Skip to main content
  • Results...

Web interface

  UTM licence VPN edition
Languages German, English German, English
Accessibility: Mode for colour vision deficiency yes yes
Dark mode yes yes
Audit-capable yes yes
Real-time monitoring functions yes yes
Configuration management Multiple configurations on one system Multiple configurations on one system
Triple firmware system for optimum security during upgrades yes yes
Backup management Manually, automatically via cloud Manually, automatically via cloud
Local administration Web user interface, SSH, console via serial connection, monitor + keyboard Web user interface, SSH, console via serial connection, monitor + keyboard
External administration Unified Security Console (USC) Unified Security Console (USC)
CLI (Command Line Interface) Console-based management - scripting and remote management possible Console-based management - scripting and remote management possible
Responsive design: interface adapts to browser size yes yes
Customisable dashboards yes yes
  UTM licence VPN licence
Languages German, English German, English
Clientless VPN - Browser-based connection via RDP
- VNC without additional plug-ins (HTML5)
- Browser-based connection via RDP
- VNC without additional plug-ins (HTML5)
SSL VPN clients (OpenVPN) Download of automatically preconfigured SSL VPN clients Download of automatically preconfigured SSL VPN clients
Wake on LAN yes yes
Change password yes yes
Spam management yes, incl. authorisation system no
Captive Portal yes, incl. user management no

Monitoring, logging and reporting

  UTM licence VPN licence
Log data yes yes
Anonymisation of log data with regard to GDPR yes, switched on by default yes, switched on by default
System/services/process status yes yes
Hardware status yes yes
Network status yes yes
Traffic status yes yes
VPN status yes yes
User authentication status yes yes
Live logging yes yes
Syslog - Syslog protocol support
- Integrated syslog server
- Syslog protocol support
- Integrated syslog server
Syslog logging Various syslog servers via UDP and TCP Various syslog servers via UDP and TCP
Sensors for RMM systems for RMM systems
Unified Security Report (USR) Prepared status reports as a separate service yes
Acute status reports by mail no
Reports yes no
Anonymisation of reports yes no
  UTM licence VPN licence
SNMPv1 yes yes
SNMPv2c yes yes
SNMPv3 yes yes
Monitoring of the system status yes yes
Application status monitoring yes yes
Monitoring of VPN connection (IPSec, OpenVPN) yes yes
Monitoring network utilisation yes yes
Mail queue monitoring yes no
  UTM licence VPN licence
Unified Security Report yes (optional depending on licence) yes (optional depending on licence)
Visualisation of the security status of devices and services yes Not applicable
Traffic and security categories yes Not applicable
Current risk assessments of the individual services yes Not applicable
Devices, licences, users yes Not applicable
Performance report of the systems used yes Not applicable
Risk assessments including recommendations for action yes Not applicable

