•External attack protection, internal network protection, traffic monitoring, URL filtering, application layer filtering.
•ASPF
•Email alarm, attack log, stream log, and network management monitoring.
•Stateful failover (Active/Active and Active/Standby mode), implementing load sharing and service backup.
UTM productsOverview
The HP UTM products are a new generation of professional security devices developed by HP for enterprises. They fall into the following categories:
•U200-A: For small- to medium-sized enterprises and branches.
•U200-S: For small enterprises and branches.
The UTM products are based on a high-performance multi-core and multi-thread security platform, and deliver the most comprehensive suite of firewall and virtual private network (VPN) features in the industry:
•Support for security zones, static and dynamic blacklist functions, MAC address–IP address binding, and security zone-based access control and attack protection that can defend against attacks such as ARP spoofing, attacks exploiting TCP flag bits, large ICMP packet attacks, SYN flood attacks, and address scanning and port scanning. These products also provide the stateful application specific packet filter (ASPF) feature, which can monitor the connection setup process, detect invalid operations, and cooperate with ACLs to complete packet filtering.
•Support for various VPN solutions, such as IP security (IPsec) VPN, Layer 2 Tunneling Protocol (L2TP) VPN and Generic Routing Encapsulation (GRE) VPN. You can use these functions to construct various VPNs.
•Support for static routing, policy-based routing, and dynamic routing such as Routing Information Protocol (RIP) and Open Shortest Path First (OSPF).
•Support for virtual firewalls, which can effectively save the deployment cost.
The new-generation firewalls not only provide powerful firewall functions, but also support advanced functions that can help achieve higher network security, which include intrusion detection and protection, gateway anti-virus, Point-to-point (P2P) traffic control, and universal resource locator (URL) filtering.
The UTM products have the advantages of high reliability and availability. They support stateful failover, sensing of temperature in the chassis, and are available with AC power modules. In addition, they support network management, and provide a Web management interface, fully satisfying requirements for network maintenance, upgrade, and optimization.
U200-A supports two types of interface modules: NSQ1GT2UA0 and NSQ1GP4U0. Each U200-A provides two MIM expansion slots for future interfacing and service expansion.
U200-S supports one type of interface module: 2GE. Each product provides one interface slot for future interfacing and service expansion.