Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Identity-Based Unified Threat ManagementOne Identity – One Security

Presentation

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Agenda of Presentation

• About Company• Challenges of UTM Scenario• Introduction to Cyberoam• Cyberoam Credentials / Awards/ Accreditations• Cyberoam Product Walk-thru

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Est. in 1999 500+ Employees ISO 9001-2000 Certified Presence in USA, Asia, Middle East Product installations in 55+ Countries Invested by $90bn World’s Largest

Private Equity Group

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

UTM : Unified Threat Management

A solution to fight against multiple attacks and threats

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

A true UTM Appliance should have following features in single solution:

1. Firewall

2. VPN

3. Intrusion Detection & Prevention

4. Gateway Level Anti-virus for Mails, Website, File Transfers

5. Gateway level Anti-spam

6. Content Identification & Filtering

7. Bandwidth Management for Applications & Services

8. Load Balancing & Failover Facilities

UTM

UTM

Unified threat management (UTM) refers to a comprehensive security product which integrates a range of security features into a single appliance.

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Benefits of UTM Appliances

Reduced complexity All-in-one approach simplifies product selection, integration and support

Easy to deployCustomers, VARs, VADs, MSSPs can easily install and maintain the products

Remote Management Remote sites may not have security professionals – requires plug-and-play appliance for easy installation and management

Better Man Power ManagementReduction in dependency and number of high end skilled Human resources

Managed ServicesSecurity requirements & day to day operations can be outsourced to MSSPs

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Lack of user Identity recognition and control Inadequate in handling threats that target the user – Phishing, Pharming

Unable to Identify source of Internal Threats Employee with malicious intent posed a serious internal threat Indiscriminate surfing exposes network to external threats 50 % of security problems originate from internal threats – Yankee Group Source of potentially dangerous internal threats remain anonymous

Unable to Handle Dynamic Environments Wi-Fi DHCP

Unable to Handle Blended Threats Threats arising out of internet activity done by internal members of organization External threats that use multiple methods to attack - Slammer

Lack of In-depth Features Sacrificed flexibility as UTM tried to fit in many features in single appliance. Inadequate Logging, reporting, lack of granular features in individual solutions

Challenges with Current UTM Products

Need for Identity based UTM…

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Layer 8 Firewall (Patent-pending Technology)

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Patent Pending: Identity-Based Technology

User

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls.

Cyberoam – Identity Based Security

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam Appliances CRi Series

CRi series for SOHO (Small Office-Home Office) & ROBO (Remote Office-Branch Office)CR 15wi - WirelessCR 15iCR 25iaCR 35ia

CRi series for Small to Medium Business

CR 50iaCR 100iaCR 200i

CRi series for Medium Enterprises CR 300i

CR 500iaCR 750ia

CRi series for Large Enterprises

CR 1000i CR 1500i

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

• Identity-based Firewall• VPN• Bandwidth Management• Multiple Link Management• On Appliance Reporting• 8*5 Tech Support & 1 Year Warranty

Subscriptions• Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included)• Gateway Anti-spam Subscription• Web & Application Filtering Subscription• Intrusion Prevention System (IPS)• 8*5 Tech Support & 1 Year Warranty

Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis

Basic Appliance

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

2008 - Emerging Vendor of the Year

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

CertificationsUTM Level 5 complete UTM certification

Anti-Virus Anti-Spyware Anti-Spam URL Filtering Firewall VPN IPS/IDP

Premium

ICSA Certified Firewall

VPNC Certified for Basic VPN & AES Interoperability

Certifications - pipeline

ICSA Certification for High AvailabilityIPv6 compliance

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

“console is well organized and intuitive to navigate”

“flexible and very powerful”

“Fully loaded, with many great features”

“packs a more serious punch” “can restrict or open internet access

by bandwidth usage, surf time or data transfer”.

