Administrator Guide

Cyberoam’s on-Cloud Management Service
Administrator Guide
Document version 02.03.1 Build 098 -1.0-01/03/2015
Important Notice
Cyberoam Technologies Pvt. Ltd. has supplied this Information believing it to be accurate and reliable at the time of printing, but
is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any
products. Cyberoam Technologies Pvt. Ltd. assumes no responsibility for any errors that may appear in this document.
Cyberoam Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specifications.
Information is subject to change without notice.
USER’S LICENSE
Use of this product and document is subject to acceptance of the terms and conditions of Cyberoam End User License
Agreement (EULA) and Warranty Policy for Cyberoam Network Security Appliances.
You will find the copy of the EULA at http://www.cyberoam.com/documents/EULA.html and the Warranty Policy for Cyberoam
Network Security Appliances at http://kb.cyberoam.com/default.asp?id=487&SID=&Lang=1.
RESTRICTED RIGHTS
Copyright 1999 - 2015 Cyberoam Technologies Private Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of
Cyberoam Technologies Pvt. Ltd.
Corporate Headquarters
Cyberoam House,
Saigulshan Complex, Opp. Sanskruti,
Beside White House, Panchwati Cross Road,
Ahmedabad - 380006, GUJARAT, INDIA.
Tel: +91-79-66216666
Fax: +91-79-26407640
Web site: www.cyberoam.com
1 OF 123
Contents
Overview ......................................................................................................................... 3
About this Guide ............................................................................................................ 4
Guide Organization ..................................................................................................................... 4
Typographic Conventions ......................................................................................................... 5
Report ............................................................................................................................. 5
Introduction ................................................................................................................................. 5
Notation conventions ............................................................................................................... 5
Technical Support ...................................................................................................................... 6
How to Start Using CCMS .............................................................................................. 7
Cyberoam’s on-Cloud Management Service for Partners ....................................................... 7
Cyberoam’s on-Cloud Management Service for Customers ................................................. 14
Manage Cyberoam Network Security Appliance(s) using CCMS ......................................... 18
Manage Cyberoam Network Security Appliance(s) using CCMS .............................. 21
Web Admin Console ................................................................................................................. 22
Connecting Web Admin Console .......................................................................................... 22
Dashboards ........................................................................................................................... 23
Log out procedure ................................................................................................................. 39
Navigating through Web Admin console ............................................................................... 39
Management Console ........................................................................................................... 42
Content Pane ......................................................................................................................... 43
Button bar .............................................................................................................................. 43
Account Management .............................................................................................................. 46
Accounts ................................................................................................................................ 46
Administration ........................................................................................................................ 48
System ................................................................................................................................... 53
Appliance Management............................................................................................................ 55
Appliances ............................................................................................................................. 55
Appliance Discovery .............................................................................................................. 68
Appliance Groups .................................................................................................................. 69
Template ................................................................................................................................ 71
Change Control ......................................................................................................................... 79
Change Control ..................................................................................................................... 79
Export Configuration .............................................................................................................. 85
Group Level Configuration - Dynamic Objects ...................................................................... 86
Individual Appliance Level Configuration .............................................................................. 95
Scheduled Tasks ................................................................................................................. 101
Diagnostics .......................................................................................................................... 102
Appliance Maintenance .......................................................................................................... 106
Backup & Restore ................................................................................................................ 106
Firmware .............................................................................................................................. 108
Maintenance ........................................................................................................................ 109
Appliance Monitoring ............................................................................................................. 111
Graphs ................................................................................................................................. 111
Alerts.................................................................................................................................... 113
Event Viewer ....................................................................................................................... 116
CCMS Monitoring.................................................................................................................... 119
Event Viewer ....................................................................................................................... 119
2 OF 123
Overview
Welcome to Cyberoam’s on-Cloud Management Service guide.
Cyberoam’s on-Cloud Management service (CCMS) is a cloud-based management service for

Cyberoam Network Security Appliances. It allows you to configure and manage multiple Cyberoam
Network Security Appliances across various geographical locations without the need of additional
hardware or software overheads.
Intended audience of this guide are partners who want to become MSSP using Cyberoam’s on-Cloud
Management Service and the customers who want their Cyberoam Network Security Appliance to be
managed by Cyberoam enabled MSSPs.
CCMS provide centralized security management across distributed Cyberoam Network Security
Appliances, enabling high levels of security for MSSPs and large enterprises. With Layer 8 Identity-
based policies and centralized reports and alerts, CCMS provides granular security and visibility into
remote and branch offices across the globe.
With a single, web-based GUI across all security features, CCMS ensures centralized policy
implementation, simplifying security management and maintaining high levels of security across all
customer locations and remote offices despite the lack of technical resources at these locations.
With centralized installation, updates, monitoring, upgrades and visibility into remote networks, CCMS
delivers lower cost of ownership, minimizing investment in remote technical resources.
3 OF 123
About this Guide
This Guide provides information regarding the administration, maintenance, and customization of
Cyberoam’s on-Cloud Management Service and helps you manage and customize Cyberoam’s on-
Cloud Management Service to meet your organization’s security management requirements.
Guide Organization
The Cyberoam’s on-Cloud Management Service Administrator Guide is structured into two parts.
Part 1 - How to Start Using CCMS
This section describes how to enable and use Cyberoam’s on-Cloud Management Service as a
partner or as a customer.
Part 2 - Manage Cyberoam Network Security Appliance(s) using CCMS
This section further covers following sub-sections:

