Word Black Box Surge Protector In Line Ds Ddos Appliances
User Manual: Black Box Surge Protector In-Line Surge Protector
Open the PDF directly: View PDF 
.
Page Count: 5
| Download | |
| Open PDF In Browser | View PDF |
Check Point DDoS Protector Appliance | Datasheet CHECK POINT DDoS PROTECTOR APPLIANCE TM Stop Denial of Service attacks in seconds with customized, multi-layered protection that blocks a wide range of attacks. KEY FEATURES • Protects against known and unknown DDoS attacks in seconds • Defends against both network and application attacks • Unique real-time signature engine for continuity of legitimate traffic • Flexible filter engines detect and prevent malicious exploits • Protects against HTTP attacks • Network flood attacks protection • Fast, customized signature creation keeps businesses running In today’s threat landscape, “Denial of Service (DoS)” attacks are increasing in number, speed and complexity. Denial of Service and Distributed Denial of Service (DDoS) attacks are relatively easy to carry out, and can cause serious damage to companies who rely on web services to operate. Multiple (more than 50) DDoS attack “toolkits” are readily available on the Internet, and an increasing number of attacks are initiated in over 230 countries. DDoS attacks are often profit-driven: in 2011, cyber criminals earned a whopping $12.5 billion dollars. 2012 shows an alarming surge of DDoS threats to the financial services industry. However hacktivism and political motivations are fast becoming the most popular forum to launch Denial of Service attacks. Anonymous successfully spearheaded numerous attack campaigns against individuals, organizations, governments and countries in retaliation for actions or statements they didn’t agree with. Many DDoS solutions are deployed by an Internet Service Provider, offering generic protections against network layer attacks. However today's DDoS attacks have become more sophisticated, launching multiple attacks at networks and applications. Successful DDoS solutions will offer companies the ability to customize their protections, fast response time during an attack, and a choice of deployment options to meet changing security needs. KEY BENEFITS • Protection against evolving DDoS attacks • Advanced techniques help maintain web services during an attack • Turn-key appliance works right out of the box • Integrated with Check Point security management for greater visibility and control • High-performing DDoS solution with up to 40Gbps throughput OVERVIEW Check Point’s DDoS Protector Appliances keeps businesses running with multilayered, customizable protections and up to 40Gbps performance that automatically defends against network flood and application layer attacks with fast response time against today’s sophisticated denial of service attacks. DDoS Protector Appliances offer flexible deployment options to easily protect any size business, and integrated security management for real-time traffic analysis and threat management intelligence for advanced protection against DDoS attacks. Check Point also provides dedicated 24/7 support and resources to ensure up-to-the-minute protections to assist network and systems administrator with mitigating DDoS attacks. • Multi-layered protection blocks multiple attack types • Customized protections fit different business sizes and security needs ©2014 Check Point Software Technologies Ltd. All rights reserved. [Protected] Non-confidential