Check Point 5900 Next-Gen Firewall
Check Point 5900 Overview:
The Check Point 5900 appliance combines the most comprehensive security protections to safeguard your mid-size enterprise. The Check Point 5900 is a 1U appliance with two I/O expansion slots for higher port capacity, redundant fans and a redundant power supply option, a 500 GB hard disk, and Lights-Out Management (LOM) for remote management. This powerful security appliance is optimized to deliver real-world threat prevention to secure your critical assets and environments.
Comprehensive Threat Prevention
The rapid growth of malware, growing attacker sophistication, and the rise of new unknown zero-day threats require a different approach to keep enterprise networks and data secure. Check Point 5900 delivers fully integrated, comprehensive Threat Prevention with award-winning SandBlast™ Threat Emulation and Threat Extraction for complete protection against the most sophisticated threats and zero-day vulnerabilities.
|Service Specification||Production Performance||Test (LAB) Performance|
Up to 26x1GbE ports or 8x10GbE ports.
Up to 16GB of Memory. Telescopic rails.
22 Gbps Firewall Throughput
1 Gbps NGTP Throughput
|35 Gbps Firewall Throughput (1518 byte UDP)
VPN throughput (AES-128)
3.2 Million / 6.4 Million with Extended RAM (HPP) Concurrent connections
Check Point 5900 Product Benefits
- Enable the most advanced threat prevention security
- Optimal performance even when inspecting SSL encrypted traffic
- Future-proofed technology safeguards against tomorrow’s risks
- Centralized control and LOM improves serviceability
- High-performance package optimizes platform performance
- Modular, expandable chassis with flexible I/O options
Check Point 5900 Product Features
- Simple deployment and management
- Secure remote access to corporate resources from a wide variety of devices
- One network expansion slot to add port density, fiber and fail-open IO card options
- Redundant appliance clustering technologies eliminate a single point of failure
Check Point 5900 Security Appliance
- Sync 10/100/1000Base-T RJ45 port
- RJ45/micro USB console port
- Two network card expansion slots
- 8x 10/100/1000Base-T RJ45 ports
- Management 10/100/1000Base-T RJ45 port
- 2x USB 3.0 ports for ISO installation
- Lights-Out Management port
- Graphic LCD display
|Production Performance (Real-World Traffic Blend) 1|
|Firewall Throughput (Gbps)||5.3||10||17.5||22||26|
|IPS throughput (Gbps)||810 Mbps||1.08||1.9||3.05||4.36|
|NGFW throughput (Gbps)||520 Mbps||690 Mbps||1.18||2||2.84|
|Threat prevention (Gbps)||250 Mbps||330 Mbps||540 Mbps||1||1.65|
|Ideal Testing Conditions Performance (RFC 3511, 2544, 2647, 1242)|
|Firewall, 1518 byte UDP (Gbps)||16||22||25||35||52|
|Connections per Second (K)||125||150||185||185||185|
|Concurrent Connections (M)2||3.2/6.4||3.2/6.4||3.2/6.4||3.2/6.4||3.2/12.8|
|VPN AES-128 Throughput (Gbps)||1.88||2.16||6.5||10||10.2|
|IPS throughput (Gbps)||3||3.9||7.8||10||13.5|
|NGFW throughput (Gbps)||2.7||3.4||5.8||8.1||11.4|
|VS Supported (Default/Max)2||10/20||10/20||10/20||10/20||10/20|
|Hardware Specifications (Default/Max)|
|1000Base-F SFP Ports||0/4||0/4||0/4||0/8||0/8|
|40GBase-F SFP+ Ports||0/0||0/0||0/0||0/4||0/4|
|Memory||8 ,16||8, 16||8, 16, 32||8, 16, 32||8, 16, 32|
|Storage||1x 500 GB||1x 500 GB||1x 500 GB||1x 500 GB||1x or 2x 500GB HDD or 480GB SSD|
|I/O Expansion Slots||1||1||1||2||2|
|Dimensions (standard wxdxh)||17.24 x 16.01 x 1.73 in.||17.24 x 16.01 x 1.73 in.||17.24 x 20 x 1.73 in.||17.24 x 20 x 1.73 in.||17.24 x 20 x 1.73 in.|
|Dimensions (metric wxdxh)||438 x 406.55 x 44 mm||438 x 406.5 x 44 mm||438 x 508 x 44 mm||438 x 508 x 44 mm||438 x 508 x 44 mm|
|Weight||6.22kg (13.7 lbs)||6.37kg (14 lbs)||7.95kg (17.53 lbs)||8.37kg (18.45 lbs)||10kg (22.05 lbs)|
|Operating Environment||0°C – 40°C at 5 – 95% relative humidity|
|Non-Operating Environment||(-20)°C – 70°C at 5 – 95% relative humidity|
|Dual, Hot-Swap Power Supplies||NA||NA||Optional||Optional||Optional|
|Power Input||90 – 264VAC (47-63HZ)|
|Single Power Supply Rating||250W||250W||275W||275W||500W|
|Power Consumption (Max)||62.9W||76.5W||103W||110W||165W|
|Safety||UL60950-1, CB IEC60950-1, CE LVD EN60950-1, TUV GS|
|Emissions||CE, FCC, VCCI, RCM/C-Tick|
|Environmental||RoHS II, *REACH, *ISO14001|
Check Point 5900 Key Features:
The most advanced threat prevention security
- Comprehensive protections include firewall, IPS, application control, anti-bot, antivirus, URL filtering, and the award-winning sandboxing technology in Check Point SandBlast Zero-Day Protection
