Cyberoam UTM Appliances

Network Security

Comprehensive Security from Layer 2 to Layer 8

Cyberoam UTM delivers enterprise-class network security with stateful inspection firewall, VPN and IPS, offering the Human Layer 8 identity-based controls and Layer 7 application controls. It ensures high levels of network security, network connectivity, continuous availability and secure remote access with controlled network access to road warriors, telecommuters, partners, customers.

Key Highlights

Shift from Firewall to UTM Security – Cyberoam offers Stateful Inspection Firewall that is tightly integrated with VPN (IPSec & SSLVPN), Intrusion Prevention System, Anti-Virus & Anti-Spyware, Anti-Spam, Web Filtering, Bandwidth Management, Multiple Link Management to provide unified security.

Layer 1 to Human Layer 8 Firewall – Cyberoam UTM’s Stateful Inspection Firewall implements policies based on the Physical Layer 1 to Application Layer 7 and Human Layer 8 with User Identity in addition to source, destination zone, IP address and application. It enables organizations to control access to network resources based on the user identity, work profile and application access requirement of external users like customers and partners, internal LAN users and employees outside the perimeter like road warriors, telecommuters. It also offers user identity-based security in dynamic Wi-Fi, DHCP and shared endpoint environments.

VPN – Cyberoam UTM offers VPNC-certified IPSec and SSL VPN over the UTM appliance, ensuring easy-to-manage secure remote access with high business flexibility while lowering the capital and operating expense involved in deploying dedicated VPN appliances.

IPS – Cyberoam offers advanced Intrusion Prevention System (IPS) carrying thousands of signatures applicable with human and application layer policies to automatically detect and block intrusions, IM and P2P exploits, backdoor attacks and other malware. Cyberoam’s IPS carries HTTP proxy signatures and custom signature capability, offering customized protection to meet the unique security requirements of each organization.

Advanced Network Security – Cyberoam offers advanced network security features to deliver business continuity, faster uptimes, higher network throughput, rapid network growth, meeting the security and regulatory compliance requirements through the following capabilities:

• High Availability with stateful failover
• Dynamic routing
• Multiple VLAN zones to create work-profile based groups across distributed locations
• Virtual host capability, enabling secure hosting of services inside the LAN and DMZ
• Centralized management and logging-reporting

Web & Content Security

Security against web-based threats and data leakage

Cyberoam offers a wide security cover against web-based threats, including the entry of malware, phishing, pharming, intrusions and unauthorized data uploads.

Key Highlights

Wide Security Cover from Web Threats - Cyberoam’s Gateway Anti-Virus & Anti-Spyware scans web, Instant Messaging, HTTPS and FTP traffic, delivering security against emerging malware.

Cyberoam IPS detects, blocks or drops intrusion attempts by detecting anomalous traffic.

Cyberoam Web Filtering detects and blocks third-party proxy and tunneling software, Google cache pages, embedded URLs and ‘safe search’ over search engines to prevent harmful websites from appearing in search results.

Data Leakage Prevention - Cyberoam Web Filtering blocks file uploads over HTTP, HTTPS and FTP while Instant Messaging and Application Visibility & Control block file transfers over IM and P2P applications, ensuring data leakage prevention and meeting HIPAA, CIPA, PCI DSS compliance requirements.

Layer 8 Identity-based Controls - Cyberoam Web Filtering’s Layer 8 Identity-based surfing policies based on user, group, work function, web category and duration or time of the day deliver high flexibility and security.

Coupled with Bandwidth Management which ensures bandwidth availability and data transfer limit based on duration and schedule of access for specific web categories, Cyberoam limits rather than blocks non-productive sites.

Layer 8 Identity-based Reporting - Cyberoam’s on-appliance reporting offers visibility into user and system activity, allowing organizations to take instant and preventive action to meet compliance requirements, enhance web content security and productivity. Based on the Layer 8 Identity-based visibility from Cyberoam reporting, organizations can create policies to prevent illegal download of copyright material, unproductive surfing, high bandwidth-consuming downloads and network attacks. The centralized logging and reporting requirements of enterprises are met by CCC appliances and Cyberoam iView.

Email Security

Security against blended threats and data leakage over emails

Cyberoam offers comprehensive Email Security, preventing sophisticated forms of zero-hour threats and blended attacks involving spam, botnets, phishing, spyware and more.

Key Highlights

Making Best-of-Breed Solutions Redundant – Cyberoam offers comprehensive email security, covering all email protocols – SMTP, POP3 and IMAP – and eliminating the need for investment in expensive best-of-breed email security solutions. Cyberoam simplifies email management by re-routing or copying incoming email messages containing specific keywords about a project, workgroup or topic to the manager or other specified authorities.