content November 20, 2014 | Check Point DDoS Protector Appliance | Datasheet MULTI-LAYERED PROTECTIONS MANAGEMENT NETWORK AND TRAFFIC FLOOD PROTECTIONS DDoS Appliances are integrated with Check Point Security Management, including: Protection against DDoS attacks aimed at networks using: SMARTEVENT Behavioral DoS - Protects against TCP, UDP, ICMP, IGMP and Fragment DDoS attacks with adaptive behavioral based detection and protection. Unified security event and analysis solution that delivers real-time threat management information to instantly stop threats and block attacks with on-thefly protections. Move from business view to forensics in just three clicks. DoS Shield - Protects against known DDoS attack tools with pre-defined and customized filters to block attacks with rate-limits per pattern. Syn Protection - Blocks SYN-spoofed attacks with SMARTLOG SYN rate thresholds per protected servers. Advanced log analyzer that delivers proactive security intelligence with split-second search results from any log field for instant visibility into billions of log records over multiple time periods and domains. Black List - Blocks generic attacks with L3 and L4 source- destination classifications and expiration rules. Connection Rate Limit - Blocks generic, non- SMARTVIEW TRACKER supported protocols (non DNS, HTTP) and application level flood attacks with rate-based thresholds. Comprehensive auditing solution to troubleshoot system and security issues, gather information for legal or audit purposes, and generate reports to analyze network traffic patterns. In the case of an attack or other suspicious network activity, use SmartView Tracker to temporarily or permanently terminate connections from specific IP addresses. APPLICATION BASED DOS/DDOS PROTECTIONS Protects against more complex DDoS attacks that misuse application resources with: ALERTING SYN Protection with Web Challenge - Protects against SNMP V1, 2C and 3, Log File, Syslog, Email HTTP connection-based attacks with SYN rate threshold and web challenge/response per protected server. CONFIGURATION SNMP, V1, 2C, 3, HTTP, HTTPS, SSH, Telnet, SOAP, API, Console (user selectable). Behavioral DNS Protections - Block DNS query DoS attacks with DNS adaptive behavioral based detection using DNS footprint blocking, rate limits and DNS challenge and response. TIME SYNCHRONIZATION Based on Network Time Protocol (NTP). Behavioral HTTP Protections (The “HTTP Mitigator”) - Blocks HTTP connection-based DoS attacks and upstream HTTP bandwidth attacks with server-based HTTP adaptive behavioral detection, HTTP footprint with web challenge/response, 302 redirect and JS challenge actions. EXPORT REAL-TIME SIGNATURE INFORMATION Northbound XML interface exports behavioral parameters. DIRECTED APPLICATION DOS/DDOS PROTECTIONS Repels Dos and DDoS attacks that require special filtering criteria. Flexible filtering definitions search for specific content patterns in each packet. Enables the ability to analyze and block ongoing attacks by defining on-the-fly protections. ©2014 Check Point Software Technologies Ltd. All rights reserved. [Protected] Non-confidential content November 20, 2014 | Check Point DDoS Protector Appliance | Datasheet X420 DDoS Protector 1 4 x 40 Gigabit Ethernet QSFP+ 2 20 x 1/10 Gigabit Ethernet SFP+ 3 2 x Management 10/100/1000Base-T RJ45 4 Console Port 1 2 3 4 TECHNICAL SPECIFICATIONS DDoS Protector Model 10420 20420 30420 40420 Large Datacenter / Carrier Network