Secure everyThing www.endian.com

Endian UTM Software

Network Security for Small to Large Businesses

Build Your Own: Runs on Complete Security: Protect your Scalability: Delivers a highly virtually any hardware platform critical business resources scalable solution to both small- and mid-size companies Turn any PC into a Unified Threat Management Appliance

Endian UTM Software Appliance offers the same technology that resides in the Endian Unified Threat Management (UTM) hardware appliances, making it possible to turn any PC into a full featured security appliance. Unleash the power of Endian UTM using your preferred hardware to enable comprehensive security for your whole network infrastructure. Integrated security services such as stateful inspection firewall, VPN, gateway antivirus, anti-spam, Web security, and e-mail content filtering offer granular protection in a single system, reducing management time and costs. Endian desi- gned UTM Software Appliance to meet the needs of every business from small to large, providing maximum protection for your network.

Powered Network Security: Stateful inspection firewall and Mail Security: Gateway anti-spam, anti-virus to protect advanced networking features to protect your network. your day-to-day e-mail communication.

Quality of Service and Bandwidth Management: to gua- High Availability: Keep your network up and running even rantee the best quality for VoIP calls and critical services after an Internet connection or hardware failure. in your network. Endian Network: Centralize the configuration and update Intrusion Prevention System: powered by Snort. Packets management of multiple appliances. that match any of the configured rules can be allowed, blo- Web Security: Anti-virus and content filtering for secure cked or logged. Internet access Hotspot: Enable secure Internet access in public areas for Event handling and notification: on predefined events wireless and wired networks. e-mail notifications are automatically sent to the system VPN: Secure communication with branch/remote offices administrator. and teleworkers. Work anywhere, anytime.

It‘s all in your hardware

Hotspot Firewall Network Security Web Security Email Security VPN (SSL & IPsec)

IPS Centralized Management High Availability Updates and Backup Logging/Reporting Disaster Recovery Secure everyThing www.endian.com