Network functions

  UTM licence VPN licence
For models (Black Dwarf, Black Dwarf Pro, RC100, RC200) yes yes
Internet connection via optional LTE USB kit Internet connection via optional LTE USB kit Internet connection via optional LTE USB kit
Fallback via optional
LTE USB kit
Fallback via optional LTE USB kit Fallback via optional LTE USB kit
  UTM licence VPN licence
Virtual WLANs (e.g. guest networks) yes yes
Authentication via WPA yes yes
Authentication via
WPA2-Enterprise
yes yes
Authentication via
WPA2-Personal
yes yes
Authentication via
WPA3-Enterprise
yes yes
Authentication via
WPA3-Personal
yes yes
Authentication via
WPA3-OWE
yes yes
WLAN (2,4 or 5 GHz, 802.11 n/ac) yes yes
WLAN monitoring yes yes
Encryption WPA2 yes yes
Encryption WPA3 yes yes
Channel search automatically automatically
Number of SSIDs 2 2
  UTM licence VPN licence
PPPoE (e.g. for xDSL) yes yes
DHCP client (e.g. for cable modem) yes yes
Static IP configuration yes yes
Load balancing yes yes
Bandwidth management yes yes
Support for dynamic DNS services
(free of charge for resellers via www.spdyn.de)
yes yes
Optional LTE / UMTS 2G, 3G, 4G (via LTE USB kit) yes yes
  UTM licence VPN licence
Prefix delegation for Ethernet and PPPoE yes yes
IPv6 DHCP yes yes
Router Advertisment yes yes
DHCP relay, also through
VPN tunnel
yes yes
Rules for DHCP automatically for the respective interfaces yes yes
Configuration for external tunnel broker yes yes
  UTM licence VPN licence
Source routing yes yes
Destination routing yes yes
Policy based routing yes yes
Multipathrouting ja, auch im Mischbetrieb (bis zu 15 Leitungen) yes, also in mixed operation (up to 15 lines)
NAT (Static-/Hide-NAT) yes yes
Virtual IP addresses yes yes
BGP4/OSPF/RIP yes yes
  UTM licence VPN licence
DHCP relay yes yes
DHCP client yes yes
DHCP server Dynamic & fixed leases Dynamic & fixed leases
  UTM licence VPN licence
Port Forwarding yes yes
Port Address Translation (PAT) yes yes
Dedicated DMZ interfaces yes yes
  UTM licence VPN licence
802.1q Ethernet Header Tagging yes yes
Can be combined with bridging yes yes
  UTM licence VPN licence
Spanning Tree
(Bridge-ID, Port-Cost)
yes yes
Number of bridges not limited in the software not limited in the software
Number of interfaces per bridge not limited in the software not limited in the software
  UTM licence VPN licence
Prioritise automatic QoS settings based on TOS/DSCP yes yes
QoS/Traffic Shaping yes, also for VPN yes, also for VPN
Up- & download stream traffic adjustable yes yes
  UTM licence VPN licence
Active-Passive High Availability (HA) yes yes
Synchronisation of IP connections yes yes
Synchronisation of the configuration yes yes
  UTM licence VPN licence
Forwarder yes yes
Relay zones yes yes
Primary/Secondary zones (domain and reverse) yes yes
DNSSEC yes yes
DNS Rebinding Prevention yes yes
mDNS Repeater yes yes
  UTM licence VPN licence
IGMP proxy available yes yes
  UTM licence VPN licence
LACP yes yes

Traffic filter function

  UTM licence VPN licence
Time-controlled firewall rules yes yes
Connection tracking yes yes
Time-controlled Internet connection yes yes
Geo IP blocking yes yes
Packet filter (SPI) and proxy can be combined yes Proxy not available
Deep Packet Inspection (DPI) yes no
Content/web filter yes no
Time-controlled content/web filters yes no
Supported protocols All IP-based protocols All IP-based protocols
Predefined rules that apply to the entire system (implicit rules) yes yes
  UTM licence VPN licence
Protection against DoS/DDoS attacks yes yes
DNS rebinding protection yes yes
Portscan protection yes yes
Invalid network packet protection yes yes
IP blocking in the event of incorrect logon to UTM services (FailToBan) yes yes
Threat Intelligence Filter - Cloud-based filter for blocking known threats yes yes
Logging of potentially dangerous connections yes yes
  UTM licence VPN licence
Virus scanner available yes no
Scan of compressed data, archives (zip etc.) and attachments yes Not applicable
Automatic updates yes Not applicable
Availability in the http/s proxy & mail filter modules Not applicable

Mailsecurity

  UTM licence VPN licence
Antispam available yes no
Configurable filter yes not applicable
Virus Outbreak Detection yes not applicable
Virus scanner yes not applicable
Allow/block lists yes not applicable
Regular Expressions yes not applicable
Filter on header fields in emails yes not applicable
Filter for file attachments yes not applicable
Filter for SPF/DKIM/DMARC results yes not applicable
Filter for HTTP links in emails yes not applicable
Filter on hashes of known emails yes not applicable
Filter for fake URLs yes not applicable
URL content filter (blocking of categories such as Danger, Hacking, Pornography etc.) yes not applicable
Quarantine yes not applicable
Quarantine with rescan functionality yes not applicable
Marking the subject of e-mails yes not applicable
  UTM licence VPN licence
Supported protocols SMTP/S not applicable
Supported STARTTLS yes not applicable
Authentication - Active Directory
- LDAP
- Local user database
- Entra ID
not applicable
Check for SPF/DKIM/DMARC yes not applicable
Check for greeting pause, HELO and reverse DNS yes not applicable
Protection against recipient flooding"" yes not applicable
Rate control yes not applicable
Greylisting with allowlists of e-mail addresses and domains yes not applicable
Allow-/Blocklists yes not applicable
E-mail address validation directly via SMTP protocol yes not applicable
Forcing TLS yes not applicable
DKIM Signing yes not applicable
Smarthost with authentication yes not applicable
  UTM licence VPN licence
Supported protocols - IMAP/S (external)
- POP3/S (external)
- SMTP/S (internal)
not applicable
Authentication OAuth2 provider (e.g. for Google Workspace and Microsoft 365) not applicable
  UTM licence VPN licence
POP3 proxy available yes/ transparent no
Supported protocols POP3 (internal), POP3/S (external) not applicable

