Cyberoam UTM - Unified Threat Management

Comprehensive Network Security
Cyberoam UTM
- An Overview
Rajesh Kannan
Sr. Presales Consultant (Security)
Cyberoam Unified Threat Management

www.cyberoam.com Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.
About Elitecore Technologies

Established in 1999 400+ Employees ISO 9001:2000 certified company Backed by Worlds Largest Private Equity Group ($90bn)
Sales, Distribution Channel & Customers across 75+ countries State-of-the-Art Development Center at Ahmedabad, Gujarat, India Communication - Networks Security - Cyberoam - Network to Endpoint Security - CRESTEL - Telecommunication OSS BSS - EliteAAA - Telecommunication - 24online - Bandwidth Management Solution
www.cyberoam.com
Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.
Elitecore Technologies Ltd. - Products
www.cyberoam.com
Challenges Internet-based Communication

External Threats
Threats
Internal Threats
Internet Communication - Chatting, File Sharing via IM, Webmail
Leakage of confidential information Entry point for spyware, malware Unsafe surfing raises legal liability Illegal music and video downloads Loss of productivity Bandwidth choking
Indiscriminate Surfing - Gaming, Adult content

Need for User Identification in Dynamic Environments

Wi-Fi Networks DHCP Shared Desktops
www.cyberoam.com
External Threats
Threats enter via multiple protocols Spyware infects 25% systems
External Threats
Phishing, pharming, virus, worms

Spam 18.5 per day
Threats
Hacking, Denial of Service, Spoofing
Internal Threats
Spyware
Need for Multiple Security Solutions for Complete Security

But multiple solutions bring high expense and operational problems
High Capital Expense High Operating Expense
Dealing with multiple solution operation, vendors and updates Multiple AMCs (Annual Maintenance Contracts) and subscriptions Multiple reports redundancy lead to excessive time spent in understanding threat patterns
A UTM is an integration of multiple security features in a single box.
IPS Multiple link Management
Firewall Anti-Virus
Bandwidth Management AntiSpam VPN
Content Filtering
www.cyberoam.com
What is a UTM?
Unified Threat Management (UTM) is a comprehensive network security product which integrates multiple security features into a single appliance.
Security Features of a true UTM Appliance 1. Firewall
2. VPN Virtual Private Network

3. Intrusion Prevention System 4. Gateway Level Anti-Virus 5. Gateway Level Anti-Spam 6. Content Filtering 7. Bandwidth Management 8. Load Balancing & Failover
www.cyberoam.com
Why UTM?
Comprehensive Network Security Easy to deploy and easy to manage Cost-effective:
Increased RoI (Return on Investment) and Reduced TCO (Total Cost of Ownership)
www.cyberoam.com
Network overview before and after Cyberoam UTM deployment

Before Cyberoam Deployment
Firewall/VPN Firewall/VPN Pair Pair Mail Mail Filtering Filtering Cluster Cluster Corporate Network Corporate Web Web Network Filtering Filtering ClusterCluster
Internet Internet
IPS Cluster IPS Cluster
AV / AS Cluster AV / AS Cluster
Corporate Network UTM Appliance UTM Appliance Corporate Network
After Cyberoam Deployment
Internet
Internet
Helps reduce total number of boxes, links and subnets
www.cyberoam.com
About Cyberoam
Cyberoam is an Identity based UTM solution that offers Integrated Internet Security with fine granularity through its unique identity - based policies. It offers comprehensive threat protection with: Stateful Inspection Firewall VPN Virtual Private Network Gateway Anti-Virus & Anti-Spyware Gateway Anti-Spam Intrusion Prevention System Content & Application Filtering Bandwidth Management Multiple Link Management On-Appliance Comprehensive Reporting
Why Cyberoam ?
Cyberoam is the only UTM providing Identity Based Security using Layer 8 Technology.
www.cyberoam.com
Identity-based Security
Stamps User Identity Know Who is Doing What Allows Granular controls Ensures Business Flexibility based on work profile Protection in DHCP and Wi-Fi Environment and shared desktops scenarios Complete visibility across corporate & branch offices Allows users to carry their access rights anywhere in the network Single Sign on
www.cyberoam.com
User
Cyberoam Identity Based Security
www.cyberoam.com
Cyberoam Layer 8 Advantage Other UTMs
Cyberoam Authenticates User Login User IP Address MAC Id Session Id
Cyberoam Authorizes
Cyberoam Audits
Intrusion Prevention Identity - based Policies Logs + Reports Anti-Malware Anti-Spam Web Filtering Layer 7 Controls Bandwidth Management & QoS Instant Messaging Archiving & Control Internet Surfing Quota Internet Access Time Internet Data Quota
www.cyberoam.com
www.cyberoam.com
www.cyberoam.com
Identity-Based Firewall
www.cyberoam.com
Normal Firewall Cyberoam - Identity Based UTM