Endian UTM Features Network Security Virtual Private Networking BYOD / Hotspot* Bridging • Stateful packet firewall IPsec • Configurable captive portal • Firewall stealth mode • Application control (including • Encryption: Null, 3DES, CAST-128, • Use your website as portal (SurfNow • OSI layer 2 firewall functionality Facebook, Twitter, Skype, WhatsApp AES 128/192/256-bit, Button) • Spanning tree and more) • Blowfish 128/192/256-bit, • Free access to allowed sites • Unlimited interfaces per bridge • Demilitarized zone (DMZ) Twofish 128/192/256-bit, (walled garden) • Intrusion detection and prevention • Serpent 128/192/256-bit, • Wired / wireless support High Availability • Multiple public IP addresses Camellia 128/192/256-bit • Integrated RADIUS service • Hot standby (active/passive) • Multiple WAN • Hash algorithms: MD5, SHA1, SHA2 • Connection logging • Node data/configuration synchroni- • Quality of service and bandwidth 256/384/512-bit, AESXCBC • Bandwidth limiting based on user, zation (not for BYOD/Hotspot) management • Diffie Hellman modes: 1, 2, 5, 14, 15, ticket or global settings Event Management • SNMP support 16, 17, 18, 22, 23, 24 • Social login (Facebook, Google) • More Than 30 Individually Configur- • VoIP/SIP support • Authentication: pre-shared key (PSK), • Social Enabler (sharing on social able Events • SYN/ICMP flood protection RSA keys networks) • Email Notifications • VLAN support (IEEE 802.1Q trunking) • X.509 certificates • MAC-address based user accounts • SMS Notifications • DNS proxy/routing • IKEv1, IKEv2 • Configurable multiple logins per user • Powerful Python Scripting Engine • Anti-spyware • Dead Peer Detection (DPD) • User accounts import/export via CSV • Phishing protection • NAT traversal • User password recovery Logging and Reporting • Compression • Automatic client network Web Security • Reporting dashboard • Perfect Forward Secrecy (PFS) configuration (support for DHCP • Detailed system, web, email, attack • HTTP & FTP proxies • VPN Site-to-Site and static IP) and virus reports • HTTPS filtering • VPN Client-to-Site (roadwarrior) • Fully integrated accounting • Live network traffic monitoring • Transparent proxy support • L2TP user authentication • Generic JSON API for external (powered by ntopng) • URL blacklist • XAUTH user authentication accounting and third party • Live log viewer • Authentication: Local, RADIUS, LDAP, OpenVPN integration • Detailed user-based web access re- Active Directory • Encryption: DES, 3DES, AES • Instant WLAN ticket shop (Smart- port (not in Mini 10 and Mini 10 WiFi) • NTLM single sign-on 128/192/256-bit, CAST5, Blowfish Connect) • Network/system/performance • Group-based and user-based web • Authentication: pre-shared key, X.509 • Single-click ticket generation statistics content filter certificates (Quick ticket) • Rule-based logging settings (firewall • Time based access control with • Support for VPN over HTTP Proxy • SMS/e-mail user validation and rules) multiple time intervals • PPTP passthrough ticketing • Syslog: local or remote • Bitdefender Anti-malware Engine • VPN client-to-site (roadwarrior) • Pre-/postpaid and free tickets • OpenTSA trusted timestamping • Bitdefender Content filter Engine • VPN client for Microsoft Windows • Time-/traffic-based tickets • SafeSearch enforcement and Apple OS X • Configurable ticket validity Extra Services Mail Security • Possibility of multiple logins per user • Terms of Service confirmation • NTP (Network Time Protocol) • VPN failover • MAC address tracking for free • DHCP server • SMTP & POP3 proxies • Multiple server support hotspots • SNMP server • Anti-spam with bayes, pattern • Support for mobile devices • Cyclic/recurring tickets (daily, weekly, • Dynamic DNS and SPF (Android, iOS) monthly, yearly) • Heuristics, black- and whitelists Management / GUI VPN Portal for Clientless Connections* • Remember user after first support • Web-based access to internal authentication (SmartLogin) • Centralized management through • Anti-virus resources • Multi-location setup through Endian Network (SSL) • Transparent proxy support • Configurable portal page master/satellite configuration** • Easy Web-Based Administration • Email quarantine management • Support for multiple destinations • External authentication server (Local, (SSL) • Spam auto-learning • Destination-based authentication LDAP, Active Directory, RADIUS) • Multi-language web-interface • Transparent mail forwarding (BCC) • SSL offloading (English, Italian, German, Japanese, • Greylisting User Management & Authentication Network Address Translation Spanish, Portuguese, Chinese, Rus- • Bitdefender Anti-spam Engine • Unified user management for Open- • Destination NAT sian, Turkish) • Bitdefender Anti-malware Engine VPN, L2TP, XAUTH, VPN Portal • Incoming routed traffic • Secure remote SSH/SCP access WAN Failover • Group management • One-to-one NAT • Serial console • Source NAT (SNAT) • Automatic WAN uplink failover • Integrated certificate authority Updates and Backups • IPsec NAT traversal • Monitoring of WAN uplinks • External certificate authority support • Centralized updates through Endian • Uplink types: Ethernet (static/DHCP), • User password and certificate Routing Network management PPPoE, PPTP • Static routes • Scheduled automatic backups • Multiple authentication servers (local, • Support for UMTS/GPRS/3G USB • Source-based routing • Encrypted backups via email LDAP, Active Directory, RADIUS) dongles • Destination-based routing • Instant recovery / Backup to USB • Fully integrated one-time password • Policy-based routing (based on inter- stick (Endian Recovery Key) User Authentication (OTP) support face, MAC address, protocol or port) • Active Directory / NTLM • Let‘s Encrypt Support • LDAP • RADIUS • Local

* Not in UTM Software 10, UTM Virtual 10, UTM Mini 10, UTM Mini 10 WiFi ** Master functionality not in UTM Mini 25, UTM Mini 25 WiFi and UTM Mercury 50 System Requirements/Hardware Support

Intel x86_64 compatible / 1GHz minimum (dual-core 2 GHz CPU: recommended)

Multi-Processor: Symmetric multi-Processor (SMP) support included

RAM: 2 GB minimum (4 GB recommended)

SCSI, SATA, SAS or IDE disk is required (8GB minimum 20GB Disk: recommended) For software RAID1 (mirroring) two disks of the same type (the Software RAID: capacity needn't be the same) are required An IDE, SCSI or USB CDROM drive is required for installation CDROM: (not required after installation) Most common Network Interface Cards are supported including Network Cards: Gigabit and fiber NICs

Monitor/ Keyboard: Only required for the installation but not for configuration and use

Endian Firewall includes a Hardened Linux Based Operating Operating System: System

© 2021 Endian SRL. Subject to change without notice. Endian and Endian UTM are trademarks of Endian SRL. All other trademarks and registered trademarks are the property of their respective owners.

Endian International Endian Deutschland Tel: +39 0471 631 763 Tel: +49 (0) 8106 30750 - 13 E-mail: [email protected] E-mail: [email protected]

Endian Italia Endian US Tel: +39 0471 631 763 Tel: +1 832 775 8795 E-mail: [email protected] E-mail: [email protected]