Real-time Spam Detection – Recurrent Pattern Detection (RPD)-based Anti-Spam technology from Cyberoam offers real-time spam protection against zero-day spam attacks that carry the highest threat level during the initial few hours.

Outbound Spam Protection – Cyberoam’s Outbound Spam Protection solution protects service providers from recurring incidents of outbound spam in their networks thus avoiding consequences of outbound spam like higher cost of providing service, wastage of operations / IT time, blacklisting of IP addresses, inability to meet SLAs and more, by protecting their server reputation. Read More

Prevents Email Data Leakage – Cyberoam blocks email attachments based on Layer 8 identity-based policies with pre-specified file extensions, eg., .XLS, .EXE, .JPEG to prevent leakage of critical business, financial or design data. Mails of departing employees can be forwarded to business and security managers to prevent potential data leakage.

Email Quarantine – Cyberoam quarantines suspicious spam or virus-laden emails, notifying users through the daily Spam Digest for potential retrieval.

Compliance and Reporting – Cyberoam’s on-appliance reporting allows real-time visibility into email traffic with reports that include top mail users, hosts, applications, senders and recipients, in addition to simplifying audit requests through mail archival. The centralized logging and reporting requirements are met by CCC appliances and Cyberoam iView.

Saves Bandwidth Costs – 90% of unwanted emails are blocked at the Gateway by Cyberoam, significantly reducing bandwidth consumption and optimizing network performance.

Application Security

Take security beyond ports and protocols

Cyberoam delivers comprehensive Application Security against malware, intrusions and data leakage. It controls unauthorized application usage while supporting business-critical applications, secure collaboration, Cloud and SaaS adoption.

Key Highlights

Application Visibility & Control - Cyberoam’s Layer 7 capabilities identify and control applications which use standard Port 80, 443, non-standard ports, port hopping or tunnel through encrypted SSL traffic. Cyberoam implements application-based Bandwidth Management, accelerating critical applications while blocking malware-laden sites through Web Filtering. Organizations can group applications as per their requirements into business-critical, entertainment, communication, collaboration and control access through Firewall policies.

Applications QoS - Cyberoam allows the creation of Firewall rules based on Application-User-Time-Bandwidth, ensuring assured bandwidth for business-critical applications and minimizing the peaks and troughs of bandwidth consumption.

Instant Messaging Controls - Cyberoam scans, logs and controls access to Instant Messaging applications like Yahoo Messenger and Windows Live Messenger. Organizations can implement Layer 8 Identity-based controls by username or IM address over:

• Access to IM applications
• Audio-video chat
• Conversations based on keywords
• File transfer

Data Leakage Prevention - Cyberoam’s Application Visibility & Control can block file transfer over webmails like Gmail and Yahoo, file sharing via P2P applications in addition to the above IM controls, preventing data leakage and helping organizations meet the requirements of regulatory compliance.

Application Security - Cyberoam Firewall blocks games and tunneling software that result in malware entry. Cyberoam scans FTP and encrypted HTTPS / SSL traffic in addition to guarding against web application vulnerabilities which are exploited to launch backdoor, zero-hour attacks. It blocks anomalous traffic through its extensive and constantly updated database of IPS signatures.

Secure Remote Access

Threat-free & Flexible remote access

Cyberoam offers secure remote access for remote offices, road warriors, tele-commuters and business partners, preventing intrusions and malware from entering the central network.

Flexible VPN Options

Cyberoam delivers Any Where, Any Time, Any Device access with a range of VPN options, ensuring uninterrupted business operations, enhanced productivity and lower cost of operations by minimizing travel and infrastructure expenses.

Cyberoam UTM

• IPSec, L2TP, PPTP and SSL VPN over Cyberoam UTM appliance offer cost-effective, secure remote access to organizations
• SSL VPN over Cyberoam UTM appliances delivers flexible client-less VPN access

Dedicated SSL VPN appliances

These appliances from Cyberoam are designed to deliver high performance and scalability for organizations that require high throughput secure access.

Key Highlights

Cyberoam’s IPSec VPN offers site-to-site VPN with cost-effective site-to-site remote connectivity, eliminating the need for expensive private remote access networks like leased lines, Asynchronous Transfer Mode (ATM) and Frame Relay. Automatic failover with L2TP delivers uninterrupted remote connectivity similar to that of leased lines.

Cyberoam SSL VPN offers clientless, web-based access to remote users with the assurance of SSL encrypted security without the complexity of pre-installed IPSec client software over endpoints. With its ability to create an encrypted SSL tunnel through firewalls, Cyberoam SSL VPN overcomes firewall blocks when users work behind a customer or partner firewall. Users can access the corporate network from a range of devices: laptops, desktops, PDAs, smart phones, ipads, iphones and more, functioning with Any Time, Anywhere, Any Device access.

