Check Point SandBlast TE2000XN Appliance
Stop new and unknown threats

Check Point SandBlast TE2000XN Appliance

Check Point Products

SandBlast Appliance

SandBlast TE2000XN-28VM Appliance, delivers SandBlast zero-day service to gateways covered by SNBT license (includes Microsoft Windows and Office license for 28 Virtual Machines)

#CPAP-SBTE2000XN-28VM
List Price: ~~$158,790.00~~
Our Price: ~~$131,906.85~~
Call For Lowest Price!

SandBlast TE2000XN-56VM Appliance, delivers SandBlast zero-day service to gateways covered by SNBT license (includes Microsoft Windows and Office license for 56 Virtual Machines)

#CPAP-SBTE2000XN-56VM
List Price: ~~$249,520.00~~
Our Price: ~~$207,276.26~~
Call For Lowest Price!

NGTX Package

NGTX Package subscription for TE2000XN-28VM for 1 year

#CPSB-NGTX-SBTE2000XN-28VM-1Y
Our Price: ~~$33,460.00~~
Call For Lowest Price!

NGTX Package subscription for TE2000XN-28VM for 2 years

#CPSB-NGTX-SBTE2000XN-28VM-2Y
Our Price: ~~$66,920.00~~
Call For Lowest Price!

NGTX Package subscription for TE2000XN-28VM for 3 years

#CPSB-NGTX-SBTE2000XN-28VM-3Y
Our Price: ~~$100,380.00~~
Call For Lowest Price!

Click here to jump to more pricing!

Overview:

Product Benefits

Prevent new and unknown attacks in documents and executable files
Makes it virtually impossible for hackers to evade detection
Reduces costs by leveraging existing security infrastructure
Maximize protection through unified management, monitoring, and reporting
Increase security with automatic sharing of new attack information with ThreatCloud

Product Features

Identify new malware hidden in over 40 files types, including: Adobe PDF, Microsoft Office, Java, Flash, executables, and archives
Protect against attacks targeting multiple Windows OS environments
A range of appliances are available with scan rates from 100K to 2M file-scans per month
Threat Extraction removes exploitable content to deliver clean files without delay
Unique CPU-Level technology catches malware before it has an opportunity to deploy and evade detection

Known Threat Detection

Antivirus uses real-time virus signatures from ThreatCloud™ to detect and block known malware at the gateway before users are affected. Anti-Bot detects bot-infected machines, preventing damages by blocking bot Command & Control communications.

Unknown Threat Detection

The SandBlast Threat Emulation technology employs the fastest and most accurate sandboxing engine available to pre-screen files, protecting your organization from attackers before they enter your network. Traditional sandbox solutions detect malware behavior at the OS level – after the exploitation has occurred and the hacker code is running. They are therefore susceptible to evasion. SandBlast Threat Emulation capability utilizes a unique CPU-level inspection engine which monitors the instruction flow at the CPU-level to detect exploits attempting to bypass OS security controls, effectively stopping attacks before they have a chance to launch.

Promptly Deliver Safe Content

When it comes to threat prevention, there doesn’t have to be a trade-off between speed, coverage and accuracy. Unlike other solutions, Check Point Zero-Day Protection can be deployed in prevent mode, while still maintaining uninterrupted business flow.

SandBlast Threat Extraction removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow.

Configure Threat Extraction in one of two ways: Quickly provide a reconstructed document to the user, or await response from SandBlast Threat Emulation before determining whether or not to reconstruct the document.

Features:

Threat Extraction
Extraction Modes
Clean and keep original file type Convert to PDF
File Types
PC: Windows XP or laterWeb downloads and email attachments in these formats: Microsoft Word Microsoft PowerPoint Microsoft Excel Adobe PDF Image files
Extracted Content
Over 15 extractable component types including: Macros and Code Embedded Objects Linked Objects PDF JavaScript Actions PDF Launch Actions
Protocols
Web downloads: HTTP, HTTPS, ICAP Email attachments: SMTP, IMAP, POP3, SMTPS – MTA deployment

Threat Emulation
Emulation Environments
PC: Windows XP or later
File Types
Over 70 file types emulated, including: Microsoft Office documents and templates, EXE, DLL, Archives (ISO, ZIP, 7Z, RAR, etc.), PDF, Flash, Java, scripts and more
Archive Files
Archived (compressed) files Password protected archives
Protocols
HTTP, HTTPS, SMTP, SMTPS, IMAP, CIFS, SMBv3, SMBv3 multi-channel, FTP

Sandblast Zero-day Protection

Check Point SandBlast Zero-Day Protection, with evasion-resistant malware detection, provides comprehensive protection from even the most dangerous attacks while ensuring quick delivery of safe content to your users. At the core of our solution are two unique capabilities – Threat Emulation (sandboxing) and Threat Extraction (Content Disarm & Reconstruction) that take threat defense to the next level.