Rule matching criteria - Source address - Destination address - Service (port) - Schedule - Identity Action - Accept - NAT - Drop - Reject
However, fails in DHCP, Wi-Fi Rule Matching Criteria) Unified Threat Controls (per environment - IDP Policy - Internet Access Policy - Bandwidth Policy - Anti Virus & Anti Spam - Routing decision
www.cyberoam.com
www.cyberoam.com
MAC Base Filtering (Layer 2 to Layer 8 Security)
www.cyberoam.com
MAC Based User Identity Control
www.cyberoam.com
CONNECTIVITY Business Continuity High Availability
ICSA Labs Certified Active Active High Availability - Maximizes network uptime - Reduces single-point-of-failure - Ensures continuous Cyberoam security - Ensures business continuity
www.cyberoam.com
CONNECTIVITY Future-ready connectivity IPv6
IPv6 IPv6 Ready gold logo

- Cyberoam identifies and processes IPv6 traffic
Third-party validation
- International Testing Program with 3000+ rigorous test cases
IPv6 compliance to become mandatory in government and other enterprises

- Driven by diplomatic initiatives
www.cyberoam.com
VPN
www.cyberoam.com
Cyberoam VPN
Site-to-Site (Net2Net) connecting Head Office and Branch Offices or Partners Client-to-Site (Road Warrior) connecting mobile workers, customers to the Head Office IPSec L2TP PPTP Next Generation VPN Standard - SSL VPN - Newly integrated featured, free of cost - Clientless VPN Connectivity - Fast, Secure and Reliable
Standards
www.cyberoam.com
Cyberoam VPN Advantages

Threat Free Tunneling The VPN traffic is also subject to Anti-Virus Scanning, Anti-Spam Blocking, Firewall Rules and Content Filtering Policies It is a member of VPN Consortium, so Cyberoam is inter-compatible with any other industry standard VPN devices.
www.cyberoam.com
Content Filtering
www.cyberoam.com
Cyberoam Content Filtering
Web
Millions of websites categorized into 82+ categories Allows custom web categories
To Block Audio, Video or Executable file Types download
File Types
Applications
To Block IM, P2P applications
www.cyberoam.com
Web and Application Filtering Features

Database of millions of sites in 82+ categories Blocks phishing, pharming, spyware URLs
HTTP upload control
Ability to control & Block Applications such as P2P, Streaming, Videos/Flash
Local Database for the content filter reduces latency and dependence
on network connectivity. Customized blocked message to educate users about organizational policies and reduce support calls
Educate Users with Custom Denied Messages and Reduce Your Support Calls
http://www.screensaver.com
James
Dear Mark, The web site you are trying to access is listed within the category SpywareandP2P
It can result in download of spyware and adware which result in popups. They are a threat to you and the enterprise and can slow the network down.
www.cyberoam.com
Content Filtering
Database of millions of sites 82 + categories HTTP upload control Categorizes google cached pages and akamai pages with dynamic URLs Prevents surfing that bypass proxy eg: tunnel proxy utility, open proxy, web based proxy. Local database reduces latency and dependence on network connectivity Category wise customized denied messages
Premium
Certifications
Checkmark Premium Certified for URL Filtering Network Products Guide award - 2008
www.cyberoam.com
User Authentication
www.cyberoam.com
User Authentication
Cyberoam can authenticate users using any of the following: Cyberoam Local Database Windows NT PDC Active Directory LDAP Server RADIUS Server
Types Of Authentication
Normal - Using HTTP client - Using client.exe Clientless - No Authentication Required Single Sign On - Authentication is done in sync with users authentication in domain
www.cyberoam.com
User Based Policies
www.cyberoam.com
Bandwidth Management
www.cyberoam.com
Bandwidth Management
Committed and burstable bandwidth Time-based, schedule-based bandwidth allocation Restrict Bandwidth usage to a combination of source, destination and service/service group
User Identity in Security

Policies by the user identity Application and Identity-based bandwidth allocation
www.cyberoam.com
What does it solve?

