EXCLUSIVE: Check Point UTM-1 1050
Check Point may have an enviable reputation in the network security arena but it has studiously avoided the mid-range and enterprise UTM appliance markets.
Until now that is, as it heralds its first assault with a family of three appliances and in this exclusive review we look at the UTM-1 1050 which represents the middle ground in the range. It aims to deliver a similar level of features as Check Point's higher-end appliances but at a more affordable price and although Check Point recommends a maximum of 500 users for the 1050, it actually has an unlimited user license.
The UTM-1 family pitches Check Point up against the likes of Cisco, Juniper, Fortinet and SonicWALL and offers a number of key differentiators. Centralized management comes as standard and the 1050 includes a license to manage three separate sites. More importantly, it doesn't require a separate appliance or any additional software to achieve this as these features are built in to the bundled SmartConsole software suite.
Along with the Eventia Reporter which allows a wide range of custom reports to be created you also get the SmartView Monitor. This provides real-time statistics on utilization for all appliances along with traffic graphs for areas such as the top services and destinations plus graphical counters for functions including content inspection and firewall activity history.
There's more as Check Point's browser-based SmartPortal offers quick access to all gateways where you can easily see their status, monitors alerts and manage security policies.
At the appliance's foundation is Check Point's Firewall-1 which, along with SPI/NAT firewalling, has the ability to handle a wide range of applications including IM and P2P. On top of this you get IDS, IPS, anti-virus, an application firewall and support for both IPsec and SSL VPNs. The latter is another valuable feature as a number of competing vendors only offer this as a separate appliance. Check Point's optional SmartDefense puts even more features into the melting pot although it seems a bit harsh that you have to purchase this to get regular anti-virus signature updates. However, is still looks good value as it includes web content filtering, proactive protection against known and emerging vulnerabilities and regularly updated security advisories and best practices. The UTM-1 appliances do not currently offer anti-spam services although this is a feature Check Point is considering.
Initial installation starts by pointing a browser at the appliance's internal Ethernet port where a quick start wizard gets you up and running. At this stage you'll probably just want to set up the LAN and WAN ports but the wizard does offer options for all ports including the dedicated DMZ and extra LAN ports. You can also decide whether you want the appliance to be locally or remotely managed which sets it up either as a SmartCenter server or configures it to contact another appliance running this service. Check Point has thoughtfully stored the SmartCenter software on the appliance from where it can be downloaded via the web interface. This installs the entire suite and your first port of call will be the SmartDashboard where you'll need to define the various interfaces and set up your firewall rules. No wizards are provided so from here on in you're faced with a fair amount of manual labour. Although the internal and external ports are activated during the setup phase you need to tell the appliance which one is connected to the LAN and which one faces the Internet and you also need to activate NAT on the latter as well.
Next up are firewall rules although at this stage it's probably best to create your network objects, services, users and groups in the left pane as these can be dragged and dropped directly into rules. The 1050 commendably defaults to blocking all traffic but it was easy enough for us to create a firewall rule that allowed outbound traffic through but blocked unsolicited inbound traffic. Rules are placed in strict order of precedence with each containing sources and destination objects, services and time schedules. Logging can be activated individually and traffic can be permitted, denied or dropped or you can implement session or user authentication.
We like Check Point's SSL-VPN feature although this requires users and rules to be set up, the Visitor Mode activated, services declared as available to remote users and a pool of virtual IP addresses created. Clients then point their web browser at the appliance's WAN port where an SSL network extender is automatically downloaded. The Integrity security scanner is yet another valuable feature as it can be used to scan the client system to ensure it isn't harbouring any nasties before the tunnel is established.
We found the UTM-1 1050 a sophisticated UTM appliance with a wealth of security features on offer. Anti-spam is the only key component missing although few businesses use every feature on UTM appliances so we don't see this as a major issue. Pricewise, the 1050 compares very well with the main competition but Check Point's ace-in-the-hole is its centralised management package which comes as standard and doesn't require additional components to function.
Anti-spam isn't on the check list but the 1050 is still a powerful UTM appliance offering some very tough security measures plus excellent management facilities as standard and all at a competitive price.
1U rack chassis 2.93GHz Celeron D 341 2GB 533MHz unbuffered SDRAM 80GB IDE hard disk 4 x Gigabit Ethernet 4 x Fast Ethernet 2 x USB ports 1Gbps firewall throughput Supports IPsec and SSL VPNs SmartConsole software suite bundled Options: appliance with annual SmartDefense subscription - Â£7,911 exc VAT
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Security best practices for PostgreSQL
Securing data with PostgreSQLDownload now
Transform your MSP business into a money-making machine
Benefits and challenges of a recurring revenue modelDownload now
The care and feeding of cloud
How to support cloud infrastructure post-migrationWatch now