RC200 NextGen UTM-Firewall

Securepoint RC200 NextGen UTM-Firewalls provide companies with secure Internet access. They are a perfect fit for the structure and protection of modern company networks. A secure network operation is ensured across the board thanks to efficient IT security applications.

The VPN-ready UTM-Gateways allow any number of locations to be linked securely and VPN dial-up accesses to be provided for secure access to the network. The free of charge SSL-VPN client provides mobile employees with an encrypted VPN access. The extensive VPN connectivity via IPSEC, XAUTH, SSL-VPN, L2TP, PPTP and Clientless VPN ensures encryption for data traffic on the Internet.

The Securepoint NextGen UTM-Firewalls protect company data reliably - today and tomorrow - against threats from the Internet thanks to constant development and updates.

Your benefits

  • Security when surfing
    Content filter and virus scanner
  • Protection against attacks
    Deep Packet Inspection (DPI)
  • Secure connectivity
    VPN and fallback solution
  • Secure communication
    Protection against phishing, spyware and malware

Securepoint RC200 NextGen UTM-Firewall Buy

 

Type:UTM RC200 WiFi & UMTS
UTM RC200 WiFi und UMTS
UTM RC200 WiFi
UTM RC200 WiFi
UTM RC200
UTM RC200
Suitable for:up to 50 users at the location
Brief overview of features:

Highly integrated, energy-saving UTM-Gateway including:

  • Deep Packet Inspection Firewall (DPI)
  • Intrusion Detection System (IDS)
  • Zero-Hour-Protection
  • Two virus/malware scanners (Commtouch and ClamAV)
  • High-end spam filter
  • Real-time content filter for web and email
  • Extensive VPN connectivity (IPSEC, XAUTH, SSL-VPN, L2TP, PPTP)
  • Integrated free of charge Securepoint SSL-VPN client
  • No licence costs for VPN connections
  • Clientless VPN: Browser-based VPN without plug-in (HTML5, RDP, VNC)
  • Attack detection and defence
  • User identification (locally, active directory, LDAP)
  • Integrated one-time password server (OTP) for high security multiple factor authentication
  • Mail connector for secure connection of POP3(S)/ IMAP(S) accounts to your email server (SMTP)
  • Automatic bandwidth management - QoS (for lower latency e.g. with VoIP telephony)
  • Encryption protocols and algorithms can be customized for individual applications
  • Transparent filtering of HTTP, HTTPS (HTTPS interception), POP3 (transparent proxy)
  • Extensive treatment of spam in user interface and via spam records
  • Complete router functionality
  • Complete IPv6 support
  • Reliability when using multiple Internet accesses (fallback)
  • Load distribution across multiple Internet accesses (load balancing/multipath routing)
IPv6-ready:
LAN ports MBit/s:4 x 10/100/1,000
WiFi (300 MBit/s):optional
UMTS (3G):optionaloptional
Hardware:Intel ATOM DualCore
Memory:4 GByte RAM
RAID controller:no
SSD-HD:1 x 30 GByte SSD
Spare/hot standby:optional; can be upgraded
19-inch-ready: optional Rackmount kit available
Power consumption:~27 watts
VPN clients included:
Subscription:Can subscribe for 1 to 5 years
Warranty:36-month guarantee (bring-in)
Optional 60-month guarantee and advance replacement can be booked

 

Securepoint NextGen UTM-Firewall Range of Functions:

Operating Functions

Administrator Operation:

  • Languages: English, German
  • Auditable
  • Encryption of configurations, log data/reports
  • Real-time monitoring functions
  • Object-oriented configuration
  • Configuration backup management in Securepoint Cloud
  • Password/access data management
  • Configuration management (multiple configurations in one system)
  • Firmware management (update of firmware versions)
  • Backup management (configuration backups)
  • Configuration via:
    • CLI (Command Line Interface):
      Script-based management for automated rollouts
    • Web user interface:
      Single system management
    • Securepoint Operation Center (SOC):
      Multisystem management
  • SSH access to CLI
  • Customisable dashboard

 

End-user operation:

  • Languages: English, German
  • Clientless VPN (VPN via browser for RDP, VNC without additional plug-ins)
  • Download of automatically preconfigured SSL-VPN-Clients (OpenVPN)
  • Wake-on-LAN

Monitoring, logging and report functions

Monitoring, logging and reporting:

  • Two-man rule
  • Encryption of configurations, log data and reports
  • Anonymization of log data/reports
  • System/service status
  • Hardware status
  • Network status
  • Service/process status
  • Traffic status
  • VPN status
  • User authentication status
  • Live logging
  • Syslog protocol support and integrated syslog server (see SOC)
  • Logging to different syslog servers