Web Admin Console
This part covers how to start using Cyberoam’s on-Cloud Management Service from web admin
console. This section also describes various components of Web Admin Console.
Account Management
This part covers management of CCMS service network, portal communication and appliance
inventory.
Appliance Management
This part covers various configuration and management operations that can be performed on
Cyberoam appliance(s), which are managed by CCMS. It includes addition, modification, deletion and
configuration of individual appliance and appliance groups.
Appliance Maintenance
This part explains backup restore and firmware options for managed Cyberoam appliance(s).
Appliance Monitoring
This part covers various custom dashboard options and available logs for the managed appliances.
CCMS Monitoring
This part covers activity logs for Cyberoam’s on-Cloud Management Service.
Advanced CCMS Configuration
This part covers various advanced configuration options available in Cyberoam’s on-Cloud
Management Service like adding user, profile creation and linking of user with profile.
4 OF 123
Typographic Conventions
Material in this manual is presented in text, screen displays, or command-line notation.
Item Convention Example

User The end user
Username Username uniquely identifies the user of the system
Part titles Bold and
Report
shaded font
typefaces
Topic titles Shaded font
Introduction
typefaces
Subtitles Bold & Black

typefaces Notation conventions
Navigation link Bold typeface CCMS Management > Administration > Profile
it means, to open the required page click CCMS
Management then Administration and finally click profile
Name of a Lowercase Enter policy name, replace policy name with the specific
particular italic type name of a policy
parameter / Or
field / Click Name to select where Name denotes command button
command text which is to be clicked
button text
Cross Hyperlink in Refer to Customizing User database Clicking on the link will
references different color open the particular topic
Notes & points Bold typeface
to remember between the  Note
black borders
Prerequisites Bold typefaces
between the  Prerequisite
black borders  Prerequisite details
5 OF 123
Technical Support
You may direct all questions, comments, or requests concerning the software you purchased, your
registration status, or similar issues to Customer care/service department at the following address:
Cyberoam House,
Saigulshan Complex, Opp. Sanskruti,
Beside White House, Panchwati Cross Road,
Ahmedabad - 380006, GUJARAT, INDIA.
Tel: +91-79-66216666
Fax: +91-79-26407640
Cyberoam contact:
Technical support (Corporate Office): +91-79-66065777
Email: support@cyberoam.com
Visit www.cyberoam.com for the regional and latest contact information.
6 OF 123
PART
How to Start Using CCMS
1
This section covers steps to become Cyberoam’s on-Cloud Management Service Partner (CCMSP)
and enable CCMS on Cyberoam appliance(s) deployed at customers’ locations.
This section is divided into following sub-sections.
 Cyberoam’s on-Cloud Management Service for Partners

 Cyberoam’s on-Cloud Management Service for Customers
 Manage Cyberoam Network Security Appliance(s) using CCMS
Cyberoam’s on-Cloud Management Service for Partners

Cyberoam’s on-Cloud Management Service (CCMS) enables Cyberoam channel to become MSSPs
to manage multiple Cyberoam Network Security Appliances at customer locations and organizations
with remote locations.
Given below are the registration steps to become MSSP, using Cyberoam’s on-Cloud Management
Service:
Logon to https://partner.cyberoam.com/ using your user credentials.
7 OF 123
After successful logon, you can see a menu in the left panel of the Partner Portal dashboard. Click
Register to proceed.
8 OF 123
Read Terms and Conditions of Cyberoam’s on-Cloud Management Service carefully. Tick ‘I agree to
terms and conditions’ checkbox and click Apply to register yourself to become a Cyberoam’s on-
Cloud Management Service provider.
9 OF 123
Cyberoam team analyses your registration request and sends a confirmation Email containing an
informational video regarding CCMS workflow.
Please visit the link given in the Email to get more information regarding Cyberoam’s on-Cloud
Management Service (CCMS).
10 OF 123
After receiving the confirmation email from Cyberoam team, login to https://partner.cyberoam.com/
using your credentials.
To view and configure CCMS settings, click Manage, under On-Cloud Management from the left
pane menu.
CCMS Settings page allows you to manage administrator users who can access CCMS, customers
who want to avail CCMS service and list of appliances to be managed.
‘Users’ tab of CCMS Settings page displays list of network administrators. Tick checkbox against
usernames to allow them access to CCMS and click Apply to save settings.
Screen – CCMS Settings – Users
11 OF 123
Screen Elements Description
Username Displays network administrator username. Tick checkbox against the

username to allow CCMS access to that user.
First Name Displays first name of the user
Last Name Displays last name of the user
Primary User Displays whether the user is primary or not.
A primary user has complete control over configuration and

management of channel’s CCMS network.
Email Address Email Address of the user

Table – CCMS Settings - Users
‘Customer Enrollment’ tab of CCMS Settings page displays list of partners who are part of your sales
channel.
Screen – CCMS Settings – Customer Enrollment
Partner Name Displays name of the partner.
Email Displays registered Email address of the partner.
Country Displays name of the Country, where the partner is located.
Category Displays category of the partner.