- Next-Generation Threat Prevention package provides uncompromising protection against known threats
- SandBlast threat prevention provides the most advanced protection against unknown threats, vulnerabilities, and zero-day attacks
Complete protection without compromise
- Hardware and software optimized to deliver full advanced threat prevention security, including inspecting SSL encrypted traffic
- Up to 1,000 Mbps of real-world threat prevention throughput
- Up to 22 Gbps of real-world firewall throughput
The modular, expandable chassis design
- Optional redundant power supplies reduce single points of failure
- Centralized control with Lights-Out-Management (LOM) for enhanced serviceability
- Flexible I/O with a 40 Gigabit Ethernet (GbE) option
The Check Point 5900 appliances offer comprehensive and consolidated security available in two packages:
- Next-Generation Threat Prevention (NGTP): prevent sophisticated cyber threats with IPS, application control, antivirus, anti-bot, URL filtering, and email security
- SandBlast Threat Prevention (NGTX): advanced next-generation zero-day threat prevention—NGTP with Threat Emulation and Threat Extraction
Prevent unknown threats
The Check Point 5900 appliances are built to protect branch offices to midsize enterprises from both known and unknown threats with antivirus, anti-bot, SandBlast Threat Emulation (Sandboxing), and SandBlast Threat Extraction technologies.
As part of the Check Point SandBlast Zero-Day Protection solution, the cloud-based Threat Emulation engine detects malware at the exploit phase, even before hackers can apply evasion techniques attempting to bypass the sandbox. Files are quickly quarantined and inspected, running in a virtual sandbox to discover malicious behavior before it enters your network. This innovative solution combines cloud-based, CPU-level inspection and OS-level sandboxing to prevent infection from the most dangerous exploits and zero-day and targeted attacks.
In addition, SandBlast Threat Extraction removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow.
Optional high-performance package
Customers with high connection capacity requirements can purchase the affordable High-Performance package. This includes the appliance plus one interface card with transceivers and Lights-Out-Management.
Flexible connectivity options
High-speed connectivity is essential to meeting the needs of today’s enterprise networks. That’s why the 5000 appliances are built to provide the maximum port density and flexible connectivity in a compact, single rack unit form factor, including support for 4x1GbE, 4x10GbE (5600 and 5800) as well as 2x40GbE (5800).
Remote management and monitoring
An optional LOM card provides out-of-band remote management to diagnose, start, restart, and manage the appliance from a remote location. Administrators can also use the LOM web interface to remotely install an OS image from an ISO file.
A reliable, serviceable platform
The Check Point 5000 appliances deliver business continuity and serviceability through optional features such as hot-swappable redundant power supplies as well as advanced Lights-Out-Management (LOM) for out-of-band management. In combination, these features ensure a greater degree of business continuity and serviceability for customer networks.
Integrated Security Management
Every Check Point appliance can be managed either locally via its available integrated security management or centrally via unified management. An intuitive, web-based administration interface provides local management of up to two 5000 appliances for high-availability deployments.
- Check Point 5900 DESCRIPTION
Including Blades: Firewall, VPN, Advanced Networking and Clustering, Identity Awareness, Mobile Access, IPS, Application Control, URL Filtering, Anti-Virus, Anti-Bot, Anti-Spam, Content Awareness, Network Policy Management, Logging, and Status.
|Hardware Specification||Enterprise Testing Conditions||Network Interfaces|
Up to 26x1GbE ports or 8x10GbE ports.
Up to 32GB of Memory.
29.4 Gbps Firewall Throughput
7.6 Gbps IPS Throughput
7.25 Gbps NGFW Throughput
6.1 Gbps Threat Prevention Throughput
2 expansion slots for the following optional interface cards:
– 8x1GbE copper interfaces card (included in base configuration).
– 4x1GbE fiber interface card (SFP transceivers required).
– 4x10GbE fiber interface card (SFP+ transceivers required).
– 2x40GbE fiber interface card (QSFP transceivers required).
10 onboard 1 GbE copper interface.
Lights out Management Interface.