Web security

  UTM licence VPN licence
HTTP proxy integrated yes no
Protocols HTTP & HTTPS not applicable
SNI support yes not applicable
Transparent mode HTTP & HTTPS not applicable
Authentication - Active Directory (Kerberos, NTLM, Basic-Auth)
- LDAP (Basic-Auth)
- Local user database (Basic-Auth)
- Radius
not applicable
URL filter yes not applicable
Web filter yes not applicable
Antivirus yes not applicable
Access control Profile-based access control based on IP addresses or user groups not applicable
Bandwidth limitation possible yes not applicable
  UTM licence VPN licence
Content & web filter integrated yes no
Category-based website blocking with over 40 categories yes not applicable
Scan technology with online database yes not applicable
Filters - URL filter with URL lists
- Youth protection incl. BPjM filter
- File-Extension/ MIME types filter
- Allow/ block lists
not applicable
URL shortener yes not applicable
Advertising blocking yes not applicable
Force safesearch yes, in combination with SSL interception not applicable
Threat intelligence feed yes not applicable
Rules - User- / group-specific rules
- Time-controlled rules
not applicable

Further functions

  UTM licence VPN licence
Authentication for all VPN protocols (incl. SSL VPN and HTTP proxy) and UTM filters - Active Directory
- LDAP
- local user database
- Entra ID
- Active Directory
- LDAP
- local user database
- Entra ID
Authentication for SSL VPN and HTTP proxy Radius Radius
  UTM licence VPN licence
Configuration all settings of the UTM firewall all settings of the UTM firewall
Local backup yes yes
Cloud backup Automatic and time-based Automatic and time-based
Encryption for cloud backup yes yes
Restore for cloud backup Cloud backups can be restored and downloaded via the Unified Security Console (USC) Cloud backups can be restored and downloaded via the Unified Security Console (USC)
  UTM licence VPN licence
Integrated one-time password server for highly secure multi-factor authentication (MFA) yes yes
Procedure TOTP TOTP
Usable with - Admin interface
- User interface
- SSL VPN
- IPsec
- SSH
- Admin interface
- User interface
- SSL VPN
- IPsec
- SSH
  UTM licence VPN licence
Certificate revocation list (CRL) yes yes
Multi-CA support yes yes
Multi-host certificate support yes yes
Let's Encrypt/ ACME integrated integrated
  UTM licence VPN licence
Support for - Hyper-V®
- VMware® (from version 4.1)
- KVM
no
  UTM licence VPN licence
Reverse proxy integrated yes no
Usable for HTTP & HTTPS not applicable
Authentication Certificate-based not applicable
Loadbalancing Load balancing on internal servers not applicable
Bandwidth management yes not applicable
Filters Various filter options not applicable
Certificate renewal Automatically through Let's Encrypt/ ACME not applicable
  UTM licence VPN licence
Captive portal integrated yes no
HTTPS certificate changeable not applicable
Specification of terms of use yes not applicable
Dynamic rules (packet filter) yes, for registered users not applicable
Optional user login yes, with user name and password not applicable
Delegating the user administration yes, to the user interface not applicable
Design of the captive portal Customisable not applicable
Multilingual captive portal yes not applicable