SNMP:

  • SNMPv1
  • SNMPv2c
  • SNMP traps
  • Monitoring:
    • CPU, RAM, HDD/SSD/RAID, Ethernet
    • Internet connections

Statistics and reports (SOC):

  • Export statistics as PDF and CSV
  • Antivirus/antispam statistics
  • Alerts: Triggered alarms
  • Malware: Names, type, number
  • Top websites: Traffic to websites
  • Top surfers: All users that cause traffic
  • User’s traffic
  • Surfers+websites: Websites by users
  • Categories blocked by content/web filter
  • Blocked websites: websites that are blocked
  • Interface utilisation/traffic
  • SMTP attacks
  • IDS attack overview
  • IDS IP attackers and attack types
  • Top dropped packets
  • Top accepted packets
  • Top rejected packets
  • Top rejected emails
  • Top accepted emails
  • Top accepted/rejected emails
  • Top accepted mail servers
  • Top rejected mail servers
  • Top servers in greylisting whitelisted
  • Top servers in greylisting rejected

Network functions

IPv6-ready:

  • Configuration for external tunnel brokers (e.g. HE.net)
  • IPv6-DHCP and router advertisement
  • DHCP relay, also via VPN tunnel
  • Rules for DHCP are automatically created for the respective interface

 

LAN/WAN:

  • xDSL (PPPoE), cable modem
  • Load balancing
  • Bandwidth management
  • Time-controlled Internet connections
  • DynDNS support (free of charge via www.spdns.de)

 

Routing:

  • Source routing
  • Destination routing
  • Multipath routing in mixed operation also (up to 15 lines)
  • NAT (Static/hide NAT), virtual IP addresses
  • BGP4

 

DHCP (IPv4/IPv6):

  • DHCP relay
  • DHCP client
  • DHCP server (dynamic/fixed IP)

 

DMZ:

  • Port forwarding
  • Port address translation (PAT)
  • Dedicated DMZ links

 

VLAN:

  • Max. 4094 VLANs per interface
  • 802.1q Ethernet header tagging
  • Can be combined with bridging

 

Bridge mode:

  • OSI-Layer 2 Firewall functions
  • Spanning tree (bridge ID, port cost)
  • Unlimited bridges
  • Unlimited interfaces per bridge

 

Traffic shaping/quality of service (QoS):

  • QoS/traffic shaping (also for VPN)
  • Adjustable upload/download stream traffic
  • All services can be configured separately
  • Minimum, maximum and guaranteed bandwidths can be configured individually
  • Multiple internet connections supported

 

High availability:

  • active/passive HA
  • Synchronisation of single/multiple connections

 

Name server:

  • Forwarder
  • Relay zones
  • Master zones (domain and reverse)

Network functions

Firewall deep packet inspection (DPI):

  • Deep packet inspection
  • Connection tracking TCP/UDP/ICMP
  • SPI and proxy can be combined
  • OSI-Layer 7-Filter
  • Time-controlled firewall rules, content/web filter, Internet connection
  • Group-based firewall rules, content/web filter, Internet connection
  • Supported protocols: TCP, UDP, ICMP, GRE, ESP, AH

 

Implied rules configuration:

  • Standard services such as Bootp, Netbios Broadcast... can be removed from logging by On-Click
  • Access can be granted via On-Click for standard services such as VPN without a rule having to be written
  • Static NAT, Hide NAT and other exceptions can be configured in the packet filter

 

VPN:

  • VPN and certificate assistant

 

Clientless VPN:

  • Client-to-Site (VPN home offices)
  • VPN via browser for RDP/VNC without additional plug-ins (modern browsers)
  • Authentication: Active directory, local user database
  • SSL encryption

IPSec:

  • Site-to-Site (VPN branches)
  • Client-to-Site (VPN home offices)
  • Authentication: Active directory, local user database
  • Encryption: 3DES, AES 128/ 256Bit, Twofish
  • Hash-Algo., MD5-HMAC/SHA1, SHA2
  • Windows 7/8-ready with IKEv1, IKEv2
  • Preshared Keys (PSK)
  • X.509 certificate
  • Tunnel mode
  • DPD (Dead Peer Detection)
  • NAT-T
  • Data compression
  • PFS (Perfect Forward Secrecy)
  • XAUTH, L2TP

SSL:

  • Site-to-Site (VPNbranches)
  • Client-to-Site (VPN home offices)
  • Authentication: Active directory, local user database
  • SSL encryption (OpenVPN)
  • Encryption: 3DES, AES (128, 192, 256) CAST5, Blowfish
  • Routing mode-VPN
  • X.509 certificate
  • TCP/UDP port can be changed
  • Data compressio
  • Export für One-Click-Connection

