You are on page 1of 80

Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

Identity-Based Unified Threat Management


One Identity One Security
Presentation
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Agenda of Presentation

About Company
Challenges of UTM Scenario
Introduction to Cyberoam
Cyberoam Credentials / Awards/ Accreditations
Cyberoam Product Walk-thru

Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

Est. in 1999
500+ Employees
ISO 9001-2000 Certified
Presence in USA, Asia, Middle East
Product installations in 55+ Countries
Invested by $90bn Worlds Largest
Private Equity Group
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
UTM : Unified Threat Management
A solution to fight against multiple attacks and threats
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

A true UTM Appliance should have following features in single
solution:

1. Firewall
2. VPN
3. Intrusion Detection & Prevention
4. Gateway Level Anti-virus for Mails, Website, File Transfers
5. Gateway level Anti-spam
6. Content Identification & Filtering
7. Bandwidth Management for Applications & Services
8. Load Balancing & Failover Facilities



UTM

Unified threat management (UTM) refers to a comprehensive
security product which integrates a range of security features
into a single appliance.

Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Benefits of UTM Appliances

Reduced complexity
All-in-one approach simplifies product selection, integration and support

Easy to deploy
Customers, VARs, VADs, MSSPs can easily install and maintain the products

Remote Management
Remote sites may not have security professionals requires plug-and-play appliance for
easy installation and management

Better Man Power Management
Reduction in dependency and number of high end skilled Human resources

Managed Services
Security requirements & day to day operations can be outsourced to MSSPs

Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Lack of user Identity recognition and control
Inadequate in handling threats that target the user Phishing, Pharming

Unable to Identify source of Internal Threats
Employee with malicious intent posed a serious internal threat
Indiscriminate surfing exposes network to external threats
50 % of security problems originate from internal threats Yankee Group
Source of potentially dangerous internal threats remain anonymous

Unable to Handle Dynamic Environments
Wi-Fi
DHCP

Unable to Handle Blended Threats
Threats arising out of internet activity done by internal members of organization
External threats that use multiple methods to attack - Slammer

Lack of In-depth Features
Sacrificed flexibility as UTM tried to fit in many features in single appliance.
Inadequate Logging, reporting, lack of granular features in individual solutions
Challenges with Current UTM Products
Need for Identity based UTM
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Layer 8 Firewall (Patent-pending Technology)
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Patent Pending: Identity-Based Technology
User
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam is the only Identity-based Unified Threat
Management appliance that provides integrated Internet
security to enterprises and educational institutions through
its unique granular user-based controls.
Cyberoam Identity Based Security
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam Appliances CRi Series
CRi series for SOHO (Small Office-Home Office)
& ROBO (Remote Office-Branch Office)
CR 15wi - Wireless
CR 15i
CR 25ia
CR 35ia


CRi series for Small to Medium Business

CR 50ia
CR 100ia
CR 200i

CRi series for Medium Enterprises
CR 300i
CR 500ia
CR 750ia
CRi series for Large Enterprises

CR 1000i
CR 1500i
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Identity-based Firewall
VPN
Bandwidth Management
Multiple Link Management
On Appliance Reporting
8*5 Tech Support & 1 Year Warranty
Subscriptions

Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included)
Gateway Anti-spam Subscription
Web & Application Filtering Subscription
Intrusion Prevention System (IPS)
8*5 Tech Support & 1 Year Warranty

Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis
Basic Appliance
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
2008 - Emerging Vendor of the Year
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Certifications
UTM Level 5 complete UTM certification
Anti-Virus
Anti-Spyware Anti-Spam URL Filtering Firewall
VPN
IPS/IDP
Premium
ICSA Certified
Firewall
VPNC Certified for Basic VPN
& AES Interoperability
Certifications - pipeline
ICSA Certification
for High
Availability
IPv6 compliance
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
console is well organized and
intuitive to navigate
flexible and very powerful






Fully loaded, with many great
features
packs a more serious punch
can restrict or open internet access by
bandwidth usage, surf time or data
transfer.
March 2008 UTM Roundup
Cyberoam CR1000i
Five Star Rated Three Years Running
July 2007 UTM Roundup
Cyberoam CR250i
Finalist in SC Magazine Awards 2009, Europe

Cyberoam has been short-listed as a finalist for the Best SME Security
Category
Year 2009 UTM Roundup
One of the best UTM
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
deserves credit for its flexible configuration options,
extensive security, content filtering, and bandwidth
management features.
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Get top tech company
From Zdnet Asia 2008/09