Possible categories:
 National Distributor
 Sub Distributor
 MSSP Partner
 Authorized Partner
 Platinum Partner
 Gold Partner
CCMSP Status Displays whether the partner is CCMS enabled or not.
Manage Click to view list of appliances available with the partner.

Table – CCMS Settings – Customer Enrollment
12 OF 123
Screen – CCMS Settings – Appliance List
Appliance Key Displays appliance key of the Cyberoam Appliance.

‘X’ is used as placeholder to display appliance key.
Select appliance(s) to send CCMS program request.
Customer Name Displays name of the customer.
Email ID/Username Displays registered email ID of the customer.
Status Displays CCMS program request status for the appliance.
If the request has been sent then it displays date of request sent.
Once the request has been accepted, it displays date of service

subscription
Close Button Click to close appliance list
Send Request Button Click to send CCMS program request to the selected appliance(s).
Table – CCMS Settings – Appliance List
13 OF 123
Cyberoam’s on-Cloud Management Service for Customers
The selected Cyberoam customers receive CCMS program request from the Cyberoam’s On-Cloud
Management Service Provider (CCMSP). To avail CCMS service, you are requested to accept CCMS
program request from Customer My Account.
Login to http://customer.cyberoam.com/ using your user credentials.
Go to ‘View Registrations’ tab to view list of registered appliances. You can view the CCMS program
request sent by the CCMSP under ‘Enroll for CCMS’ column.
14 OF 123
Click to view details of the CCMSP.
Click Accept to accept the CCMS program request.
15 OF 123
Read Terms and Conditions of Cyberoam’s on-Cloud Management Service carefully. Tick ‘I agree to
terms and conditions’ checkbox and click Ok to avail Cyberoam’s on-Cloud Management Service.
Once you agree on terms and conditions, service status of your appliance at customer portal changes
immediately.
If you want to unsubscribe CCMS, click Deny.
16 OF 123
Cyberoam team sends you a confirmation Email with instructions to configure your Cyberoam in order
to be managed by the CCMSP.
Go to System > Administration > Central Management to configure central management

server.
 Note:
 CCMS Partners who are using CCMS IP address need to reconfigure their Cyberoam appliances with
FQDN (manageoncloud.cyberoam.com) to continue using CCMS services.
 Cyberoam appliances running with old CyberoamOS version (which does not support FQDN) need to
be re-configured with latest IP address. Please contact Presales team for IP Address.
17 OF 123
Manage Cyberoam Network Security Appliance(s) using CCMS
When the customer accepts CCMS program request, the partner receives a notification with appliance
details. Now the partner can manage subjected appliance(s) using CCMS.
Login to https://partner.cyberoam.com/ using your user credentials and go to On-Cloud

Management > Manage > My CCMS Network to view list of CCMSPs under your service
channel.
Click Connect to CCMS to connect with Cyberoam’s on-Cloud Management Service. It leads you to
the CCMS global dashboard.
CCMS dashboard displays list of CCMS enabled appliances sending heartbeat packet to CCMS
under Appliance Discovery notification list.
Click to add newly discovered appliance(s) to CCMS.
18 OF 123
Appliance Name Specify appliance name, which uniquely identifies the appliance.
Appliance Key Specify appliance key.
IP/Domain Specify IP address of the appliance.
Admin Username Specify Administrator Username of the Appliance.
Password and Confirm Password for the above mentioned Administrator Username of the
Password Appliance.
Communication Mode Specify communication mode to manage Cyberoam appliance from CCMS.
 Central Management will push updates to this Appliance:
Select if the managed Cyberoam appliance is directly accessible
from CCMS i.e. there is no intermediate NAT box. Specify access
protocol and port number to communicate with managed Cyberoam
appliance.
 This Appliance will fetch updates from Central Management

Select if the managed Cyberoam appliance is behind NAT box e.g.
ADSL. In that case:
Managed Cyberoam appliance will first poll CCMS appliance in interval of 1
(one) minute for any configuration updates available.
If the updates are available the managed Cyberoam appliance will pull
those updated configuration settings.
Please refer to http://kb.cyberoam.com for details.
19 OF 123
Template Select configuration template, which has to be applied on the appliance.
Access to User Specify CCMS Administrator who can manage the Cyberoam Appliance
Description Specify description of the Cyberoam appliance
Administrator Click hyperlink to add additional information of CCMS Administrator

Information
Administrator Name Specify name of the CCMS Administrator
Contact Number Specify contact number of the CCMS Administrator
Email ID Specify email ID of the CCMS Administrator
Test Connection Click to test the connectivity between CCMS and appliance.
OK Click to add appliance.
Cancel Click to return on Appliance Management page
Once the appliance is added to CCMS the partner can configure various security settings and
manage the Cyberoam Network Security Appliance.
You can add other appliances in similar way and start managing individual appliance or group of
appliance(s) using CCMS.
20 OF 123
PART
Manage Cyberoam Network
2
Security Appliance(s) using
CCMS
This section describes various configuration and management operations that can be performed on
managed Cyberoam Network Security Appliance(s) using CCMS.
This section has following sub-sections:
 Web Admin Console