Layer 8 Identity-based Remote Access - Cyberoam offers Layer 8 Identity-based policies to allow organizations to create differential policies based on username and work requirement. Eg. Access to pre-specified applications for partners, full access to telecommuters and more, limiting data leakage and exposure to network threats.

Threat-Free VPN Access - Cyberoam’s Threat Free Tunneling (TFT) technology scans IPSec, L2TP, PPTP and SSL VPN traffic for malware, spam, inappropriate content and intrusions, ensuring protection to corporate resources from threats residing on remote devices.

Dedicated SSL VPN appliances - Banking, financial institutions and e-commerce companies find Cyberoam SSL VPN appliances critical for high performance and high security remote access with easy manageability while enabling secure publishing to applications within the network and over the cloud.

Logging and Reporting - Cyberoam’s Human Layer 8 Identity-based logging and reporting offers comprehensive visibility into VPN traffic, ensuring security and compliance. Cyberoam offers on-appliance reporting over UTM in addition to centralized reporting over CCC appliances and Cyberoam iView.

Logging & Reporting

Flexibility of on-appliance and dedicated reporting

Cyberoam offers real-time visibility into network and user activity with the Human Layer 8 Identity-based reporting, source and destination of attacks, Internet access and bandwidth usage, providing high security, optimal network performance and helping organizations meet regulatory compliance requirements.

Flexible Reporting Options

With real-time logging and reporting capability, Cyberoam manages and archives terabytes of log information and thousands of network reports, offering flexible purchase options to organizations.

• Extensive On-Appliance Reporting over Cyberoam UTM eliminates the need for additional investment. Capturing activity through Cyberoam’s Standard and Subscription features, it offers comprehensive visibility into user and system activity.
• Open Source Logging & Reporting : Cyberoam iView is available over open source for organizations to extend its centralized log management and reporting to meet their unique requirements while minimizing investment.
• Dedicated Appliances : Cyberoam iView appliances offer centralized log management and reporting of remote, multi-vendor security appliances with comprehensive visibility into user and system activity across global locations.

Key Highlights

Granular Reporting - Cyberoam offers real-time graphical reporting with dashboards and drill-down reports to the third level with identity-based information related to network events and user activity. Organizations can easily assess security risks, network resource consumption, employee productivity and more.

Cause-Effect Correlation - Organizations can readily discover disguised threats and correlate them with the cause, maintaining high levels of security.

Layer 8 Identity-based Reporting - Cyberoam offers the Human Layer 8 identity-based reporting, ensuring quick identification and forensics while meeting the requirements of regulatory compliance.

Regulatory Compliance - Cyberoam facilitates compliance with CIPA, PCI DSS, HIPAA, GLBA and SOX regulations, reduces cost of compliance and enables easy demonstration of compliance capability with audit logs and visibility into who accessed what and when.

Forensic Analysis - Cyberoam logging and reporting offers forensic analysis with historic user and system activity, reducing the cost of investigation and minimizing network downtime and future incidents.

Multiple Report Schedules and Formats - Organizations can get on-demand and daily, weekly scheduled reports in PDF, Microsoft Excel, HTML formats.

Web & Email Access - Organizations gain web-based interface for real-time comprehensive view of their network activity across distributed networks as well as reports that can be shared via email with the leadership team.

WAN Connectivity

Assured network uptime - today and tomorrow

Cyberoam UTM provides assured WAN connectivity across multiple WAN links, 3G, WiMAX and IPv6 connectivity in addition to Wi-Fi LAN access, preventing network failures

With always on security, redundancy and high performance networks, Cyberoam UTM delivers assured security and productivity, preventing network slowdown and the resultant financial loss, loss of customers and of company image.

Key Highlights

Assured ROI from Multiple WAN Links - Cyberoam performs load balancing, allowing organizations to distribute traffic to optimize multiple WAN links based on their speed and cost. Cyberoam implements policy-based routing, using Layer 8 Identity-based policies based on users, source IP and protocol. Thus, it prevents overload, lowering response time and providing assured QoS. The result is lower cost of operations and higher ROI.

Link Failover: Assured Connectivity - Cyberoam provides automatic link failover, diverting traffic from a failed link to a working link. Using multiple test methods, Cyberoam detects failure to reach specific applications like Inventory Management, ERP, CRM solutions hosted at a partner network by detecting outages at the organization’s gateway or along the path over the WAN link. It provides continuous secure remote access with automatic failover in case of IPSec and L2TP VPN connections.

3G-WiMAX Wireless WAN Connectivity - Cyberoam supports wireless WAN technologies like 3G and WiMAX, allowing them to be configured as primary or back-up links and providing redundancy. With the WWAN support, organizations gain security in remote locations where wired infrastructure might be unavailable.

IPv6-Ready Connectivity - Cyberoam is IPv6 Ready Gold Logo Certified and carries the ability to identify and process IPv6 traffic, supporting future connectivity needs.