Grade Performance 1 Throughput 10Gbps 20Gbps 30Gbps 40Gbps Max Concurrent Sessions 6,000,000 6,000,000 6,000,000 6,000,000 Max DDoS Flood Attack prevention rate (packets per second) 25,000,000 25,000,000 25,000,000 25,000,000 2 < 60 micro seconds Latency Real-time Signatures Detect and protect against attacks in less than 18 seconds Inspection Ports 1GbE/10GbE (SFP+) 20 20 20 20 40GbE (QSFP+) 4 4 4 4 10/100/1000Base-T (RJ45) 2 2 2 2 RJ-45 Serial Console 1 1 1 1 Management Ports Operation Mode Network Operation Transparent L2 Forwarding / IP Forwarding Deployment Modes In-line; span port monitoring; copy port monitoring; local out-of-path; out-of-path mitigation Tunneling Protocols Support VLAN Tagging, L2TP, MPLS, GRE, GTP IPv6 Support IPv6 networks and block IPv6 attacks Policy Action Block and Report; Report Only Block Actions Drop packet, reset (source, destination, both), suspend (source, src port, destination, dest port or any combination); Challenge-Response for TCP, HTTP and DNS to identify attacks High Availability Fail-open / Fail-close Internal fail-close for SFP+ and QSFP+; optional fail-open available 3 Clustering Active-Passive Cluster Physical Dimensions (W x D x H) mm 426 x 537 x 88 mm (2U) EIA Rack or Standalone: 482 mm (19 in) Weight kg (lbs) 15.1kg (33.2 lbs) Power AC Power Supply (Auto-range) 100-120V / 200-240V, 47-63 Hz DC Power Supply (Auto-range) - 36 to -72V Power Consumption 634W Thermal Output 2162 BTU / hour Operating Environmental Conditions Temperature 5-55°C (41-131°F) Humidity 5% to 95% (non-condensing) SKU (Dual AC Power) CPAP-DP10420-D-SME SKU (Dual DC Power) CPAP-DP10420DC-D-SME CPAP-DP20420DC-D-SME CPAP-DP30420DC-D-SME CPAP-DP20420-D-SME CPAP-DP30420-D-SME CPAP-DP40420-D-SME CPAP-DP40420DC-D-SME 1 Actual performance figures may change per network configuration, traffic type, etc. Throughput is measured with behavioral protections and signature protections using eCommerce protection profile at the egress and includes only legitimate traffic. Dropped packets are not measured. 3 External fiber fail-open switches with SFP ports are available at an additional cost 2 ©2014 Check Point Software Technologies Ltd. All rights reserved. [Protected] Non-confidential content November 20, 2014 | Check Point DDoS Protector Appliance X06 DDoS Protector 1 1 Console Port 3 2 3 2 1 4 x 10 Gigabit Ethernet XFP 1 506 1006 Network Grade 3 4 5 2 4 x 1 Gigabit Ethernet SFP 4 2 x Management 10/100/1000Base-T RJ45 3 8 x 10/100/1000Base-T RJ45 5 Console Port 4 2 x 1 Gigabit Ethernet SFP RJ45 DDoS Protector Model 2 Datasheet 4 2 x Management 10/100/1000Base-T RJ45 4 x 10/100/1000Base-T X412 DDoS Protector | 2006 4412 8412 Enterprise 12412 Datacenter Performance 1 Throughput 500Mbps 1Gbps 2Gbps 4Gbps 8Gbps 12Gbps Max Concurrent Sessions 2,000,000 2,000,000 2,000,000 4,000,000 4,000,000 4,000,000 Max DDoS Flood Attack Prevention Rate (packets per second) 1,000,000 1,000,000 1,000,000 10,000,000 10,000,000 10,000,000 2 < 60 micro seconds Latency Real-time Signatures Detect and protect against attacks in less than 18 seconds Inspection Ports 10/100/1000Base-T (RJ45) 4 4 4 8 8 8 1GbE (SFP) 2 2 2 4 4 4 10GbE (XFP) - - - 4 4 4 10/100/1000Base-T (RJ45) 2 2 2 2 2 2 RS-232 Serial Console 1 1 1 1 1 1 Management Ports Operation Mode Network Operation Transparent L2 Forwarding Deployment Modes In-line; span port monitoring; copy port monitoring; local out-of-path; out-of-path mitigation Tunneling Protocols Support VLAN