Enterpr

iseMarch 2008 – UTM Roundup

Cyberoam CR1000iSMB

Five Star Rated – Three Years RunningJuly 2007 – UTM Roundup

Cyberoam CR250i

Finalist in SC Magazine Awards 2009, Europe 

Cyberoam has been short-listed as a finalist for the Best SME Security Category

Year 2009 – UTM RoundupOne of the best UTM

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

“deserves credit for its flexible configuration options, extensive security, content filtering, and bandwidth management features. “

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Get top tech companyFrom Zdnet Asia 2008/09

Tomorrow’s Technology Today 2007

2007 Finalist American Business Awards

2007 Finalist Network Middle East Award

Best Security Product Best SMB Networking Vendor

VAR Editor’s Choice for Best UTM (2007 –left , 2008-right)

Finalist - 2008 Global Excellence in Network Security Solution

CRN – Emerging Tech Vendors 2007

Awards

Finalist – PC pro awards 2009for the Business Hardware of the year

Received Gold Award from IDG Channel World Magazine

Best network security vendor 2009

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

GLOBAL PRESENCE (Over 55 Countries)

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Global Clientele

USA Largest Chain Store

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Education:

DY Patil Institute of Management

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

客戶參考

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

BFSI & Govt. Clientele

BSNL

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Malaysia Government Clients

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Malaysia Corporate Clients

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam Product walk thru

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Normal Firewall

• Rule matching criteria - Source address

- Destination address - Service (port) - Schedule

• Action - Accept

- NAT - Drop - Reject

- Identity

Cyberoam - Identity Based UTM

• Unified Threat Controls (per Rule Matching Criteria) - IDP Policy - Internet Access Policy - Bandwidth Policy - Anti Virus & Anti Spam - Routing decision

• However, fails in DHCP, Wi-Fi environment

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Next Generation Layer 7 Firewall

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Port 443

Port 80

443

80

443

80 21

1st Generation Firewalls

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

MailSkype WebBit

Torrent

Application Firewalls – CR Version 9

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

CRM ERPSalesforceYouTubeIM

ApplicationWebmailCasualTraffic

Application Firewall Crowd of Applications Bandwidth Management

Next Generation Firewalls – Version X

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

CRM ERP

Salesforce

YouTube

IM Application

Webmail

CasualTraffic

Application Firewall Crowd of Applications Bandwidth Management

Next Generation Firewalls

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

New Architecture &Firmware

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Salient Features of theNG GUI

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Accordion Menu & TABs for easy navigation of menu items

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Easy Access Top Panel

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Identity-Based Content Filtering

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Database of millions of sites in 82+ categories

Blocks phishing, pharming, spyware URLs

HTTP upload control & reporting

Web and Application Filtering Features

Block & Control Applications such as P2P, Streaming, Videos/Flash

Local Content Filter Database to reduces latency and dependence

on network connectivity.

Customized blocked message to educate users about

organizational policies and reduce support calls

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Identity Based Policies

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Educate Users with Custom Denied Messages and Reduce Your Support Calls

James

http://www.screensaver.com

Dear Mark,

The web site you are trying to access is listed within the category SpywareandP2P

It can result in download of spyware and adware which result in popups. They are a threat to you and the enterprise and can slow the network down.

http://www.screensaver.comhttp://www.screensaver.com

Dear Mark,

The web site you are trying to access is listed within the category SpywareandP2P

It can result in download of spyware and adware which result in popups. They are a threat to you and the enterprise and can slow the network down.

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Key Features

          

Pasted from <http://cyberoam.com/bandwidthmanagement.html>

Application and Identity-based bandwidth allocation

Committed and burstable bandwidth

Time-based, schedule-based bandwidth allocation

Restrict Bandwidth usage to a combination of source, destination and

service/service group

Identity-based Bandwidth Management

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

External Authentication

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Authentication and External Integration

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Advanced Multiple Gateway Features

Schedule based bandwidth assignment

Gateway Alerts on Dashboard

Bandwidth Utilization Graphs

Active-Active Auto Link Failover & Load Balancing

Active-Passive Auto Link Failover

Source & Destination Routing

Support for more than 2+ ISP links

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Gateway Anti-Virus

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Scans WEB, FTP, Pop3, SMTP & IMAP traffic Self-service quarantine area Signature update ever 30 Mins Identity-based HTTP virus reports Disclaimer Addition to outbound emails Spyware and other malware protection including “Phishing” emails Block attachment based on Extensions (exe, .bat, .wav etc)

Gateway Anti- Virus Features

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Gateway Anti-Spam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Spam filtering with (RPD) Recurrent Pattern Detection technology

Virus Outbreak Detection (VOD) for zero hour protection

Self-Service quarantine area

Content-agnostic

Change recipients of emails

Scans SMTP, POP3, IMAP traffic

Gateway Anti-Spam Features

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Protects against Image-based Spam and spam in different languages The spam catch rate of over 98% 1 in Million false positives in spam Local cache is effective for >70% of all spam resolution cases

RPD (Recurrent Pattern Detection)

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Intrusion Prevention System (IPS)

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Multiple and Custom IPS policies Identity-based policies