Data Leakage Prevention

Plug leaky networks and endpoints

Cyberoam offers gateway and endpoint Data Leakage Prevention, protecting organizations from data leakage and loss occurring with data transfer over applications and removable storage devices.

Cyberoam Data Leakage Prevention Solutions

Cyberoam data leakage prevention solutions offer Layer 8 Identity-based policies based on username and work requirement to help protect sensitive corporate data, preserve customer data privacy and meet regulatory compliance and security requirements while retaining work flexibility.

• Cyberoam UTM offers gateway data leakage prevention controlling data transfer over email, web mail, file upload and file transfer applications.
• Cyberoam Endpoint Protection offers endpoint data leakage prevention, controlling data transfer from users’ endpoints.

Key Highlights

Email Leakage Prevention - Cyberoam UTM enables organizations to implement Identity-based policies to block attachments and forward email copies of departing and pre-specified employees to their managers and IT security. The result is quick preventive action against data leakage. Email archiving prevents destruction of critical data.

Web Leakage Prevention - Cyberoam UTM prevents file upload over HTTP, Web mail, FTP, P2P and other file sharing applications based on username and work profile.

Instant Messenger Leakage Prevention - Cyberoam UTM blocks chat conversations based on pre-specified keywords and file transfer over IM in accordance with Human Layer 8 Identity-based policies.

Encrypted HTTPS/SSL Protocol Leakage Prevention - Cyberoam UTM controls file upload over HTTPS/SSL websites, preventing misuse of this encrypted medium in the form of unauthorized transfer of sensitive data.

Endpoint Leakage Prevention - Cyberoam Endpoint Data Protection Solution offers control of file transfers over removable devices like USB, MP3, DVD, CDs in addition to IM, email and file-sharing applications. It encrypts and decrypts files over removable devices to limit file access to authorized users. Creation of shadow copies when files are created, modified, transferred or printed ensures that Cyberoam prevents destruction of critical business data. Layer 8 Identity-based visibility and control limits the use of these devices and applications while offering logging, reporting and archiving of user activity over endpoints.

Logging and Reporting - Cyberoam’s Human Layer 8 Identity-based logging and reporting includes chat logs which help in monitoring and taking corrective action. The extensive logs and reports support CIPA, HIPAA, PCI DSS regulatory compliance. Cyberoam offers on-appliance reporting over UTM in addition to centralized reporting over CCC appliances and Cyberoam iView.

Managing Bandwidth

Don't ADD bandwidth. MANAGE it.

Cyberoam’s Layer 8 Identity-based Bandwidth Management delivers assured bandwidth availability to business applications over the Cloud, SaaS deployments and Collaboration and controls bandwidth abuse over P2P and other non-business usage.

Bandwidth Management

Cyberoam optimizes bandwidth usage and prevents network congestion, lowering bandwidth costs. It works in tight integration with Web Filtering, Application and IM controls to support high levels of security and productivity.

Key Highlights

Real-time Visibility into User-Application-Protocol Bandwidth Usage - Cyberoam’s Traffic Discovery offers real-time visibility into network, application and user traffic across Layers 2 to the Human Layer 8, identifying users and applications using excess bandwidth. It provides real-time alerts of unproductive usage and threat incidence, supporting quick response from organizations against compromised devices.

Controls Application and Website Bandwidth Utilization - Cyberoam allows individual or category-based bandwidth limits to applications and websites, enhancing security and productivity. Eg. Committed bandwidth to VoIP; low share to websites with non-business video, music, images; 64 kbps to IM to limit file transfer; nil bandwidth to P2P. Cyberoam allows organizations to limit access to specific applications to certain times of the day with duration limit. Eg. YouTube and Gmail between 5-6 pm.

Controls Layer 8 Identity-based Bandwidth Utilization - Cyberoam allows organizations to assign bandwidth quotas, capping upload and download speeds based on user identity. Committed and burstable bandwidth can be assigned. Eg. Committed bandwidth to CEO, YouTube access to marketing team after business hours, Gmail access only when excess bandwidth is available.

Centralized Management

Simplified security management for distributed locations

Cyberoam delivers centralized visibility and security management for Managed Security Service Providers (MSSP) and enterprises with geographically distributed networks, maintaining high levels of protection against malware and data leakage.

Cyberoam Centralized Security Solutions

Cyberoam’s centralized security and logging-reporting solutions offer visibility and security across distributed networks, enhance productivity and help meet the requirements of regulatory compliance.

Cyberoam Central Console (CCC) appliances offer centralized security visibility and control while lowering Total Cost of Security by eliminating the need for skilled IT manpower at remote locations.

Centralized Logging & Reporting - Cyberoam offers options of centralized logging and reporting with the open source Cyberoam iView and dedicated Cyberoam iView appliances for high performance.