 Account Management
 Appliance Management
 Appliance Maintenance
 Appliance Monitoring
 CCMS Monitoring
 Advanced CCMS Configuration
21 OF 123
Web Admin Console
This section describes the features of Web Admin Console of your CCMS.
Web Admin Console is a Web 2.0 based easy-to-use graphical interface used for configuring and
managing your CCMS.
You can connect to Web Admin Console using HTTP or a secure HTTPS connection from any
management computer using web browser Microsoft Internet Explorer 7+ or Mozilla Firefox 3.0+. The
recommended minimum screen resolution for the management computer is 1024 X 768 and 32-bit
true-color.
To connect to the Web Admin Console you require an administrator account and password.
Group Level Dashboard of all the managed Appliances is displayed as soon as you logon to the Web
Admin Console.
Connecting Web Admin Console

The Log on procedure verifies validity of the user and creates a session until the user logs off.
To get the log in window, open the browser and type https://manageoncloud.cyberoam.com . A login
page appears prompting you to enter username and password. Provide your user credentials.
Asterisks are the placeholders in the password field.
Select your preferable GUI language.
Screen - Login
22 OF 123
Login
User name Specify user login name.
Password Specify user account Password.
Language Select CCMS GUI language.
Languages supported:
 English
 French
 Traditional Chinese
 Simplified Chinese
 Hindi
Login button Click to log on to Web Admin Console.
Table - Login screen elements
Dashboards
CCMS displays details of all the added appliances as soon as you log on to Web Admin Console in
the form of Dashboard. CCMS provides three types of dashboards:
 Appliance Group Dashboard – Consolidated dashboard for all the appliances of selected
appliance group or appliance subgroup
 Appliance Dashboard – Dashboard for the selected appliance only
 Template Dashboard – Dashboard for the selected configuration template
Please note that type of displayed dashboard changes, based on the selected appliance group,
subgroup or appliance.
Appliance Group Dashboard

Appliance Group dashboard provides following information corresponding to the selected appliance
group or subgroup:
 Account Information
 Appliance Information
 Model wise Information
 Server Information
 Appliance License Information
23 OF 123
Screen – Appliance Group Dashboard
Account Information
Logged In User Name of the logged in user
Account Name Name of the account holder company

Appliance Information
Total Appliances Total number of appliances in the selected appliance group or
subgroup.
Registered Appliances Total number of registered appliances in the selected appliance
group or subgroup.
Click Registered Appliances hyperlink to view following details of

registered appliances.
 Appliance Name
 Appliance Key
 Company Name
 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Unsynchronized – Click ‘Sync now’ hyperlink to start
synchronization process
 Disconnected
Compatibility:
Possible Status:
24 OF 123
 Compatible
 Incompatible
Unregistered Appliances Number of unregistered appliances in selected appliance group or
subgroup. Click the given link to view following details of
unregistered appliances:
 Appliance Name
 Appliance Key
 Appliance Model
Synchronized Appliances Total number of synchronized appliances in selected appliance
group or subgroup.
Unsynchronized Number of unsynchronized appliances in selected appliance group
Appliances or subgroup. If any of the appliance(s) is unsynchronized then a
hyperlink would be displayed. Click the hyperlink to synchronize
the appliances.
 Following appliance attributes will be displayed:

 Appliance Name
 Appliance Key
 Model
 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
synchronization process.
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Connected Appliances Total number of appliances currently connected to CCMS in
selected appliance group or subgroup.
Click hyperlink to view following details of connected appliances:

 Appliance Name – Name of appliance
 IP Address – IP address of appliance
 Protocol – HTTP/HTTPS i.e. protocol used by appliance to
communicate with CCMS
 Port – Port on which appliance communicates with CCMS
 Status
25 OF 123
Connectivity:
Possible status:
 Connected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Disconnected Appliances Number of appliances in selected appliance group or subgroup,
which are currently disconnected. If any of the appliance(s) is
disconnected then a hyperlink would be displayed.
Click hyperlink to view following details of disconnected

appliances:
 IP Address – IP address of appliance
 Protocol – HTTP/HTTPS i.e. protocol used by appliance to
communicate with CCMS.
 Port – Port on which appliance communicates with CCMS.
 Status
Connectivity:
Possible status:
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Model Wise Information
26 OF 123
Name of appliance model along with total number of appliances of
that model number.
Click hyperlink to view following details of appliance model:

 Appliance Key – Appliance key of the managed appliance
 Company Name – Name of the company where the
managed appliance is deployed
 Model – Model number of the managed appliance
 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Server Information
Time Server (CCMS) time in Day Date Mon YYYY HH:MM:SS format
CCMS Version CCMS version number
Compatible Cyberoam Click to view list of Cyberoam appliance versions which are
Versions manageable through CCMS
Appliance License Information
Gateway Anti Virus Number of appliances in which Anti Virus module is subscribed
and unsubscribed.
Click hyperlink given on number of subscribed and unsubscribed

appliances to view following details:

27 OF 123
 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Gateway Anti Spam Number of appliances in which Anti spam module is subscribed
and unsubscribed.


