Check Point 21800 Appliance
Datacenter-grade security appliance
Sorry, this unit has been discontinued. Please, contact us for a replacement product!
Today the Internet gateway is more than a firewall. It is a security device presented with an ever-increasing number of sophisticated threats. As a security gateway it must use multiple technologies to control network access, detect sophisticated attacks and provide additional security capabilities like data loss prevention and protection from web-based threats. The proliferation of mobile devices like smartphones and Tablets and new streaming, social networking and P2P applications requires a higher connection capacity and new application control technologies. Finally, the shift towards enterprise private and public cloud services, in all its variations, changes the company borders and requires enhanced capacity and additional security solutions.
Leveraging its multi-core and acceleration technologies, with 4300 SecurityPower Units, the Check Point 21800 appliance supports lightning-fast firewall throughput of up to 110 Gbps1 with sub 5μs latency. The 21800 is designed from the ground up for unmatched flexibility for even the most demanding enterprise and data center network environments.
The 21800 appliance has 3 expansion slots supporting a wide range of network options. The standard configuration includes one on-board 10/100/1000 RJ-45 Management port and a twelve 1 Gigabit Ethernet copper port card. In addition the 21800 appliance includes an on-board 10GbE Sync port (SR transceiver included). A maximally configured 21800 provides up to 37 Gigabit Ethernet copper ports or 36 fiber ports or thirteen 10 Gigabit Ethernet fiber ports.
The 21800 appliance chassis is highly serviceable. Access to all components is available from the front and the back of the unit when mounted in the rack. There is one slot for an optional Security Acceleration Module to boost performance of the appliance. In addition to hot-swappable redundant disk drives and power supply units, the 21800 appliance also supports Lights-Out-Management (LOM) for remote support and maintenance capabilities.
- Fits easily into complex networks
- Redundancy eliminates downtime
- Centralized control with LOM
- Ideal for low latency transactions
- Extensible Software Blade Architecture
- 4100/43001 SecurityPower™ Units
- Optimized for low latency
- High port density
- High availability and serviceability
- Simple deployment and management
Security Acceleration ModuleThe optional Check Point Security Acceleration Module (SAM-108) for the 21000 Appliances is ideal for latencysensitive applications such as financial trading and VoIP communication. With sub 5 micro-seconds firewall latency, this purpose-built acceleration module boasts 108 SecurityCores™ accelerating traffic on all Acceleration- Ready interface ports with a single SAM-108. Performance for the 21800 appliance is boosted to 110 Gbps of firewall throughput, 50 Gbps of VPN throughput and 300,000 connections per second.
Inclusive High Performance PackageCustomers with high connection capacity requirements can purchase the affordable High Performance Package (HPP) with the Next Generation security package of their choice. This includes the appliance plus an Acceleration Ready 4x10Gb SFP+ interface card, transceivers and 64 GB of memory for high connection capacity. The SAM-108 High Performance Package also includes transceivers, 64 GB of memory in the appliance and 48 GB of memory in the Security Acceleration Module.
A Reliable Serviceable PlatformThe Check Point 21800 appliance delivers business continuity and serviceability through features such as hotswappable redundant power supplies, hot-swappable redundant hard disk drives (RAID), redundant fans and an advanced LOM card for out-of-band management. Combined together, these features ensure a greater degree of business continuity and serviceability when these appliances are deployed in the customer’s networks.
Remote Management And MonitoringA Lights-Out-Management (LOM) card provides out-of-band remote management to remotely diagnose, start, restart and manage the appliance from a remote location. Administrators can also use the LOM web interface to remotely install an OS image from an ISO file.
All-inclusive Security SolutionsThe Check Point 21800 Appliances offer a complete and consolidated security solution available in five Next Generation Security Software Blade packages. Next Generation Firewall (NGFW): identify and control applications by user and scan content to stop threats. Next Generation Secure Web Gateway (SWG): enables secure use of Web 2.0 with real time protection. Next Generation Data Protection (NGDP): preemptively protect sensitive information from unintentional loss and educate users on proper data handling policy in real-time. Next Generation Threat Prevention (NGTP): prevent sophisticated cyber-threats with IPS, Application Control, Antivirus, Anti-Bot, URL Filtering and Email Security. Next Generation Threat Extraction (NGTX): advanced next-gen zero-day threat prevention, NGTP with Threat Emulation and Threat Extraction.
