Check Point SandBlast TE1000X Appliance
Stop new and unknown threats

Features:

Deployment Options

Emulate threats in one of two deployment options: 1. Private cloud: Check Point security gateways send files to a SandBlast appliance for emulation 2. Inline: This is a stand-alone option that deploys a SandBlast Appliance inline or on a SPAN port, utilizing Threat Emulation, Threat Extraction, Anti-Virus and Anti-Bot software blades to secure the traffic.

Comprehensive Threat Protection

SandBlast Appliances protect you from both known and unknown threats with Antivirus, Anti-Bot, Threat Emulation (sandboxing), and Threat Extraction technologies.

Sandblast Zero-day Protection

The SandBlast Threat Emulation technology employs the fastest and most accurate sandboxing engine available to pre-screen files, protecting your organization from attackers before they enter your network.

Known Threat Detection

The Antivirus Software Blade uses real-time virus signatures from ThreatCloud™ to detect and block known malware at the gateway before users are affected. The Anti-Bot Software Blade detects bot-infected machines, preventing damages by blocking bot Command & Control communications.

Evasion Resistant Detection

Traditional sandbox solutions detect malware behavior at the OS level – after the exploitation has occurred and the hacker code is running. They are therefore susceptible to evasion. SandBlast Threat Emulation capability utilizes a unique CPU-level inspection engine which monitors the instruction flow at the CPU-level to detect exploits attempting to bypass OS security controls, effectively stopping attacks before they have a chance to launch.

Proactive Prevention With Prompt Delivery Of Safe Content

When it comes to threat prevention, there doesn’t have to be a trade-off between speed, coverage and accuracy. Unlike other solutions, Check Point Zero-Day Protection can be deployed in prevent mode, while still maintaining uninterrupted business flow. SandBlast Threat Extraction removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow. Configure Threat Extraction in one of two ways: Quickly provide a reconstructed document to the user, or await response from SandBlast Threat Emulation before determining whether or not to reconstruct the document.

Inspect Encrypted Communications

Files delivered into the organization over SSL and TLS represent a secure attack vector that bypasses many industry standard implementations. Check Point Threat Prevention looks inside these protected SSL and TLS tunnels to extract and launch files to discover hidden threats.

Threat Emulation Detailed Report

Every file emulation generates a detailed report. Simple to understand, the report includes detailed forensic information about any malicious attempts originated by running this file. The report provides actual screenshots of the simulated environments while running the file.

ThreatCloud Ecosystem

For each new threat discovered by Threat Emulation, a new signature is created and sent to Check Point ThreatCloud, where it is distributed to other Check Point connected gateways. Threat Emulation converts newly identified unknown attacks into known signatures, making it possible to block these threats before they have a chance to become widespread. This constant collaboration makes the ThreatCloud ecosystem the most advanced and up-to-date threat network available.

Technical Specifications:

	TE100X	TE250X	TE1000X	TE2000X	TE2000X HPP
Performance
Recommended files/month	100K	250K	1M	1.5M	2M
Recommended users	Up to 1,000	Up to 3,000	Up to 10,000		Up to 20,000
Throughput	150 Mbps	700 Mbps	2 Gbps		4 Gbps
Number of virtual machines	4	8	28	40	56
Hardware
Storage	1x 1TB HDD		Redundant dual hot swappable 2x 2TB HDD, RAID1
LOM	Not included
Slide Rails (22” - 32”)	Included
Network
10/100/1000Base-T RJ45 (base/max)	5/13	9/17	6/14	6/14	6/14
10GBase-F SFP+	NA	NA	2/6	4/8	4/8
Transceivers	-	-	Optional	Optional	Included
Expansion slot	1	1	1	1	1
Bypass (Fail-Open)	Optional 4x1GbE (copper or fiber) or 2x 10GbE
Dimensions
Enclosure	1U	1U	2U		2U
Metric (W x D x H)	435 x 448 x 44 mm	438 x 621 x 44 mm		438 x 561 x 88 mm
Standard (W x D x H)	17.13 x 17.64 x 1.63 in.	17.25 x 24.45 x 1.73 in.	17.24 x 22.1 x 3.46 in
Weight	7.7 kg (16.9 lbs.)	9.8 kg (21.6 lbs.)		17.05 kg (37.6 lbs.)
Environment
Operating	32o ~ 104oF / 0o ~ 40oC, (20~90%, non-condensing)
Storage	-14° to 158°F / -10° to 70°, (20% - 90% non-condensing)
Power
Dual, hot swappable	-	Optional	Included
AC input	100-240V
Frequency	47-63 Hz
Single Power Supply Rating	250W	400W	400W		400W
Power Consumption Maximum	50.4W	104W		225.6W
Maximum Thermal Output	172.2 BTU/h	355.7 BTU/h		771.5 BTU/h
Certifications
Safety	CB, UL, Multiple Listing, LVD, TUV
Emissions	FCC, CE, VCCI, RCM
Environment	RoHS

Documentation:

Download the Check Point SandBlast Appliances Datasheet (PDF).