 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
28 OF 123
 Incompatible
Web and Application Filter Number of appliances in which Web and Application Filter module
is subscribed and unsubscribed.


 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Intrusion Prevention Number of appliances in which Intrusion Prevention System (IPS)
System (IPS) module is subscribed and unsubscribed.


 Status
Connectivity:
Possible status:
29 OF 123
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Web Application Firewall Number of appliances in which Web Application Firewall (WAF)
(WAF) module is subscribed and unsubscribed.


 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
30 OF 123
Out Bound Spam Number of appliances in which Outbound Spam Protection
Protection module is subscribed and unsubscribed.


 Status
Connectivity:
Possible status:
 Connected
 Disconnected
Sync:
Possible status:
 Synchronized
 Disconnected
Compatibility:
Possible Status:
 Compatible
 Incompatible
Table – Appliance Group Dashboard screen elements
Appliance Dashboard
Appliance dashboard displays following information for the selected appliance:
 Appliance Information
 License Information
 Connection Information
 Signature Information
31 OF 123
Screen – Appliance Dashboard

Appliance Information
Company Name Name of the company under whose name appliance is to
be registered.
For unregistered appliances, this field will be blank.

Appliance Name[Edit] Name of the appliance. Click Edit hyperlink to edit the
appliance details.
Appliance Key Appliance key
Model Model number
Location Name of the place where Cyberoam appliance is
deployed.
Firmware Version Firmware version running on the appliance
Time Zone Time zone of the appliance
Date & Time (Time Date and time of appliance in Day Mon DD YYYY
calculated based on CCMS HH:MM:SS format
time)
Last Good Backup Date and time in Day Mon DD YYYY HH:MM:SS format
when last good backup has been taken.
Last Backup Date and time in Day Mon DD YYYY HH:MM:SS format
when last backup has been taken.
Signature Information (This section will be blank if the appliance is not registered)
IPS Signature Version IPS signature database version on the appliance. Click
Synchronize button to update IPS signature database
with latest available database version at upgrade server.
Anti Virus Version Anti Virus engine version on the appliance. Click
Synchronize button to update AV signature database
32 OF 123
with latest available database version at upgrade version.
Webcat Signature version Web category database version on the appliance

Connection Information
Appliance IP/Domain IP address of the appliance
Address
Connection Status Current connectivity status
Possible status:
 Connected
 Disconnected
Synchronization Status Synchronization status
Possible status:
 Synchronized
 Unsynchronized – Click ‘Sync now’ hyperlink to
start synchronization process
 Disconnected
Communication Mode Communication mode to manage Cyberoam appliance
from CCMS:
Available Modes:
 Central Management will push updates to this
Appliance
 This Appliance will fetch updates from Central
Management
Communicate with Communication protocol – HTTP, HTTPS
Cyberoam using
Communication Port Communication port number
Test Connection Click “Test Now” to establish the connection between
Cyberoam and CCMS
License Information
Appliance Registration Registration Status
Status
Possible status:
 Registered E-mail address [License Information] will
be displayed if the appliance is registered. Click
License Information hyperlink to open Customer My
Account page.
 Unregistered
Subscriptions
Web and Application Filter Subscription status
Possible status:
 Unregistered (when appliance is not registered)
33 OF 123
 Subscribed
 Unsubscribed
 Expired
 Trial
Intrusion Prevention System Subscription status
(IPS)
Possible status:
 Subscribed
 Unsubscribed
 Expired
 Trial
Gateway Anti Virus Subscription status
Possible status:
 Subscribed
 Unsubscribed
 Expired
 Trial
Gateway Anti Spam Subscription status
Possible status:
 Subscribed
 Unsubscribed
 Expired
 Trial
8×5 Support Subscription status
Possible status:
 Subscribed
 Unsubscribed
 Trial
 Expired
24×7 Support Subscription status:
Possible status:
 Subscribed
 Unsubscribed
 Expired
Web Application Firewall Subscription status:
(WAF)
34 OF 123
Possible status:
 Subscribed
 Unsubscribed
 Expired
Out Bound Spam Protection Subscription status:
Possible status:
 Subscribed
 Unsubscribed
 Expired
Synchronize Appliance Click to synchronize appliance licenses with Customer
Licenses with Customer My My Account.
Account
CPU Usage for last two hours
Displays line graph for CPU usage for last two hours.
Memory Usage for last two hours
Displays line graph for Memory usage for last two hours.
User Surfing Pattern
Displays Internet surfing pattern of the users in a pie chart.
Interface Status
Displays status of managed appliance’s interfaces with details like Interface Name, MTU,
Interface Speed, MAC Address, and Status of the interface.
Table – Appliance Dashboard screen elements
 Note:
 Widgets and information present on the Appliance Dashboard is dependent on the Appliance
firmware.
Template Dashboard
A template dashboard displays summary of the selected template along with the recent activity log.
To view the details of individual template, go to Policy Configuration > Template, and select a
template. This page displays following information for selected template:
 Template Summary
 Recent Activities
35 OF 123
Screen – Template Dashboard
System Displays name of ‘System’ configurations along with number of entries:

 Administration > Settings
 Administration > Appliance Access
 Administration > Profile
 Configuration > Time
 Configuration > Notification
 Configuration > Messages
 Configuration > Web Proxy
 Configuration > Parent Proxy
 Configuration > Captive Portal
 Maintenance > Updates
 SNMP > Agent Configuration
 SNMP > Community
 SNMP > v3 User
 Certificate > Certificate
 Certificate > Certificate Authority
 Certificate > CRL
 CLI Configuration > CLI Configuration
 CLI Configuration > CTA
Objects Displays name of the ‘Objects’ configurations along with number of
entries:
 Host > IP Host
 Host > IP Host Group
 Host > MAC Host
 Host > FQDN Host
 Host > FQDN Host Group
 Host > Country Host
 Host > Country Host Group
 Services > Services
36 OF 123
 Services > Service Groups
 Schedule > Schedule
 File Type > File Type
Network Displays name of the ‘Network’ configurations along with number of
entries:
 Static Route > Unicast
 DNS > DNS
 DNS > DNS Host Entry
 DHCP > Relay
Identity Displays name of the ‘Identity’ configurations along with number of entries:
 Authentication > Authentication Server
 Authentication > Firewall
 Authentication > VPN
 Authentication > Admin
 Groups > Group
 Users > Users
 Users > Clientless User
 Guest Users > General Settings
 Guest Users > SMS Gateway
 Policy > Access Time Policy
 Policy > Surfing Quota Policy
 Policy > Data Transfer Policy
Firewall Displays name of the ‘Firewall’ configurations along with number of
entries:
 Rule > Rule
 Virtual Host > Virtual Host
 NAT Policy > NAT Policy
 DoS > Settings
 DoS > Bypass Rules
VPN Displays name of the ‘VPN’ configurations along with number of entries:
 Policy > VPN Policy
 IPSec > IPSec Connection
 L2TP > L2TP Configuration
 L2TP > L2TP Connection
 PPTP > PPTP Configuration
IPS Displays name of the ‘IPS’ configurations along with number of entries:
 Policy > IPS Policy
 Custom Signature > Custom Signature
Web Filter Displays name of the ‘Web Filter’ configuration along with number of
entries:
 Settings > Settings
 Category > Web Filter Category
 Category > URL Group
 Policy > Web Filter Policy
Application Filter Displays name of the ‘Application Filter’ configuration along with number
37 OF 123
of entries:
 Category > Application Filter Category
 Policy > Application Filter Policy
WAF Displays name of the ‘WAF’ configurations along with number of entries:
 Web Servers > Web Servers
 Web Servers > Exceptions
 Global Settings > Global Settings
IM Displays name of the ‘IM’ configurations along with number of entries:
 IM Contact > IM Contact
 IM Contact > IM Contact Group
 IM Rules > Login
 IM Rules > Conversation
 IM Rules > File Transfer
 IM Rules > Webcam
 Content Filter > Content Filter
QoS Displays name of the QoS configuration along with number of entries:
 Policy > Policy
Anti Virus Displays name of the ‘Anti Virus’ configurations along with number of
entries:
 Mail > Configuration
 Mail > SMTP Scanning Rules
 Mail > Address Group
 HTTP/S > HTTP Scanning Rules
 HTTP/S > HTTP Scanning Exceptions
 FTP > FTP
Anti Spam Displays name of the ‘Anti Spam’ configurations along with number of
entries:
 Configuration > Configuration
 Configuration > Address Group
 Configuration > Email Archiver
 Spam Rules > Spam Rules
 Spam Digest > Spam Digest Settings
 Trusted Domain > Trusted Domain
Logs and Reports Displays name of the ‘Logs and Reports’ configurations along with number
of entries:
 Configuration > Syslog Servers
 Configuration > Log Settings
Confirm Button Confirm the template to be exported
Cancel Button Cancel export
Table – Template Dashboard screen elements
38 OF 123
Appliance Monitor Graph
Appliance Monitoring Graphs provide visibility of security alerts, resources and license status of
managed Cyberoam appliances at a single glance.
Click given on the button bar. These graphs display top 20 (twenty) appliances with highest
number of security, resource and license alerts. These graphs are refreshed in interval of 5 minutes.
Log out procedure

To avoid un-authorized users from accessing Cyberoam’s on-Cloud Management Service, log off
after you have finished working. This will end the session and exit from CCMS.
Navigating through Web Admin console

The three parts of the Web Admin Console:
 Main Menu tree
 Content Pane
 Button bar

