5800 Appliance
Mid-size enterprise security
Product Benefits
- Enable the most advanced threat prevention security
- Optimal performance even when inspecting SSL encrypted traffic
- Future-proofed technology safeguards against tomorrow’s risks
- Centralized control and LOM improves serviceability
- High performance package optimizes platform performance
- Modular, expandable chassis with flexible I/O options
Product Features
- Simple deployment and management
- Virtual Systems consolidates security onto one device
- Two network expansion slots to add port density, fiber, 10 GbE, 40 GbE and fail-open IO card options
- Redundant power supplies, fans and appliance clustering technologies eliminate single point of failure
OVERVIEW
The Check Point 5800 appliance combines the most comprehensive security protections to safeguard your mid-size enterprise. The 5800 is a 1U appliance with two I/O expansion slots for higher port capacity, redundant fans and a redundant power supply option, a 500 GB hard disk, and Lights-Out Management (LOM) for remote management. This powerful security appliance is optimized to deliver real-world threat prevention to secure your critical assets and environments.
COMPREHENSIVE THREAT PREVENTION
The rapid growth of malware, growing attacker sophistication and the rise of new unknown zero-day threats require a different approach to keep enterprise networks and data secure. Check Point delivers fully integrated, comprehensive Threat Prevention with award-winning SandBlast™ Threat Emulation and Threat Extraction for complete protection against the most sophisticated threats and zero-day vulnerabilities.
Production Environment Performance1 |
|
SecurityPower™ Units (SPU) |
1,750 SPU |
Firewall throughput |
22 Gbps |
IPS throughput |
3.05 Gbps |
NGFW throughput (Firewall, Application Control, IPS) |
2 Gbps |
Threat prevention throughput2 |
1 Gbps |
Ideal Testing Conditions Performance (RFC 3511, 2544, 2647, 1242) |
|
Firewall throughput, 1518 byte UDP |
35 Gbps |
Connections per second |
185,000 |
Concurrent connections |
3.2 to 6.43 million |
VPN throughput, AES-128 |
10 Gbps |
IPS throughput |
10 Gbps |
NGFW throughput (Firewall, Application Control, IPS) |
8.1 Gbps |
1 Performance measured with real-world traffic blend and content, a typical rule base, updated recommended signatures, NAT and logging enabled, 2 FW, IPS, APPCTRL, AV, AB, URLF, 3 with maximum memory
ALL-INCLUSIVE SECURITY SOLUTIONS
Check Point 5800 Appliances offer a complete and consolidated security solution available in two complete packages:
- NGTP: prevent sophisticated cyber-threats with IPS, Application Control, Antivirus, Anti-Bot, URL Filtering and Email Security.
- NGTX: NGTP with SandBlast Zero-Day Protection, which includes Threat Emulation and Threat Extraction.
PREVENT KNOWN AND ZERO-DAY THREATS
The 5800 Appliance protects organizations from both known and unknown threats with Antivirus, Anti-Bot, SandBlast Threat Emulation (sandboxing), and SandBlast Threat Extraction technologies.
As part of the Check Point SandBlast Zero-Day Protection solution, the cloud-based Threat Emulation engine detects malware at the exploit phase, even before hackers can apply evasion techniques attempting to bypass the sandbox. Files are quickly quarantined and inspected, running in a virtual sandbox to discover malicious behavior before it enters your network. This innovative solution combines cloud-based CPU-level inspection and OS-level sandboxing to prevent infection from the most dangerous exploits, and zero-day and targeted attacks.
Furthermore, SandBlast Threat Extraction removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow.
NGTP | NGTX | |
Prevent known threats | Prevent known and zero-day attacks | |
Firewall | ? | ? |
VPN (IPSec) | ? | ? |
IPS | ? | ? |
Application Control | ? | ? |
Anti-Bot | ? | ? |
Anti-Virus | ? | ? |
URL Filtering | ? | ? |
SandBlast Threat Emulation | ? | ? |
SandBlast Threat Extraction | ? | ? |
INSPECT ENCRYPTED CONNECTIONS
There is a shift towards more use of HTTPS, SSL and TLS encryption to increase Internet security. At the same time files delivered into the organization over SSL and TLS represent a stealthy attack vector that bypasses traditional security implementations. Check Point Threat Prevention looks inside encrypted SSL and TLS tunnels to detect threats, ensuring users remain in compliance with company policies while surfing the Internet and using corporate data.
INCLUSIVE HIGH PERFORMANCE PACKAGE
Customers with high connection capacity requirements can purchase the affordable High Performance Package (HPP). This includes the appliance plus one 2x 10Gb SFP+ interface card, transceivers, and 16 GB of memory for high connection capacity.
Base | HPP | Max | |
1 GbE ports (Copper) | 10 | 10 | 26 |
1 GbE ports (Fiber) | 0 | 0 | 8 |
10 GbE ports (Fiber) | 0 | 2 | 8 |
Transceivers (SR) | 0 | 2 | 8 |
RAM | 8GB | 16GB | 16GB |
Power Supply Units | 1 | 2 | 2 |
Lights Out Management | Included | Included | Included |
REMOTE MANAGEMENT AND MONITORING
A Lights-Out-Management (LOM) card provides out-of-band remote management to remotely diagnose, start, restart and manage the appliance from a remote location. Administrators can also use the LOM web interface to remotely install an OS image from an ISO file.
40 GbE CONNECTIVITY
High speed connections are essential in modern enterprise and data center environments, especially those with high-density virtualized servers. If you’re ready to move from 10 to 40 GbE, so is the 5800 Appliance. The Check Point 5800 lets you connect your 10 GbE server uplinks to your 40 GbE core network with up to 4x 40 GbE ports.
TAP THE POWER OF VIRTUALIZATION
Check Point Virtual Systems enable organizations to consolidate infrastructure by creating multiple virtualized security gateways on a single hardware device, offering significant cost savings with seamless security and infrastructure consolidation.
Expansion Options
Base Configuration |
|
Network Expansion Slot Options (2 slots available) |
|
Fail-Open/Bypass Network Options |
|
Virtual Systems 1 |
|
Network
Network Connectivity |
|
High Availability |
|
IPv6 |
|
Unicast and Multicast Routing (see SK98226) |
|
Physical
Power Requirements |
|
Dimensions |
|
Operating Environmental Conditions |
|
Storage Conditions |
|
Certifications |
|