CHECK POINT 5200 NGFW Next-Generation Network Firewall APPLIANCE

Product Detail

Chucheng Information is one of the leading China check point 5200 ngfw next-generation firewall appliance manufacturers, which is also one of the famous brands. We employed well-educated and experienced workers and introduced world's leading equipment. Now, with large quantity of products in stock, we warmly welcome you to buy our discount and cheap equipment at low price with us.

CHECK POINT 5200 NGFW Next-Generation Network Firewall APPLIANCE 







CHECK POINT 5200 APPLIANCE

 

Small enterprise and branch office security

 

 

 

Product Benefits

 

· Enable the most advanced threat prevention security

 

· Optimal performance even when inspecting SSL encrypted traffic

 

· Future-proofed technology safeguards against tomorrow’s risks

 

· Centralized control and LOM improves serviceability

 

· High performance package optimizes platform performance

 

· Modular, expandable chassis with flexible I/O options

 

Product Features

 

· Simple deployment and management

 

· Secure remote access to corporate resources from a wide variety of devices

 

· One network expansion slot to add port density, fiber and fail-open IO card options

 

Redundant appliance clustering technologies eliminate a single point of failure




OVERVIEW

 

The Check Point 5200 Appliance combines the most comprehensive security protections to safeguard your small enterprise and branch office deployments. The 5200 is a 1U appliance with one I/O expansion slot for higher port capacity, a 500 GB hard disk, and optional Lights-Out Management (LOM) for remote management. This powerful security appliance is optimized to deliver real -world threat prevention to secure your critical assets and environments.

 

COMPREHENSIVE THREAT PREVENTION

 

The rapid growth of malware, growing attacker sophistication and the rise of new unknown zero-day threats require a different approach to keep enterprise networks and data secure. Check Point delivers fully integrated, comprehensive Threat Prevention with award-winning SandBlast™ Threat Emulation and Threat Extraction for complete protection against the most sophisticated threats and zero -day vulnerabilities.

 

Production Environment Performance¹

 

	SecurityPower™ Units (SPU)			425 SPU
	Firewall throughput			5.3 Gbps
	IPS throughput			810 Mbps
	NGFW throughput (Firewall, Application Control, IPS)			520 Mbps
	Threat prevention throughput2
				250 Mbps
	Ideal Testing Conditions Performance (RFC 3511, 2544, 2647, 1242)
	Firewall throughput, 1518 byte UDP			16 Gbps
	Connections per second		125,000
	Concurrent connections			3.2 to 6.43 million
	VPN throughput, AES-128			1.88 Gbps
	IPS throughput			3 Gbps
	NGFW throughput (Firewall, Application Control, IPS)			2.7 Gbps

 

¹ Performance measured with real-world traffic blend and content, a typical rule base, updated recommended signatures, NAT and logging enabled, ² FW, IPS, APPCTRL, AV, AB, URLF, ³ with maximum memory

ALL-INCLUSIVE SECURITY SOLUTIONS

 

Check Point 5200 Appliances offer a complete and consolidated security solution available in two complete packages:

 

· NGTP: prevent sophisticated cyber-threats with Application Control, URL Filtering, IPS, Antivirus, Anti-Bot and Email Security.

 

· NGTX: NGTP with SandBlast Zero-Day Protection, which includes Threat Emulation and Threat Extraction.

 

PREVENT KNOWN AND ZERO-DAY THREATS

 

The 5200 Appliance protects organizations from both known and unknown threats with Antivirus, Anti-Bot, SandBlast Threat Emulation (sandboxing), and SandBlast Threat Extraction technologies.

 

As part of the Check Point SandBlast Zero-Day Protection solution, the cloud-based Threat Emulation engine detects malware at the exploit phase, even before hackers can apply evasion techniques attempting to bypass the sandbox. Files are quickly quarantined and inspected, running in a virtual sandbox to discover malicious behavior before it enters your network. This innovative solution combines cloud-based CPU-level inspection and OS-level sandboxing to prevent infection from the most dangerous exploits, and zero-day and targeted attacks.

 

Furthermore, SandBlast Threat Extraction removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow.

 

	NGTP	NGTX
	Prevent known	Prevent known
	threats	and zero-day
		attacks
Firewall	ü	ü
VPN (IPsec)	ü	ü
IPS	ü	ü
Application Control	ü	ü
URL Filtering	ü	ü
Anti-Bot	ü	ü
Anti-Virus	ü	ü
Anti-Spam	ü	ü
SandBlast Threat Emulation	û	ü
SandBlast Threat Extraction	û	ü

INSPECT ENCRYPTED CONNECTIONS

 

There is a shift towards more use of HTTPS, SSL and TLS encryption to increase Internet security. At the same time files delivered into the organization over SSL and TLS represent a stealthy attack vector that bypasses traditional security implementations. Check Point Threat Prevention looks inside encrypted SSL and TLS tunnels to detect threats, ensuring users remain in compliance with company policies while surfing the Internet and using corporate data.

 

INCLUSIVE HIGH PERFORMANCE PACKAGE

 

Customers with high connection capacity requirements can purchase the affordable High Performance Package (HPP). This includes the appliance plus one 4x 1Gb SFP interface card, transceivers and Lights-Out-Management.

 

			Base	HPP	Max
	1	GbE ports (Copper)	6	6	14
	1	GbE ports (Fiber)	0	4	4
	Transceivers (SR)		0	4	4
	RAM		8GB	8GB	16GB
	Power Supply Units		1	1	1
	Lights Out Management		Optional	Included	Included

 

REMOTE MANAGEMENT AND MONITORING

 

An optional Lights-Out-Management (LOM) card provides out-of-band remote management to remotely diagnose, start, restart and manage the appliance from a remote location. Administrators can also use the LOM web interface to remotely install an OS image from an ISO file.