Use the menus, lists, and configuration pages to configure most settings. Configuration made through
Web Admin Console take effect after some time as it takes time to copy the entire configuration on to
the appliance.
Main Menu
On the left side of the Web Admin Console is a tree, which allows navigation to the various
functionalities.
The Main menu consists of two menu items: Policy Configuration and Management Console. Policy
Configuration menu tree allows you to navigate through pages through which you can manage
appliances while Management console menu tree allows you to navigate through pages through
which you can manage CCMS itself.
On clicking menu item, related management functions are displayed as submenu items in the menu
tree itself. On clicking submenu item, all the associated tabs are displayed as the horizontal menu bar
on the top of the page. To view page associated with the tab, click the required tab.
39 OF 123
The Main menu tree expands and contracts dynamically when clicked on without navigating to a
submenu. When you click on a top-level heading, it automatically expands that heading and contracts
the heading for the current page. To navigate to a new page, first click on the heading, and then click
on the submenu you want navigate to. Breadcrumbs on the top of the Content Pane displays the
entire navigation path.
Functions are grouped in such a way that the tree does not continue below the bottom of your
browser.
Policy Configuration
CCMS Policy Configuration allows sorting of the added appliances on the basis of different criteria for
better visibility and permits enforcement of global policies for security features like Firewall, VPN,
Intrusion Prevention System, Application filter, Anti-spam and Anti-virus on them. It also allows the
administrator to create and implement multiple QoS policies to stop bandwidth abuse in organization
to ensure productivity of the employees.
As soon as appliances are added to CCMS, CCMS connects to the Appliance and starts
synchronization process and the status of the appliance changes to . In the synchronization
process, CCMS updates its local copy as per the information provided by the Appliance. Once the
synchronization is successful, status changes to . CCMS maintains the mirror or duplicate copy of
the Appliance configuration. However, the appliance copy is always considered as the master copy. If
due to any reason, synchronization process fails, appliance status changes to .
Once the appliances is added and synchronized, appliance sends the information like appliance
health, network information, various attacks and threats identified by the appliance to CCMS through
heartbeat at the regular interval.
Policy Configuration has following management tabs:

 Appliance Group : To view and manage added appliances based on firmware, models etc
 Template: To create and export various configuration templates on selected appliance(s) or
appliance group(s)
 Policy : To create and enforce various policies on selected appliance(s)
Appliance Group
For managing and monitoring purpose, CCMS groups all the managed appliances into various
groups. Use Appliance Group drop down to view list of all the groups. Three level collapsible tree of
Appliance Group is displayed as Group > Sub Group > Appliance. Use to expand and to close
the tree.
By default, CCMS has three Appliance Groups:

 All Managed Appliances – Displays list of all the appliances by name and their status
 All Firmware Versions – CCMS automatically groups all the appliances added in CCMS as per
the appliance firmware version. To view the firmware version wise grouping, under the
Appliance Group, click All Firmware Version. Click to expand the tree and view list of
appliance(s) that are grouped under each firmware. It displays name and status of the
appliance. E.g. Below given image, shows total 3 appliances are added and are grouped as per
the firmware version. One appliance of firmware 10.01.2 build 158 and two of 10.02.0 build
224.
40 OF 123
Screen – All Firmware Versions
 All Appliance Models – To view the appliance model wise grouping, under the Appliance
Group, click All Appliance Models Version. Click to expand the tree and view list of
appliance(s) that are grouped under each model. It displays name and status of the each
appliance. E.g. Below given image, shows total 3 appliances are added and are grouped as per
the appliance model number.
Screen – All Appliance models
Tree displays status of the appliances as
 Connected and synchronized
 Disconnected and synchronized
 Connected and unsynchronized.
 Disconnected and unsynchronized

 Disconnected
If the appliance is unsynchronized, click ‘Sync now’ hyperlink on Appliance Dashboard, under
Connection Information section to start synchronization process.
CCMS allows you to create custom Appliance Groups based on various criteria like Department,
Country etc. One can directly manage an appliance or appliance group from Policy Configuration
menu by clicking or from Management Console > Appliance Management >
Appliance page.
41 OF 123
Screen – Add and Manage Appliance(s) and Appliance Group(s)
CCMS allows following types of configuration:

1. Group level configuration - configuration to be applied to all the appliances in the group
2. Subgroup level configuration - configuration to be applied to all the appliances in the sub group
3. Appliance level configuration - configuration to be applied to the individual appliance only
Policy
Policy tab enables administrator to set group level as well as appliance level configuration. Policy tab
provides option to manage and configure:
 Basic Network settings
 Administrators access privileges
 Firewall rules and its objects – host, virtual host, services
 User authentication
 Web and application filter policies
 VPN policies
 IPS policies
 IM and QoS policies
 Spam and virus scanning rules
 Analyze appliance logs and many more.
Template
A template is a set of most commonly used objects, services and configurations. CCMS allows
administrator to store the most common configuration settings of Cyberoam appliances in the form of
template. The administrator can directly export the objects, services and configuration stored in a
template to selected appliance(s) or group of appliance(s). Templates can be default or user defined.
Configuration within the template can also be default or user defined.
 Template Dashboard
Management Console
Management Console menu is used to manage and configure the basic system options for the
42 OF 123
CCMS. This includes the basic network settings to connect the CCMS to the corporate network, the
configuration of administrators and their access privileges, managing and updating firmware for the
CCMS as well as managed Cyberoam appliance(s).
 Account Management
 Event Viewer
Content Pane
The centre part of the page is content pane that changes according to the menu item and tab.
Information of the menu is displayed in the content pane, which includes list of managed appliances
and configuration screens.
Button bar
The Button bar on the upper rightmost corner of every page provides access to several commonly
used functions like:
 Appliance Search – Specify a search string and click to search appliance(s) in CCMS
Appliance(s) can be searched on following criteria:
o Appliance Name
o Model
o Appliance Key
o Firmware
o Company
o City
o State
o Country
o Anti Virus
o IPS
o Web Category
By default, it yields results based on Appliance Name. Results display following information in tabular
form:
o Appliance Name
o Appliance Key
o Company Name
o Status
o Firmware
Click Appliance Name to locate appliance in the appliance tree.
 Dashboard – Click to view Dashboard

