for 4400 appliance (including IPS, URL Filtering, Application
Control, Antivirus, and Email Security blades); for High Availability

CPSB-UTMP-5B-4400-1Y-HA

Check Point DLP+ Software Blades Package for 1 year for 4400 appliance (including IPS, Application Control, and DLP);
for High Availability

CPSB-DLPP-3B-4400-1Y-HA

Check Point Extended Threat Protection Software Blades Package for 1 year for 4400 (including Application Control and
IPS blades); for High Availability

CPSB-ETPR-2B-4400-1Y-HA

Check Point Web Control Software Blades Package for 1 year for 4400 (including Application Control and URL Filtering
blades); for High Availability

CPSB-WBCL-2B-4400-1Y-HA

Check Point Anti-Malware Package for 1 year for 4400 (including Anti-Bot and AV blades—for High Availability

CPSB-ABAV-2B-4400-1Y-HA

©2012 Check Point Software Technologies Ltd. All rights reserved.
Classification: [Protected] - All rights reserved 4

|

Datasheet: Check Point 4400 Appliance

Additional Software Blades

SKU

Check Point Mobile Access Blade for up to 50 concurrent connections

CPSB-MOB-50

Data Loss Prevention Blade for 1 year (for up to 500 users, up to 15,000 mails per hour and max throughput of 700 Mbps)

CPSB-DLP-500-1Y

Check Point IPS blade for 1 year

CPSB-IPS-S-1Y

Check Point Application Control blade for 1 year

CPSB-APCL-S-1Y

Check Point URL Filtering blade for 1 year

CPSB-URLF-S-1Y

Check Point Antivirus Blade for 1 year

CPSB-AV-S-1Y

Check Point Anti-Spam & Email Security Blade for 1 year

CPSB-ASPM-1Y

Check Point Anti-Bot Blade for 1 year - for low-end appliances and pre-defined system

CPSB-ABOT-S-1Y

Check Point Mobile Access Blade for up to 50 concurrent connections - for High Availability

CPSB-MOB-50-HA

Data Loss Prevention Blade for 1 year (for up to 500 users, up to 15,000 mails per hour and max throughput of 700 Mbps);
for High Availability

CPSB-DLP-500-1Y-HA

Check Point IPS blade for 1 year; for High Availability

CPSB-IPS-S-1Y-HA

Check Point Application Control blade for 1 year; for High Availability

CPSB-APCL-S-1Y-HA

Check Point URL Filtering blade for 1 year; for High Availability

CPSB-URLF-S-1Y-HA

Check Point Antivirus Blade for 1 year; for High Availability

CPSB-AV-S-1Y-HA

Check Point Anti-Spam & Email Security Blade for 1 year - for High Availability

CPSB-ASPM-1Y-HA

Check Point Anti-Bot Blade for 1 year - for low-end appliances and pre-defined systems - for High Availability

CPSB-ABOT-S-1Y-HA

ACCESSORIES
Interface Cards and Transceivers

SKU

4 Port 10/100/100Base-T RJ45 interface card

CPAC-4-1C

4 Port 1000Base-F SFP interface card; requires additional 1000Base SFP transceiver modules per interface port

CPAC-4-1F

SFP transceiver module for 1G fiber ports—long range (1000Base-LX) for CPAC-4-1F

CPAC-TR-1LX

SFP transceiver module for 1G fiber ports—short range (1000Base-SX) for CPAC-4-1F

CPAC-TR-1SX

Spares and Miscellaneous

SKU

Slide RAILS for Check Point Appliances

CPAC-RAILS

CONTACT CHECK POINT

Worldwide Headquarters
5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: [email protected]
U.S. Headquarters
800 Bridge Parkway, Redwood City, CA 94065 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com

©2012 Check Point Software Technologies Ltd. All rights reserved.
May 15, 2012

Sponsor Documents

Recommended

No recommend documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close