Tagging, L2TP, MPLS, GRE, GTP IPv6 Support IPv6 networks and block IPv6 attacks Policy Action Block and Report; Report Only Drop packet, reset (source, destination, both), suspend (source, src port, destination, dest port or any combination); Challenge-Response for TCP, HTTP and DNS to identify attacks Block Actions High Availability Fail-open / Fail-close and Clustering Internal fail-open/fail-close for copper ports; internal fail-close for SFP ports; optional fail-open for SFP ports; 4 Active-Passive Cluster Internal fail-open/fail-close for copper ports; internal fail-close for SFP and XFP ports; optional fail-open for SFP and SFP ports; 5 Active-Passive Cluster Physical Dimensions (W x D x H) mm Weight kg (lbs) 424 x 457 x 44 mm (1U) 424 x 600 x 88 mm (2U) Single PS:7.2kg (15.9 lbs), Dual PS:8.7kg (19.2 lbs) 18.0 kg (39.0 lbs) Power AC Power Supply (Auto-range) Power Consumption 100-120V / 200-240V, 47-63 Hz Single PS: 177W, Dual PS: 147W Thermal Output 476W 2162 BTU / hour Operating Environmental Conditions Temperature 5-55°C (41-131°F) Humidity SKU CPAP-DP506SME CPAP-DP1006SME 5% to 95% (non-condensing) CPAP-DP2006-SME CPAP-DP4412-DSME CPAP-DP8412-DSME CPAP-DP12412D-SME 1 Actual performance figures may change per network configuration, traffic type, etc. Throughput is measured with behavioral protections and signature protections using eCommerce protection profile 3 External fiber fail-open switch with SFP ports is available at additional cost 4 External fiber fail-open switches with SFP or XFP ports are available at additional cost 2 ©2014 Check Point Software Technologies Ltd. All rights reserved. [Protected] Non-confidential content November 20, 2014 | Check Point DDoS Protector Appliance DDoS Protector Family Network Grade X06 X412 | Datasheet X420 Enterprise Datacenter Large Datacenter / Carrier Safety EN 60950-1:2006, CB - IEC 60950-1, cTUVus EN, IEC #60950-1, cTUVus EN 60950-1:2006, CB IEC 60950-1, CCC, cTUVus Emissions EN 55022, EN 55024, FCC Part 15B Class A EN 55022, EN 55024, FCC Part 15B Class A EN 55022, EN 55024, EN 61000-3-2, EN 61000-3-3 Other CE, FCC, VCCI, CB, TUV, CCC, C-Tick, RoHS Certifications IEC 61000 4-2 to 4-6 , IEC 61000 4-8 & IEC 61000-4-11, FCC Part 15B Class A, ICES-003, VCCI, C-Tick RoHS 6 Compliant ©2014 Check Point Software Technologies Ltd. All rights reserved. [Protected] Non-confidential content November 20, 2014 | CONTACT US Worldwide Headquarters | 5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753-4555 | Fax: 972-3-624-1100 | Email: info@checkpoint.com U.S. Headquarters | 959 Skyway Road, Suite 300, San Carlos, CA 94070 | Tel: 800-429-4391; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.5 Linearized : Yes Author : username Classification : Protected Classification Display : [Protected] Non-confidential content Classification Entries : 34 Classification 1 : W2BxZnR5dHBGY0pjfGp3Y3SJPnOXICeDOz0rm46Qc34whICQmi5UQw== Classification 10 : VGB9ZnR5dHBGbkphfmp2a3SYPnOVNzuDLDc8io9PKymWPSsilIqMlpyHlI6ZkZVbnJ+fVDMpNyEnIkNe Classification 11 : VGB9ZnR5dHBGbkpndmp2YnSYPnOXICeDOz0rm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 12 : VGB9ZnR5dHBGZkBof2V/Y2J5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 13 : VGB9ZnR5dHBGZkBof2V/YWB5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 14 : VGB9ZnR5dHBGZkBof2Z/Y2B5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 15 : VGB9ZnR5dHBGZkBof2h/YW15MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 16 : VGB9ZnR5dHBGZkBof2l/Ymd5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 17 : VGB9ZnR5dHBGZkBofmJ/YWB5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 18 : VGB9ZnR5dHBGZkBofmN/Y2B5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 19 : VGB9ZnR5dHBGZkBofmN/YGB5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 2 : W2BxZnR5dHBGY0pjdmp0ZnSJPnOLKnQ0JTU7nIKSISaSPCwqOlKHn5qZioYwnImQnJuCgJmLhlqKip5VNiApRSgwT0c= Classification 20 : VGB9ZnR5dHBGZkBofmV/YmV5MoV+iztXijgpnJidLiyQKTEsO4dfkJOJkY+XP4KdmpOZn5+MnIBHhpyDTi8gVTM5OEdA Classification 21 : VGB9ZnR5dHBGZkBofmV/YmF5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 22 : VGB9ZnR5dHBGZkBofmV/ZmB5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 23 : VGB9ZnR5dHBGZkBofmZ/YmF5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 24 : VGB9ZnR5dHBGZkBofmZ/Y2x5MoV+jT2QITgxTzmROzGBISYxMY1fkJOJkY+XP4KdmpOZn5+MnIBHhpyDTi8gVTM5OEdA Classification 25 : VGB9ZnR5dHBGZkBofmZ/YWd5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 26 : VGB9ZnR5dHBGZkBofmd/Z215MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 27 : VGB9ZnR5dHBGZkBofmh/Y2R5MoV+jT2QITgxTzmROzGBISYxMY1fkJOJkY+XP4KdmpOZn5+MnIBHhpyDTi8gVTM5OEdA Classification 28 : VGB9ZnR5dHBGZkBofmh/Y215MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 29 : VGB9ZnR5dHBGZkBofml/ZmN5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 3 : VGB8ZnR5dHBGbkpne2p0Z3SYPnOXICeDOz0rm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 30 : VGB9ZnR5dHBGZkBofWh/Z2J5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 31 : VGB1eGl7dXVSd0FofWV/Y2V5I4V+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 32 : VGB1eGl7dXVSd0FofWV/YGJ5I4V+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 33 : VGB1fGl7dXVSd0FjdWBzaGdgU4mIfoaSOiA6hoiALSFIKykgIYeDM5yEgYKbj46ckYRcjJ+ISTclICYgMlxc Classification 34 : VGB1fGl7dXVSd0FjdWBzaGFqU4mIfoSFJiAtjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 4 : VGB8ZnR5dHBGbkpneGpwYXSYPnOVNzuDLDc8io9PKymWPSsilIqMlpyHlI6ZkZVbnJ+fVDMpNyEnIkNe Classification 5 : VGB8ZnR5dHBGbkpnd2p3YXSYPnOXICeDOz0rm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 6 : VGB8ZnR5dHBGbkpndmpxZHSYPnOVNzuDLDc8io9PKymWPSsilIqMlpyHlI6ZkZVbnJ+fVDMpNyEnIkNe Classification 7 : VGB8ZnR5dHBGZkBof2V/YWV5MoV+lzGEPSYhjJ+RLH6QJCAwOo4kkJeJh4qAkIibi16RgJ1eMTgsMD0pRVw= Classification 8 : VGB8ZnR5dHBGZkBof2V/Z2N5MoV+lSaYPTErm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Classification 9 : VGB9ZnR5dHBGbkpgdmp2YnSYPnOXICeDOz0rm46QcyafLTArMymHm5qPj5Gflo+BUZOdgksmPjE8KzReRQ== Company : Check Point Software Technologies, Ltd. Create Date : 2014:11:20 16:08:32-08:00 Domain ID : XX90eXZ5dXRLZ0Bif311YmRpXnh1dWRaeWR4X1tEeHVDeHV1 F Text : Np82JjIsJjCDMy1ygT8rfzc2nS4sITGZPT0pg0uXJyuHLSsx H Text : Modify Date : 2014:11:20 16:08:41-08:00 Policy ID : VS1wfXdwdyVLMpMwdn1xMWU9Xil0dGZaLGIujVxMKieWLXVy Policy Name : PT0rPSMqMSGC Set : OT0xLA== Source Modified : D:20141121000820 Verifier : PT0rPSMqMSGC Version : Xw== W Mark : TQ== Lqminfo : 4 Lqmsess : a48b311a-3561-4c54-8872-2451368bdd0e Tagged PDF : Yes XMP Toolkit : Adobe XMP Core 5.2-c001 63.139439, 2010/09/27-13:37:26 Metadata Date : 2014:11:20 16:08:41-08:00 Creator Tool : Acrobat PDFMaker 10.1 for Word Document ID : uuid:dfb9b6c4-23e1-4013-bc23-4b0e057f946c Instance ID : uuid:8d3e834b-484e-44fa-bfd3-33d7a6448c62 Subject : 4 Format : application/pdf Title : Word Template Creator : username Producer : Adobe PDF Library 10.0 Page Layout : OneColumn Page Count : 5EXIF Metadata provided by EXIF.tools