Identity-based intrusion reporting

Ability to define multiple policies

Reveals User Identity in Internal Threats scenario

IPS Features

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam in Numbers

More than virus signatures in the anti-virus database

URLs categorized in categories

Spam Detection

False Positives

IPS Signatures

500,000

More than 50 Million

82+

* 98%* 1 in million

More than 5500+

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Other Network / System Features

• High Availability (Active-Active / Active-Passive)

• Stateful Failover

• VPN Failover

• Dynamic Routing (RIP, OSPF, BGP)

• NTP Support

• Multiple Configurable Syslog Server Support

• GUI based Real Time Firewall Log

• Roll Back (Roll back to last upgraded version)

… And Much More

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

What is Multi-core:

More than one processors working together to achieve high processing power.

Benefits: Purpose-built Hardware

True Parallel Processing

Each processor is programmed to run tasks parallel

In case of a new attack, Cyberoam appliances do not suffer

from performance degradation associated with switching from

ASIC-based acceleration to general-purpose processors.

Multicore Processor-based Cyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam Reports are placed on Appliance

Other UTMsReporting Module/

Device

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Integrated iView Reporting

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Subscription free On-Appliance Reporting Real-time Monitoring and Alerting

Over 1100+ Drilldown Reports Reports in HTML, MHTML, PDF, & CSV formats & Email Alerts

Web 2.0 GUI and Reporting interface.

iView(Cyberoam Aggregated Reporting & Logging Software)

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Instant Messaging Logging & Control

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Instant Messaging Logging & Control

• Yahoo & Windows Live Messaging• Control Who Communicates with Whom• Control Webcam usage• Control Voice Usage• Individual as well as Group Control

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Control who can chat with whom

Archive Communication

Control communication medium(chat, video, voice)

Data Protection

Productivity

Instant Messaging & Control

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Cyberoam supports IPSec, SSL VPN, L2TP, PPTP

Threat Free Tunneling (TFT) VPN Firewall Management VPN Bandwidth Management VPN Protection – Antivirus / Antispam / IPS / Content Filtering / DoS

VPN Topologies: Road-Warrior (Remote Access), Site to Site Hub & Spoke VPN Failover

Main Mode / Aggressive Mode

Identity based VPN control using xAuth

Local digital certification authority (CA) and support external CA

VPN Features

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

SSL VPN Enhancements• Application Access Mode within Web Browzer

• HTTP, HTTPS• RDP• Telnet , SSH• FTP

• SSL VPN Client• Save Password• Auto Start VPN Connection

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Stability & Performance

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Stability & Performance

• Firmware based approach• ~10 second Soft Reboot Time• Fast GUI Access

• Extensible Architecture vs ASIC• Preparing for upcoming threats

• HTTP Proxy Enhancements for HTTP 1.1 protocol• Extensive Logging and Log Viewer for Instant Troubleshooting• Getting ready for the Enterprise.

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

…And Much More• Role Based Access Control• Multiple Authentication Support for User• External Authentication for Administrator• Customer My Account Revamp• HTTP DDoS attack protection• Naming Firewall Rules for easy troubleshooting• HTTP & FTP scanning over custom ports

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

…And Much More

• Inline Captive Portal• HTTPS

• Super Enhanced Packet Capture Log & Log Viewer• VLAN over WAN• Support for MD5 Authentication for RIP & OSPF• Enhanced IPS Actions

• Drop Connection• Drop Attack Source

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

IPv6 Ready

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

IPV4

Cyberoam – With IPv6 Ready Logo – Only 2

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

IPv6 Ready• Only the 2nd UTM• IPv4IPv6 tunneling• IPv6IPv4 tunneling

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

3G & Wimax USB Card Connectivity

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Version X Summary

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Security

Productivity

Connectivity

• Application Control• SSL (HTTPS)

Scanning• Instant Messaging

Control • Firmware based Approach

• Usable GUI• Performance

• 3G Support• IPv6 Ready• SSL VPN

Application Access Mode

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Overview of Cyberoam’s Security Approach:

Who do you give access to: An IP Address or a User?

Whom do you wish to assign security policies:

Username or IP Addresses?

In case of an insider attempted breach, whom do you wish to

see: User Name or IP Address?

How do you create network address based policies in a DHCP

and a Wi-Fi network?

How do you create network address based policies for shared

desktops?

Cyberoam: Identity-based Security

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Question/Answer Session

Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam

Please visit us at www.secureone.com.my

Thank You