UTM Firewall

Overview

UTM Firewall delivers edge firewall, router, and VPN functionality to homes, businesses, educational institutions, and government agencies - literally across every continent - making networks more robust and secure.

24/7 support coverage

Professional service consultations

UI language: English/Vietnamese

Performance
Hardware Platform

The faster the CPU, and the more memory at its disposal, the more traffic a UTM Firewall instance can process.

Packet Size

Throughput is measured in Mbps or Gbps. But, a more important measuring stick is packets per second. Smaller packets translate to more packets per second, and larger packets translates to fewer. IMIX is a good real-world benchmark.

Encryption

Encrypted traffic takes processing cycles, and encryption schemas vary in their impact on processing speed

Security Enforcement

A light firewall ruleset will have far less impact on throughput than a heavy set of ACLs, Snort rules and content filters.

Firewall
  • Stateful Packet Inspection (SPI)
  • GeoIP blocking
  • Anti-Spoofing
  • Time-based rules
  • Connection Limits NAT mapping (inbound / outbound)
Router
  • Policy-based routing
  • Concurrent IPv4 and IPv6 Support
  • Configurable static routing
  • IPv6 network prefix translation
  • IPv6 router advertisements
  • Multiple IP addresses per interface
  • PPPoE Server
Attack Prevention
  • IDS/IPS
  • IPS basic database: packet analyzer
  • Layer 7 application detection
  • Multiple rules, sources, and categories
  • Advance IPS database
  • IP blacklist database
  • Pre-set rule profiles
  • Per-interface configuration
  • False positive alert suppression
  • Deep Packet Inspection (DPI)
  • Application blocking
VPN
  • IPsec
  • OpenVPN
  • Site-to-site and remote access
  • VPN
  • SSL encryption
  • VPN client for multiple operating systems
  • L2TP/IPsec for mobile devices
  • IPv6 support
  • Split tunneling
  • Multiple tunnels
  • VPN tunnel failover
  • NAT support
  • Automatic or custom routing
  • Local user authentication or RADIUS/LDAP
Proxy and Content Filtering
  • HTTP and HTTPS proxy
  • None Transparent or Transparent caching proxy
  • Domain/URL filtering
  • Anti-virus filtering
  • Safe Search for search engines
  • HTTPS URL and content screening
  • Website access reporting
  • Domain Name blacklisting (DNSBL)
  • Usage reporting
Network Services
  • Dynamic DNS
  • DHCP Server
  • DNS forwarding
Configuration Management
  • Web-based configuration
  • Setup wizard for initial configuration
  • Remote web-based administration
  • Customizable dashboard
  • Easy configuration backup/restore
  • Configuration export/import
  • Encrypted automatic backup to Our server
  • Variable level administrative rights
  • Multi-language support
  • Simple updates
  • Forward-compatible configuration
  • Serial console for shell access and recovery options Wake-on-LAN
User Authentication Management
  • Local user and group database
  • User and group-based privileges
  • Optional automatic account expiration
  • External RADIUS authentication
  • Automatic lockout after repeated attempts
System Security Management
  • Web interface security protection CSRF protection
  • HTTP Referer enforcement
  • DNS Rebinding protection
  • HTTP Strict Transport Security Optional key-based SSH access
Resilience / Reliability Management
  • Optional multi-node
  • High Availability Clustering Multi-WAN for load balancing and failover
  • Reverse Proxy Automatic connection failover
  • Bandwidth throttling Traffic Shaping Wizard
  • Reserve or restrict bandwidth based on traffic priority
  • Fair sharing bandwidth
  • User data transfer quota
System Reporting and Monitoring
  • Dashboard with configurable widgets
  • Local logging
  • Remote logging
  • Local monitoring graphs
  • Real-time interface traffic graphs
  • SNMP monitoring
  • Notifications via web interface, SMTP, or Growl
  • Hardware monitoring
  • Networking diagnostic tools