VPN functions

  UTM licence VPN licence
Site-to-site (network coupling) yes yes
End-to-Site/Roadwarrior (connection of individual devices) yes yes
IKE procedure IKEv2 and IKEv1 IKEv2 and IKEv1
Encryption We support current methods We support current methods
Hash functions We support current methods We support current methods
Key exchange protocols Diffie-Hellman (current groups), Eliptic Curve Diffie-Hellman (current groups), Eliptic Curve
Authentication - Preshared Keys (PSK)
- X.509 certificates
- RSA-Keys
- MS-CHAPv2
- EAP-TLS
- Preshared Keys (PSK)
- X.509 certificates
- RSA-Keys
- MS-CHAPv2
- EAP-TLS
User authentication - Active Directory
- LDAP
- Local user database
- Entra ID
- Active Directory
- LDAP
- Local user database
- Entra ID
Dead Peer Detection (DPD) yes yes
NAT-T (MOBIKE configurable) yes yes
Data compression yes yes
Perfect Forward Secrecy (PFS) yes yes
Mode Route- und Policy-Mode VPN Route- und Policy-Mode VPN
  UTM licence VPN licence
Site-to-site (network coupling) yes yes
End-to-Site/Roadwarrior (connection of individual devices) yes yes
Authentication - Active Directory
- LDAP
- local user database
- Entra ID
- Radius
- Active Directory
- LDAP
- local user database
- Entra ID
- Radius
Encryption We support current methods We support current methods
Hash functions We support current methods We support current methods
Mode Routing mode VPN Routing mode VPN
X.509 certificates yes yes
TCP/UDP and ports changeable changeable
Data compression yes yes
TLS Crypt yes yes
Export of configurations possible with end-to-site possible with end-to-site
Securepoint SSL VPN Clients - iOS / iPadOS
- Android
- Windows
- iOS / iPadOS
- Android
- Windows
  UTM licence VPN licence
Site-to-site (network coupling) yes yes
End-to-Site/Roadwarrior (connection of individual devices) yes yes
Key exchange Curve25519 (ECDHE) Curve25519 (ECDHE)
Encryption of user data ChaCha20 & Poly1305 ChaCha20 & Poly1305
Hash function BLAKE2s BLAKE2s
Authentication - x25519 key
- PSK
- x25519 key
- PSK
Mode Routing mode VPN Routing mode VPN
UDP Port selectable at will selectable at will
  UTM licence VPN licence
Self-service for configuration file yes (user interface) yes (user interface)
Admin rights required to establish the connection no no
  UTM licence VPN licence
Connection RDP / VNC over https RDP / VNC over https
Plugin necessary? No, HTML5 based No, HTML5 based
Authentication - Active Directory
- LDAP
- lokale User-Datenbank
- Entra ID
- Radius
- Active Directory
- LDAP
- lokale User-Datenbank
- Entra ID
- Radius
Encryption SSL encryption SSL encryption
Access via User interface User interface

Note:

  • Not every feature can be combined with every other feature.
  • The list of features is based on version 12.6.2 as of 12.03.2024. We reserve the right to make changes at any time, but in particular for security reasons without prior notice.
  • We support current procedures (TLS / encryption)

Our solutions for your company

Three different UTM firewalls in one server cabinet

UTM Firewalls

The basis of network security

  • High-end content filter
  • Double virus filter
  • Anti-spam functions
Controller against computer virus is turned to Delete

Antivirus PRO

The antivirus for businesses

  • High-performance scan engine
  • Fast and unobtrusive
  • Central management
Man sitting in front of laptop with smartphone in hand

Securepoint Mobile Security

MDM and firewall to Go

  • Security for smartphone and tablet
  • Full mobile device management
  • Encrypted connections
Woman sitting with tablet on a desk in an office

Legally compliant e-mail archiving

With Unified Mail Archive

  • Intuitive search engine
  • Tamper-proof 
  • DSGVO and GoBD ready
View through an open safe door onto lockers

Reliable data backup

With Unified Backup

  • The last protection against ransomware
  • Reliable, fast, up-to-date
  • Server in Germany
Man and woman in an office in front of a computer

Cyber-Awareness-Training

With Awareness PLUS

  • Makes employees a "human firewall
  • Regular IT security training
  • Measurable learning success