Tomorrows Technology Today
2007
2007 Finalist American Business
Awards
2007 Finalist Network Middle East
Award
Best Security Product
Best SMB Networking Vendor
VAR Editors Choice for Best
UTM (2007 left , 2008-right)
Finalist - 2008 Global Excellence
in Network Security Solution
CRN Emerging Tech Vendors
2007
Awards
Finalist PC pro awards 2009
for the Business Hardware of the year
Received Gold Award from IDG
Channel World Magazine
Best network security vendor 2009
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
GLOBAL PRESENCE (Over 55 Countries)
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Global Clientele
USA Largest Chain Store
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Education:
DY Patil Institute of
Management
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
BFSI & Govt. Clientele
BSNL
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Malaysia Government Clients
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Malaysia Corporate Clients
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam Product walk thru
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

Normal Firewall
Rule matching criteria
- Source address
- Destination address
- Service (port)
- Schedule


Action
- Accept
- NAT
- Drop
- Reject
- Identity
Cyberoam - Identity Based UTM
Unified Threat Controls (per Rule Matching Criteria)
- IDP Policy
- Internet Access Policy
- Bandwidth Policy
- Anti Virus & Anti Spam
- Routing decision
However, fails in DHCP, Wi-Fi environment
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Next Generation
Layer 7 Firewall
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Port 443
Port 80
443
80 443 21
80
443
80
443
80
21
1
st
Generation Firewalls
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Mail
Skype
Mail Web Web FTP Web
Bit
Torrent
Application Firewalls CR Version 9
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
CRM ERP
Sales
force
You
Tube
IM
Application
Web
mail
Casual
Traffic
Application Firewall Crowd of Applications Bandwidth Management
Next Generation Firewalls Version X
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
CRM
ERP
Sales
force
You
Tube
IM
Application
Web
mail
Casual
Traffic
Application Firewall Crowd of Applications Bandwidth Management
Next Generation Firewalls
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
New Architecture &
Firmware
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Salient Features of the
NG GUI
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Accordion Menu & TABs for easy navigation of menu items
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Easy Access Top Panel
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Identity-Based Content Filtering
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Database of millions of sites in 82+ categories
Blocks phishing, pharming, spyware URLs
HTTP upload control & reporting
Web and Application Filtering Features
Block & Control Applications such as P2P, Streaming, Videos/Flash
Local Content Filter Database to reduces latency and dependence
on network connectivity.
Customized blocked message to educate users about organizational
policies and reduce support calls
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Identity Based Policies
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Educate Users with Custom Denied Messages and
Reduce Your Support Calls
James
http://www.screensaver.com
Dear Mark,
The web site you are trying to access
is listed within the category SpywareandP2P
It can result in download of spyware and adware which result in popups.
They are a threat to you and the enterprise and can slow the network down.
http://www.screensaver.com http://www.screensaver.com
Dear Mark,
The web site you are trying to access
is listed within the category SpywareandP2P
It can result in download of spyware and adware which result in popups.
They are a threat to you and the enterprise and can slow the network down.
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

Key Features





Pasted from <http://cyberoam.com/bandwidthmanagement.html>


Application and Identity-based bandwidth allocation
Committed and burstable bandwidth
Time-based, schedule-based bandwidth allocation
Restrict Bandwidth usage to a combination of source, destination and
service/service group
Identity-based Bandwidth Management
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
External Authentication
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Authentication and External Integration
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Advanced Multiple Gateway Features
Schedule based bandwidth assignment
Gateway Alerts on Dashboard
Bandwidth Utilization Graphs

Active-Active Auto Link Failover & Load Balancing
Active-Passive Auto Link Failover
Source & Destination Routing
Support for more than 2+ ISP links
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Gateway Anti-Virus
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Scans WEB, FTP, Pop3, SMTP & IMAP traffic
Self-service quarantine area
Signature update ever 30 Mins
Identity-based HTTP virus reports
Disclaimer Addition to outbound emails
Spyware and other malware protection including Phishing emails
Block attachment based on Extensions (exe, .bat, .wav etc)
Gateway Anti- Virus Features
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Gateway Anti-Spam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Spam filtering with (RPD) Recurrent Pattern Detection technology
Virus Outbreak Detection (VOD) for zero hour protection
Self-Service quarantine area
Content-agnostic
Change recipients of emails
Scans SMTP, POP3, IMAP traffic
Gateway Anti-Spam Features
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Protects against Image-based Spam and spam in different languages
The spam catch rate of over 98%
1 in Million false positives in spam
Local cache is effective for >70% of all spam resolution cases
RPD (Recurrent Pattern Detection)
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Intrusion Prevention System (IPS)
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Multiple and Custom IPS policies Identity-based policies
Identity-based intrusion reporting
Ability to define multiple policies
Reveals User Identity in Internal Threats scenario
IPS Features
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam in Numbers



Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Other Network / System Features
High Availability (Active-Active / Active-Passive)
Stateful Failover
VPN Failover
Dynamic Routing (RIP, OSPF, BGP)
NTP Support
Multiple Configurable Syslog Server Support
GUI based Real Time Firewall Log
Roll Back (Roll back to last upgraded version)



And Much More
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
What is Multi-core:

More than one processors working together to achieve high
processing power.

Benefits:
Purpose-built Hardware
True Parallel Processing
Each processor is programmed to run tasks parallel
In case of a new attack, Cyberoam appliances do not suffer from
performance degradation associated with switching from ASIC-
based acceleration to general-purpose processors.
Multicore Processor-based Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam Reports are placed on Appliance
Other UTMs
Reporting Module/
Device
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Integrated iView
Reporting
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Subscription free On-Appliance Reporting
Real-time Monitoring and Alerting
Over 1100+ Drilldown Reports
Reports in HTML, MHTML, PDF, & CSV formats & Email Alerts
Web 2.0 GUI and Reporting interface.
iView
(Cyberoam Aggregated Reporting & Logging Software)
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Instant Messaging
Logging & Control
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Instant Messaging Logging & Control
Yahoo & Windows Live Messaging
Control Who Communicates with Whom
Control Webcam usage
Control Voice Usage
Individual as well as Group Control
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Control who can chat with whom

Archive
Communication
Control communication medium
(chat, video, voice)
Data Protection
Productivity
Instant Messaging & Control
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Cyberoam supports IPSec, SSL VPN, L2TP, PPTP

Threat Free Tunneling (TFT)
VPN Firewall Management
VPN Bandwidth Management
VPN Protection Antivirus / Antispam / IPS / Content Filtering / DoS

VPN Topologies:
Road-Warrior (Remote Access), Site to Site
Hub & Spoke
VPN Failover

Main Mode / Aggressive Mode

Identity based VPN control using xAuth

Local digital certification authority (CA) and support external CA
VPN Features
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
SSL VPN Enhancements
Application Access Mode within Web Browzer
HTTP, HTTPS
RDP
Telnet , SSH
FTP
SSL VPN Client
Save Password
Auto Start VPN Connection
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Stability
& Performance
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Stability & Performance
Firmware based approach
~10 second Soft Reboot Time
Fast GUI Access
Extensible Architecture vs ASIC
Preparing for upcoming threats
HTTP Proxy Enhancements for HTTP 1.1 protocol
Extensive Logging and Log Viewer for Instant Troubleshooting
Getting ready for the Enterprise.
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
And Much More
Role Based Access Control
Multiple Authentication Support for User
External Authentication for Administrator
Customer My Account Revamp
HTTP DDoS attack protection
Naming Firewall Rules for easy troubleshooting
HTTP & FTP scanning over custom ports
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
And Much More
Inline Captive Portal
HTTPS
Super Enhanced Packet Capture Log & Log Viewer
VLAN over WAN
Support for MD5 Authentication for RIP & OSPF
Enhanced IPS Actions
Drop Connection
Drop Attack Source
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
IPv6 Ready
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
IPV4
Cyberoam With IPv6 Ready Logo Only 2
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
IPv6 Ready
Only the 2
nd
UTM
IPv4IPv6 tunneling
IPv6IPv4 tunneling
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
3G & Wimax USB Card Connectivity
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Version X
Summary
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Security
Productivity
Connectivity
Application Control
SSL (HTTPS)
Scanning
Instant Messaging
Control
Firmware based
Approach
Usable GUI
Performance
3G Support
IPv6 Ready
SSL VPN
Application Access
Mode
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Overview of Cyberoams Security Approach:

Who do you give access to: An IP Address or a User?
Whom do you wish to assign security policies:
Username or IP Addresses?
In case of an insider attempted breach, whom do you wish to
see: User Name or IP Address?
How do you create network address based policies in a DHCP
and a Wi-Fi network?
How do you create network address based policies for shared
desktops?
Cyberoam: Identity-based Security
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam
Question/Answer Session
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam









Please visit us at www.secureone.com.my






Thank You

You might also like