Prevents bandwidth choking Assigns bandwidth to critical users and applications supports business agility Controls cost prevents excessive bandwidth usage Cyberoam also offers QoS by providing bandwidth prioritization for mission critical traffic and latency sensitive traffic like VoIP.
www.cyberoam.com
Multi-Link Management
www.cyberoam.com
Multi-Link Management Features

Auto gateway failover Weighted round robin load balancing
Policy routing per application, user, source and destination

Gateway status on dashboard No restriction on number of WAN Ports Schedule based bandwidth assignment
What does it solve?

Provides continuous connectivity through redundant ISP links Security over multiple ISP links
www.cyberoam.com
Multi-Link Configuration
www.cyberoam.com
CONNECTIVITY Network Availability 3G/WiMAX modem support
3G/WiMAX USB Modem Support - High-speed wireless WAN (WWAN) - Wide ISP support - All gateway security features available
Can function as a main or failover link
3G
Gateway Anti-Virus
www.cyberoam.com
Gateway Anti- Virus Features
Scans WEB, FTP, Pop3, SMTP & IMAP traffic Self-service quarantine area Signature update ever 30 Mins Identity-based HTTP virus reports Disclaimer Addition to outbound emails Spyware and other malware protection including Phishing emails Block attachment based on Extensions (exe, .bat, .wav etc)
Gateway Anti-Spam
www.cyberoam.com
Gateway Anti-Spam Features
IP Reputation Filtering to block 85% of incoming messages at entry-point

even before these messages enter the network. Spam filtering with (RPD) Recurrent Pattern Detection technology Virus Outbreak Detection (VOD) for zero hour protection Self-Service quarantine area User based Spam Digest Change recipients of emails
Scans SMTP, POP3, IMAP traffic

Content-agnostic
www.cyberoam.com
RPD (Recurrent Pattern Detection)
Protects against Image-based Spam and spam in different languages The spam catch rate of over 98%
1 in Million false positives in spam

Local cache is effective for >70% of all spam resolution cases
www.cyberoam.com
Antispam Quarantine Area:
www.cyberoam.com
Spam Digest Configuration:
www.cyberoam.com
Intrusion Prevention System (IPS)
www.cyberoam.com
IPS Features
Multiple and Custom IPS policies Identity-based policies Identity-based intrusion reporting
Ability to define multiple policies

Reveals User Identity in Internal Threats scenario
www.cyberoam.com
IPS Features
Cyberoam IPS can log / block all type of applications: Anonymous Surfing: UltraSurf, TOR, Hotspot, FreeGate, JAP All external proxies (Regardless of IP / Port) P2P Applications: BitTorrent, Limewire, Ares, Bearshare, Shareazaa Morpheus, File transfer over MSN, Yahoo, Google Talk Anonymous VOIP: Justvoip, LowRateVOIP
www.cyberoam.com
Cyberoams Customizable IPS Policy
www.cyberoam.com
On-Appliance Reports
www.cyberoam.com
www.cyberoam.com
Traffic Discovery
www.cyberoam.com
Identification of User Surfing Patterns
www.cyberoam.com
www.cyberoam.com
Documents Uploaded across Organization Data Leakage
www.cyberoam.com
Policy violation attempts
www.cyberoam.com
Web Category Visit wise Report
www.cyberoam.com
Cyberoam UTM Appliance Range

Large Enterprises
- CR 1500i - CR 1000i - CR 500ia
Small to Medium Enterprises

CR 300i CR 200i CR 100ia CR 50ia
Small Offices/Remote Offices

- CR 35ia - CR 25ia - CR 15i
Cyberoam UTM Subscription Model

Basic Appliance Features:
1. 2. 3. 4. 5. 6. 7. Identity-based Firewall VPN Free SSL-VPN Bandwidth Management Multiple Link Management On Appliance Reporting Basic Anti-Spam (RBL Service)
Subscription Based Features:

1. Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included) 2. Gateway Anti-Spam Subscription
3. Web & Application Filtering Subscription

4. Intrusion Prevention System (IPS) 5. Tech Support & Warranty 1. 8 x 5 Basic Support (OR)
Bundle Subscriptions:
Total Value Subscription (TVS) Security Value Subscription (SVS) Total Value Subscription Plus (TVSP) Security Value Subscription (SVSP)
www.cyberoam.com
2. 24 x 7 Premium Support
Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis
Cyberoam Certifications
Premium Premium
Anti-Virus
Anti-Spyware
Anti-Spam
URL Filtering
Firewall
VPN
IPS/IDP
UTM Level 5: Cyberoam holds a unique & complete UTM certification
ICSA Certified Firewall
ICSA Certified High-Availability
VPNC Certified for Basic VPN & AES Interoperability
www.cyberoam.com
SC Magazine Five Star Rating Four Times in a Row!

April 2009 Product review Cyberoam CR200i
A lot of functionality, including good integration support, in a single easy-to-use appliance also includes a solid web content filter and blocking for applications such as IM and P2P
December 2008 Product review Cyberoam CR100i

Cyberoam delivers a wealth of features for the price, which include versatile identity- and policy-based security measures
March 2008 UTM Roundup Cyberoam CR1000i

Fully loaded, with many great features packs a more serious punch can restrict or open internet access by bandwidth usage, surf time or data transfer.
July 2007 UTM Roundup Cyberoam CR250i

console is well organized and intuitive to navigate flexible and very powerful this appliance is a good value for almost any size environment.
www.cyberoam.com
Awards
2008 Emerging Vendor of the Year for Network Security
ZDNET Asia- IT Leader Of the Year 2008
SMB Product of the Year
Best Integrated Security Appliance Best Security Solution for Education Best Unified Security
Finalist - 2008 Global Excellence in Network Security Solution
2007, 2008 Finalist Network Middle East Award 2008 Finalist Channel Middle East Award
Tomorrows Technology Today 2007
VAR Editors Choice for Best UTM (2007)
2008 Best Content Filtering
www.cyberoam.com
Global Clientele
www.cyberoam.com
Global Clientele (Contd)
www.cyberoam.com
Indian Top Corporate Clientele
www.cyberoam.com
Defense & Govt. Clientele
BSNL
BFSI Clientele
Bangladesh Bank
www.cyberoam.com
Education Clients
NIT Rourkela
SVNIT
Indian Military Academy
NMIMS
AIIMS
www.cyberoam.com
MS Ramaiah Institute of Technology
Anna Univ
DY Patil Institute of Management
Osmania Univ.
Thank You
Contact: Rajesh Kannan Sr. Presales Consultant (Security) Cell: +91-9600072968 Email: rajesh.kannan@cyberoam.com
www.cyberoam.com

Cyberoam UTM - Unified Threat Management

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Cyberoam UTM - Unified Threat Management

Загружено:

Авторское право:

Доступные форматы

Comprehensive Network Security

Comprehensive Network Security

Cyberoam Unified Threat Management

Comprehensive Network Security

About Elitecore Technologies

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Elitecore Technologies Ltd. - Products

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Challenges Internet-based Communication

Indiscriminate Surfing - Gaming, Adult content

Need for User Identification in Dynamic Environments

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Phishing, pharming, virus, worms

Hacking, Denial of Service, Spoofing

Need for Multiple Security Solutions for Complete Security

Comprehensive Network Security

A UTM is an integration of multiple security features in a single box.

IPS Multiple link Management

Bandwidth Management AntiSpam VPN

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

2. VPN Virtual Private Network

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Network overview before and after Cyberoam UTM deployment

IPS Cluster IPS Cluster

Corporate Network UTM Appliance UTM Appliance Corporate Network

After Cyberoam Deployment

Helps reduce total number of boxes, links and subnets

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Cyberoam Identity Based Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Cyberoam Layer 8 Advantage Other UTMs

Cyberoam Authenticates User Login User IP Address MAC Id Session Id

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Normal Firewall Cyberoam - Identity Based UTM

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

MAC Base Filtering (Layer 2 to Layer 8 Security)

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Comprehensive Network Security

MAC Based User Identity Control

Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.