L2TP:

  • Client-to-Site (VPN home offices)
  • Authentication: Active directory, radius, local user database
  • Windows L2TP support

PPTP (not recommended):

  • Client-to-Site (VPN home offices)
  • Authentication: Active directory, radius, local user database
  • Windows PPTP support

 

X.509 Certificate server: 

  • Certificate blocklist (CRL)
  • Multi-CA support
  • Multi-host certificate support

 

VPN clients (free):

OpenVPN client (OpenVPN):

  • Can be configured centrally via administration interface
  • Including configuration that can be downloaded via user web interface
  • Can be executed without admin rights with Windows
  • Operation: On-Click-VPN-Connection

Clientless VPN:

  • Can be configured centrally via admin interface
  • Can be called up via user interface
  • Operation: On-Click-VPN-Connection

 

Antivirus (AV):

  • Two virus scanners as standard:
    • Commtouch AV & ClamAV
  • Virus scanner cascadable SMTP, POP3
  • Scan protocols: HTTP, HTTPS, FTP over HTTP, POP3, SMTP
  • Encrypted data scanned (SSL interception/bump)
  • Compromised data, archives (zip etc.) and attachments scanned
  • Manual and automatic updates

 

Antispam (AS):

  • Protocols SMTP, POP3
  • Authentication: Active directory, LDAP, local user database
  • Zero day protection
  • RBL lists (SMTP)
  • Black/whitelists
  • Greylisting (SMTP)
  • Regular expressions
  • SMTP gateway:
    • Greeting pause, protection against “recipient flooding”, Rate control
    • Greylisting with whitelists of email addresses and domains
    • Email address validation directly via SMTP protocol
  • Can be combined with content filter (blocking categories such as pornography etc.)

 

Proxies: 

  • HTTP, HTTPS, FTP over HTTP, POP3, SMTP, SIP/RTP, VNC
  • Transparent mode (HTTP, POP3)
  • Authentication: Active directory, LDAP, local user database
  • Integrated URL/content/web filter (see content/web filter)
  • Integrated antivirus system (see AV)
  • Integrated spam filter (see AS)
  • Group/time-controlled rules

Reverse proxy:

  • Reverse proxy for HTTP, HTTPS
  • Load balancing on internal server
  • Bandwidth management
  • Different filter options

 

Content/web filter: 

  • Content filter with 46 categories
  • Category-based website blocks
  • Authentication: active directory, local user database
  • Scan technology with online database
  • URL filter with import/export URL lists
  • Black/whitelists
  • File extension/MIME type filter
  • Advertising blocked (approx. 50% of adverts removed from websites)

 

IDS/IPS:

  • Protection against DoS/dDoS attacks
  • Port scan protection
  • Invalid network packet protection
  • Automated warning (email etc.)

 

User authentication:

  • Complete active directory integration
  • Authentication against active directory for all VPN protocols, filters and proxies of UTM
  • And also radius authentication for VPN protocols PPTP/L2TP

 

Backup:

  • Locally in the workplace, locally in UTM/VPN system, in SOC database and Securepoint Cloud
  • Automatic and time-based backups
  • Backups can be encrypted
  • Backups possible on. running system

 

One-time password (OTP):

  • Integrated one-time password server for high security two and three factor authentication

 

Mail connector:

  • Integrated for retrieving emails via POP3(S)/IMAP(S) and forwarding via SMTP
  • Increases spam detection and virus protection

 

Admin web interface:

Quick overview with dashboard and docking station
You use a web browser to access the admin web interface of the Securepoint NextGen UTM-Firewall. This is the central interface for managing the appliance. The admin interface has a monitoring overview for UTM that can be configured individually and it has a docking station. Here you can define views to meet your own personal requirements and thus display the most important information about UTM. Simple operation via the admin interface and the use of the setup wizard thus ensure a quick start-up.

User web interface:

User web interface: Example Clientless VPN
Clientless VPN allows VPN via the browser for RDP and VNC without additional plugins (a modern browser is required). Installation on the client is not required for operation. The example used here is a Windows operating system (Apple Mac OSX, Linux etc. also possible of course) in the browser.


Administration: Central configuration management, backups and monitoring with the Securepoint Operation Center
The Securepoint Operation Center is the central configuration and management solution for all of Securepoint’s UTM and VPN systems. The Operation Center allows you to centrally manage and automatically support any number of Securepoint UTM and VPN products. This is especially important if you have to manage large UTM and VPN infrastructures. The Securepoint Operation Center is available as a local desktop and server version that can be integrated into your central backup concept.

 

Please fill in any case from the fields marked with *.
CAPTCHA image for SPAM prevention If you can't read the word, click here.