Evasion Resistant Detection

As part of the Check Point SandBlast solution, the Threat Emulation engine detects malware at the exploit phase, even before hackers can apply evasion techniques attempting to bypass the sandbox. Files are quickly quarantined and inspected, running in a virtual sandbox to discover malicious behavior before it enters your network. This innovative solution combines CPU-level inspection and OS-level sandboxing to prevent infection from the most dangerous exploits, and zero-day and targeted attacks.

Content Disarm & Reconstruction (CDR)

In addition, the SandBlast Threat Extraction (CDR) capability immediately provides a safe version of potentially malicious content to users. Exploitable content, including active content and various forms of embedded objects, are extracted out of the reconstructed file to eliminate potential threats. Access to the original suspicious version is blocked, until it can be fully analyzed by SandBlast Zero-Day Protection. Users have immediate access to content, and can be confident they are protected from the most advanced malware and zero-day threats.

Deployment Options

Emulate threats in one of two deployment options:

Private cloud: Check Point security gateways send files to an on-premises SandBlast appliance for emulation
Inline: This is a stand-alone option that deploys a SandBlast Appliance inline as MTA or as an ICAP server or on a SPAN port, utilizing all threat prevention technologies, including IPS, Antivirus, Anti-Bot, Threat Emulation, Threat Extraction, URL Filtering and Application Control.

Technical Specifications:

	TE250XN	TE2000XN
		TE2000XN-28VM	TE2000XN-56VM
Unique files per hour	1,300	5,000	8,000
Virtual machines	8	28	56
Throughput	1 Gbps	2.6 Gbps	5.2 Gbps
Hardware
CPU cores	1x 16 physical, 32 virtual	2x 12 physical, 24 virtual
Storage	1x 960GB SSD	1x 2TB SSD
Memory	64 GB	128 GB
Power supplies	2x AC, DC option	2x AC, DC option
LOM	Optional	Included
Slide Rails	Included	Included
Network
1GbE Copper RJ45	10x 10/100/1000 RJ45 on-board	2x 10/100/1000 RJ45 on-board
Expansion Slots	N/A
100GbE QSFP28		2
100G QSFP28 port configurations
10GbE SFP+		2x with Included 10GbE SR transceivers
25GbE SFP28		2x with optional 25GbE transceivers
40GbE QSFP+		2x with optional 40GbE transceivers
Dimensions
Enclosure	1U	1U
Metric (W x D x H)	438 x 580 x 44mm	442 x 610 x 44 mm
Standard (W x D x H)	17.2 x 22.83 x 1.73 in.	17.4 x 24 x 1.73 in
Weight		13 kg (28.7 lbs.)
Environment
Operating	32º to 104ºF / 0º to 40ºC, (5 - 95%, non-condensing)
Storage	-4° to 158°F / -20° to 70°C, (5 - 95% non-condensing)
Power
Dual, hot swappable	Included	Included
AC input	100-240V, 47-63 Hz	100-240V, 47-63 Hz
Power Supply Rating	500W	850W
Power Consumption avg/max	144W/270W	188W/438W
Max Thermal Output	921 BTU/hr	1494 BTU/hr
Certifications
Safety	UL, CB, CE, TUV GS
Emissions	FCC, CE, VCCI, RCM/C-Tick
Environment	RoHS, WEEE

Performance numbers are based on unique files scanned which typically represent 20 to 30% of the total number of files. Most files are retransmissions of files seen before. These known files are processed based on the file hash without impacting the appliance performance. Performance based on:

File blend: A blend of unique files representing real-world mail and web traffic
Emulation environment: Check Point recommended images for emulation
Distributed topology; an inline security gateway sending files for emulation to a SandBlast appliance

Documentation:

Download the Check Point SandBlast Appliances Datasheet (PDF).

Pricing Notes:

Pricing and product availability subject to change without notice.