 

SECURE REMOTE ACCESS

 

Each Check Point appliance is configured with mobile access connectivity for up to 5 users, using the Mobile Access Blade. This license provides secure remote access to corporate resources from a wide variety of devices including smartphones, tablets, PCs, Mac and Linux.

 

INTEGRATED SECURITY MANAGEMENT

 

Every Check Point appliance can either be managed locally with its available integrated security management or via central unified management. Using local management, the appliance can manage itself and one adjacent appliance for high availability deployments.




ORDERING INFORMATION

 

	BASE CONFIGURATION 1
	5200 Next-Gen Threat Prevention bundled with local management for up to 2 gateways	CPAP-SG5200-NGTP
	5200 Next-Gen Threat Extraction bundled with local management for up to 2 gateways	CPAP-SG5200-NGTX
	HIGH PERFORMANCE PACKAGES 1
	5200 Next-Gen Threat Prevention High Performance Package with 4x1GbE SFP ports, 4xSR transceivers	CPAP-SG5200-NGTP-HPP
	and Lights-Out-Management
	5200 Next-Gen Threat Extraction High Performance Package with 4x1GbE SFP ports, 4xSR transceivers	CPAP-SG5200-NGTX-HPP
	and Lights-Out-Management
	1 SKUs for 2 and 3 years and for High Availability are available, see the online Product Catalog

ACCESSORIES
INTERFACE CARDS AND TRANSCEIVERS
8 Port 10/100/1000 Base-T RJ45 interface card	CPAC-8-1C-B
4 Port 1000Base-F SFP interface card; requires additional 1000Base SFP transceivers	CPAC-4-1F-B
SFP transceiver module for 1G fiber ports - long range (1000Base-LX)	CPAC-TR-1LX-B
SFP transceiver module for 1G fiber ports - short range (1000Base-SX)	CPAC-TR-1SX-B
SFP transceiver to 1000 Base-T RJ45 (Copper)	CPAC-TR-1T-B
4 Port 1GE copper Bypass (Fail-Open) network interface card (10/100/1000 Base-T)	CPAC-4-1C-BP-B
SPARES AND MISCELLANEOUS
Memory upgrade kit from 8GB to 16GB for 5200 appliance	CPAC-RAM8GB-5000
Lights Out Management module	CPAC-LOM-B
Slide rails for 5000 Appliances (22” - 32”)	CPAC-RAIL-5000
Extended slide rails for 5000 Appliances (26” - 36”)	CPAC-RAIL-EXT-5000



Expansion Options

 

Base Configuration

 

· 6 on-board 10/100/1000Base-T RJ-45 ports

 

· 8 GB memory (16 GB option)

 

· 1 power supply

 

· 1x 500 GB hard drive

 

· Fixed rails (slide rail option)

 

· (Lights-Out-Management (LOM) option)

 

Network Expansion Slot Options (1 slot available)

 

· 8x 10/100/1000Base-T RJ45 port card, up to 14 ports

 

· 4x 1000Base-F SFP port card, up to 4 ports

 

Fail-Open/Bypass Network Options

 

· 4x 10/100/1000Base-T RJ45 port card

 

Virtual Systems ¹

 

· Maximum(base/HPP): 10/20

 

¹ with the memory available in the base or HPP

Network

 

Network Connectivity

 

· Total physical and virtual (VLAN) interfaces per appliance: 1024/4096 (single gateway/with virtual systems)

 

· 802.3ad passive and active link aggregation

 

· Layer 2 (transparent) and Layer 3 (routing) mode

 

High Availability

 

· Active/Active and Active/Passive - L3 mode

 

· Session synchronization for firewall and VPN

 

· Session failover for routing change

 

· Device and link failure detection

 

· ClusterXL or VRRP

 

IPv6

 

· Features: Firewall, Identity Awareness, Mobile Access, App Control, URL Filtering, IPS, Anti-Bot, Antivirus

 

· NAT66, NAT64

 

· CoreXL, SecureXL, HA with VRRPv3

Routing

 

Unicast and Multicast Routing (see SK98226)

 

· OSPFv2 and v3, BGP, RIP

 

· Static routes, Multicast routes

 

· Policy-based routing

 

· PIM-SM, PIM-SSM, PIM-DM, IGMP v2, and v3

Physical

 

Power Requirements

 

· AC Input Voltage: 90-264V

 

· Frequency: 47-63Hz

 

· Single Power Supply Rating: 250W

 

· Power Consumption Maximum: 62.9W

 

· Maximum thermal output: 214.6 BTU/hr.

 

Dimensions

 

· Enclosure: 1RU

 

· Standard (W x D x H): 17.24 x 16 x 1.73 in.

 

· Metric (W x D x H): 438 x 406.5 x 44 mm

 

· Weight: 6.22 kg (13.7 lbs.)

 

Operating Environmental Conditions

 

· Temperature: 32° to 104°F / 0° to 40°C

 

· Humidity: 5% to 95% (non-condensing)

 

Storage Conditions

 

· Temperature: –4° to 158°F / –20° to 70°C

 

· Humidity: 5% to 95% at 60°C (non-condensing)

 

Certifications

 

· Safety: UL60950-1, CB IEC60950-1, CE LVD EN60950-1,

 

TUV GS

 

· Emissions: FCC, CE, VCCI, RCM/C-Tick

 

· Environmental: RoHS, REACH¹, ISO14001¹

 

¹ factory certificate