Prevent Unknown ThreatsCheck Point provides complete zero-day threat prevention and alerts when under attack. Threat Extraction delivers zero-malware documents in zero seconds. Threat Emulation inspects files for malicious content in a virtual sandbox. When Threat Emulation discovers new threats, a signature is sent to the Check Point ThreatCloud database which documents and shares information on the newly identified malware with other Check Point customers — providing immediate protection against zero-day threats.
Integrated Security ManagementThe appliance can either be managed locally with its available integrated security management or via central unified management. Using local management, the appliance can manage itself and one adjacent appliance for high availability purposes.
RFC 3511, 2544, 2647, 1242 Performance (LAB)
Network Expansion Slot Options (3 slots)
Operating Environmental Conditions
1With Security Acceleration Module.
2Maximum R77 production performance based upon the SecurityPower benchmark. Real-world traffic, Multiple Software Blades, Typical rule-base, NAT and Logging enabled. Check Point recommends 50% SPU utilization to provide room for additional Software Blades and future traffic growth. Find the right appliance for your performance and security requirements using the Appliance Selection Tool.
|SecurityPower1||2175 / 29002||3300 / 35512||4100 / 43002|
|Firewall Throughput (Gbps)|
|Raw3||50 / 1102||78.6 / 1102||78.6 / 1102|
|Production5||17.1 / 44.32||25.4 / 44.52||30.4 / 44.52|
|Firewall Latency2||< 5μs||< 5μs||< 5μs|
|VPN AES-128 Throughput (Gbps)||7 / 502||11 / 502||23.5 / 502|
|IPS Throughput (Gbps)|
|Connections per Second||130K / 300K2||170K / 300K2||198K / 300K2|
|Virtual System Support||Yes||Yes||Yes|
|Max VS Supported (Default/Max)||125 / 250||150 / 250||150 / 250|
|10/100/1000Base-T Ports||13 to 37||13 to 37||13 to 37|
|1000Base-F SFP Ports||up to 36||up to 36||up to 36|
|10GBase-F SFP+ Ports||up to 12||up to 13||up to 13|
|Memory||12, 24 GB||16, 32, 64 GB||16, 32, 64 GB|
|Storage||2 x 500 GB HDD RAID1||2 x 500 GB HDD RAID1||2 x 500 GB HDD RAID1|
|I/O Expansion Slots||3||3||3|
|Dimensions (standard)||17" W x 28" D x 3.5" H|
|Dimensions (metric)||431 mm W x 710 mm D x 88 mm H|
|Weight||26 kg (57.4 lbs.)|
|Operating Environment||Temperature: 32° to 104°F / 0° to 40°C; Relative Humidity 20% to 90% (non-condensing)|
|Non-Operating Environment||Temperature: -4° to 158°F / -20° to 70°C; Relative Humidity 5% - 95% (non-condensing)|
|Redundant Hot-Swap Power Supply||Yes||Yes||Yes|
|Power Input||100~240VAC, 47~63Hz|
|Power Supply Spec (Max)||2 x 910W||2 x 1200W||2 x 1200W|
|Power Consumption (Max)||449W / 744W2||489W / 784W2||489W / 784W2|
|Safety||CB, UL, cUL, CSA, TUV|
|Emissions||CE, FCC VCCI, C-Tick|
|1 Check Point's SecurityPower is a new benchmark metric that allows customers to select security appliances by their capacity to handle real-world network traffic, multiple security functions and a typical security policy
2 With Security Acceleration Module
3 Raw throughput is based on RFC 3511 with 1518 bytes UDP packets
4 Recommended IPS profile, IMIX traffic blend
5 Assumes maximum production throughput environment with real-world traffic blend, a typical rule-base size, NAT and logging enabled and the most secure threat prevention protection
6 Effective October 31, 2014 Check Point will no longer sell the 21600 Appliance. Visit the Support Lifecycle page to learn about replacement appliances.
|Advanced Networking & Clustering|
|Mobile Access 1||*|
|Anti-Spam & Email Security||*||*||*|
|Network Policy Management|
|Logging and Status|
|Endpoint Policy Management||*||*||*||*||*|
|NGFW = Next Generation Firewall; NGDP = Next Generation Data Protection; NGTP = Next Generation Threat Prevention; NGSWG = Next Generation Secure Web Gateway
* - Optional
1 Five users are included in default package
Download the Check Point 21800 Appliance Datasheet (PDF).
- Pricing and product availability subject to change without notice.
Our Price: $11,000.00
Our Price: $12,500.00
Our Price: $22,200.00
Our Price: $19,500.00
Our Price: $30,500.00
*The purchase of a Security Gateway container is required per user
Our Price: $4,100.00
Our Price: $3,300.00
Our Price: $3,300.00
Our Price: $3,300.00