EXCLUSIVE: Check Point UTM-1 1050

Editor's Choice
Price
£6,259

Check Point may have an enviable reputation in the network security arena but it has studiously avoided the mid-range and enterprise UTM appliance markets.

Until now that is, as it heralds its first assault with a family of three appliances and in this exclusive review we look at the UTM-1 1050 which represents the middle ground in the range. It aims to deliver a similar level of features as Check Point's higher-end appliances but at a more affordable price and although Check Point recommends a maximum of 500 users for the 1050, it actually has an unlimited user license.

Advertisement - Article continues below

The UTM-1 family pitches Check Point up against the likes of Cisco, Juniper, Fortinet and SonicWALL and offers a number of key differentiators. Centralized management comes as standard and the 1050 includes a license to manage three separate sites. More importantly, it doesn't require a separate appliance or any additional software to achieve this as these features are built in to the bundled SmartConsole software suite.

Along with the Eventia Reporter which allows a wide range of custom reports to be created you also get the SmartView Monitor. This provides real-time statistics on utilization for all appliances along with traffic graphs for areas such as the top services and destinations plus graphical counters for functions including content inspection and firewall activity history.

Advertisement
Advertisement - Article continues below

There's more as Check Point's browser-based SmartPortal offers quick access to all gateways where you can easily see their status, monitors alerts and manage security policies.

At the appliance's foundation is Check Point's Firewall-1 which, along with SPI/NAT firewalling, has the ability to handle a wide range of applications including IM and P2P. On top of this you get IDS, IPS, anti-virus, an application firewall and support for both IPsec and SSL VPNs. The latter is another valuable feature as a number of competing vendors only offer this as a separate appliance. Check Point's optional SmartDefense puts even more features into the melting pot although it seems a bit harsh that you have to purchase this to get regular anti-virus signature updates. However, is still looks good value as it includes web content filtering, proactive protection against known and emerging vulnerabilities and regularly updated security advisories and best practices. The UTM-1 appliances do not currently offer anti-spam services although this is a feature Check Point is considering.

Advertisement - Article continues below

Initial installation starts by pointing a browser at the appliance's internal Ethernet port where a quick start wizard gets you up and running. At this stage you'll probably just want to set up the LAN and WAN ports but the wizard does offer options for all ports including the dedicated DMZ and extra LAN ports. You can also decide whether you want the appliance to be locally or remotely managed which sets it up either as a SmartCenter server or configures it to contact another appliance running this service. Check Point has thoughtfully stored the SmartCenter software on the appliance from where it can be downloaded via the web interface. This installs the entire suite and your first port of call will be the SmartDashboard where you'll need to define the various interfaces and set up your firewall rules. No wizards are provided so from here on in you're faced with a fair amount of manual labour. Although the internal and external ports are activated during the setup phase you need to tell the appliance which one is connected to the LAN and which one faces the Internet and you also need to activate NAT on the latter as well.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Next up are firewall rules although at this stage it's probably best to create your network objects, services, users and groups in the left pane as these can be dragged and dropped directly into rules. The 1050 commendably defaults to blocking all traffic but it was easy enough for us to create a firewall rule that allowed outbound traffic through but blocked unsolicited inbound traffic. Rules are placed in strict order of precedence with each containing sources and destination objects, services and time schedules. Logging can be activated individually and traffic can be permitted, denied or dropped or you can implement session or user authentication.

We like Check Point's SSL-VPN feature although this requires users and rules to be set up, the Visitor Mode activated, services declared as available to remote users and a pool of virtual IP addresses created. Clients then point their web browser at the appliance's WAN port where an SSL network extender is automatically downloaded. The Integrity security scanner is yet another valuable feature as it can be used to scan the client system to ensure it isn't harbouring any nasties before the tunnel is established.

Advertisement - Article continues below

We found the UTM-1 1050 a sophisticated UTM appliance with a wealth of security features on offer. Anti-spam is the only key component missing although few businesses use every feature on UTM appliances so we don't see this as a major issue. Pricewise, the 1050 compares very well with the main competition but Check Point's ace-in-the-hole is its centralised management package which comes as standard and doesn't require additional components to function.

Verdict

Anti-spam isn't on the check list but the 1050 is still a powerful UTM appliance offering some very tough security measures plus excellent management facilities as standard and all at a competitive price.

1U rack chassis 2.93GHz Celeron D 341 2GB 533MHz unbuffered SDRAM 80GB IDE hard disk 4 x Gigabit Ethernet 4 x Fast Ethernet 2 x USB ports 1Gbps firewall throughput Supports IPsec and SSL VPNs SmartConsole software suite bundled Options: appliance with annual SmartDefense subscription - £7,911 exc VAT

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/business-strategy/careers-training/356422/ibm-job-ad-calls-for-12-year-experience-with-6-year-old
Careers & training

IBM job ad calls for 12-years of experience with six-year-old Kubernetes

13 Jul 2020
Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/security/cyber-attacks/356417/trump-confirms-cyber-attacks-on-russia-election-trolls
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020