Unified Threat Management (UTM) Firewall

Providing continuous monitoring and protection against outside threats.

The IT threat landscape is more complex than ever before.

Improve your security posture and protect your business.

ControlScan’s Unified Threat Management (UTM) Firewall service is ideal for any organization that seeks to provide a layered security approach against network attacks.

The UTM Firewall solution has a comprehensive suite of network services, eliminating the need for multiple appliances. Services include a next-generation firewall, content filtering, web search filtering, SNORT® based intrusion prevention, web caching, WAN optimization, multiple WAN uplinks and 4G failover. This technical data sheet provides an overview of the UTM Firewall capabilities, services and product specs.


  • Application-aware traffic control: set bandwidth policies based on Layer 7 application type (e.g., YouTube)
  • CIPA-compliant content filter, safe-search enforcement (Google/Bing), and YouTube for Schools
  • PCI-compliant intrusion prevention sensor using SNORT® , developed by Sourcefire
  • Anti-virus and anti-phishing: flow-based protection engine powered by Cisco Advanced Malware Protection
  • Identity-based security policies and application management

Cloud Management

  • Unified WAN, LAN, and wireless LAN management through a web-based dashboard
  • Settings scale easily from single-site deployments to multi-site deployments with thousands of devices
  • Summary reports with user, device, and application usage details archived in the cloud
  • Role-based administration, email alerts on configuration change, connectivity issues and power loss, auditable change logs

Site-to-Site VPN with 4G Failover

  • Auto VPN: automatic routing table generation, IKE/IPsec setup and key exchange via secure cloud
  • Automatic failover to secondary WAN link or 4G connection
  • Interoperates with standards-based IPsec VPNs
  • Automated MPLS to VPN failover
  • Client VPN: L2TP IPsec support for native Windows, Mac OS X
  • iPad and Android clients with no per-user licensing fees

Branch Gateway Services

  • Built-in DHCP, NAT, QoS, and VLAN management services
  • Web caching: accelerates frequently accessed content
  • Link bonding: combines multiple WAN links into a single high- speed interface, with policies for QoS, traffic shaping, and failover
  • Layer 3 failover: automatic detection of layer 2 and layer 3 outages and fast failover, including 3G/4G USB modems
  • WAN optimization: data redundancy elimination, protocol optimization, and compression provide bandwidth savings up to 99%

Integrated Wireless

  • 1x 802.11b/g/n or 802.11a/n radio, 3x3 MIMO with 3 spatial streams
  • Unified management of network security and wireless
  • Integrated enterprise security and guest access
  • Application-aware traffic analysis and traffic shaping

Ironclad Security for Edge Networks

The hardware platform is purpose-built for Layer 7 deep packet inspection with advanced security features while providing the throughput and capacity for modern, bandwidth-intensive networks. Layer 7 fingerprinting technology lets administrators identify unwanted content and applications and prevent recreational apps like BitTorrent from wasting precious bandwidth. It also uses the Webroot® BrightCloud URL categorization database for CIPA / IWF compliant content-filtering. Best of all, these industry-leading Layer 7 security engines and signatures are always kept up-to-date via the cloud, simplifying network security management and providing peace-of-mind to IT administrators.

Increased Reliability with Multiple WAN Links and 3G/4G Failover

Multiple WAN ports with balancing and failover enable the use of redundant commodity Internet connections, providing additional bandwidth and higher reliability. For remote sites where multiple wireline providers are difficult to secure, the UTM appliance can fail over to 3G/4G wireless Internet connections.

Reduce Bandwidth Costs with Web Caching and WAN Optimization

Web caching temporarily stores video, media, and web documents, lowering bandwidth usage and accelerating the download speed of Internet content. WAN optimization dramatically improves application performance and reduces bandwidth requirements at remote sites. WAN optimization includes link compression and protocol optimization. Link compression reduces TCP traffic by 20% - 30%, and protocol optimization accelerates Windows File Sharing (CIFS), FTP, and HTTP transfers.

Lifetime Warranty with Next-day Advanced Replacement

ControlScan’s appliances include a limited lifetime hardware warranty that provides next-day advance hardware replacement. Software upgrades, centralized systems management, and phone support are also included.