 Appliance Monitor Dashboard – Click to view status of following services for managed
appliances:
o Security – Displays list of appliances which have maximum number of security alerts.
Available Security Criteria:
 HTTP Attacks – Ratio of Web viruses to entire Web traffic.
43 OF 123
 Mail Attacks – Ratio of Email viruses to entire Email traffic.
 Spam Attacks – Ratio of Spam emails to entire Email traffic.
 Web Usage Health – Ratio of ‘Unhealthy’ and ‘Unproductive’ Web surfing to
entire Internet surfing. Click to view User Surfing pattern pie chart on
Appliance Dashboard.
 IPS Alerts – IPS attacks stopped by managed Cyberoam appliances.
o Resource – Displays list of appliances which have maximum number of resource
utilization alerts.
Available Resources:
 CPU – Click to view line graph for CPU usage for last two hours on Appliance
Dashboard.
 Memory – Click to view line graph for Memory usage for last two hours on
Appliance Dashboard.
 Disk (Report)
 Disk (Config)
o License – Displays list of appliances which have maximum number of subscription
expiry alerts.
Available Subscriptions:
 Anti Spam
 Anti Virus
 IPS
 Web Category
 8*5 Support
 24*7 Support
 WAF
 Outbound Anti Spam
By default it displays 15 (Fifteen) appliances with highest number of alerts, but the administrator can
load details of maximum 60 (sixty) appliances in batch of 15 each.
 Alert – Click to view list of alerts generated by CCMS.
 Appliance Discovery Notification – Click to view list of appliances sending heartbeat

packet to the CCMS appliance
 Error Notification – Displays total number of generated errors. Click icon to view error
description.
 Logout – Click Logout icon to log out from the Web Admin Console.
 Click to view more options:
 Support – Click icon to open the customer login page for creating a Technical Support
Ticket. It is fast, easy and puts your case right into the Technical Support queue.
 Help – CCMS includes a Web-based help online help, which can be viewed from any of the
page of Web Admin console. Click icon to open the context-sensitive help for the page.

Common Icons in the Web Admin Console

Given below are the functions of common icons used in the Web Admin Console:
 Add – You can add a new entity like user, policy, and host by clicking the Add button. Clicking
the button will either open a new page or pop-up window.
 Edit / – All the editable entities are hyperlinked. You can edit any entity either by clicking the
44 OF 123
hyperlink or Edit icon
 Delete/ – You can delete entity by clicking the Delete Icon. Use checkbox to select entity or
multiple entities to be deleted.
 Synchronize/ – You can synchronize configuration of selected entities of managed
appliance(s) with the configuration available in CCMS.
 Expand/Collapse icons – Clicking on the parent record displays its child records.
Navigating through Tables

With this user interface, configuration details and log entries are presented in a tabular format. Table
Navigation Bar on the upper right top corner of the table provides navigation buttons for moving
through table pages with large number of entries. Table Navigation bar also includes an option to
specify the number entries/records displayed per page.
Screen – Table Navigation
45 OF 123
Account Management
Account Management allows configuration and administration of CCMS for secure and remote
management as well as administrative privilege that you can assign to admin users. It also provides
configuration of several non-network features, such as service network and portal settings.
Accounts
Accounts section allows you to view list of companies (Distributors/Partners/Resellers) and manage
their respective appliances, which are part of CCMS service network. It also allows configuration and
synchronization of Partner Portal with CCMS.
Go to Management Console > Account Management > Accounts to view following

pages:
 Service Network
 Portal communication
 Appliance Inventory
 Settings
Service Network
Service Network page allows the CCMS administrator to view the list of account holder companies,
which are part of CCMS service network. It displays the list of companies
(Partner/Distributor/Reseller) in hierarchy.
Individual CCMS administrator(s) of account holder companies can only view their respective service
network.
Screen – Service Network
Portal Communication
This page allows Administrator to configure IP address or domain name for Partner Portal access.
The administrator can synchronize CCMS with available updated information on partner portal and
can override all current configurations by synchronizing all the appliances available on Partner Portal.
Go to Management Console > Account Management > Accounts to configure IP

address or domain name for Partner Portal and synchronize the CCMS with updated information
available on partner portal.
Screen – Portal Communication
46 OF 123
Settings
Time Zone Settings
CCMS current time zone can be set by using Time Zone Settings so that logs show the precise time
based on the specified time zone.
To configure time settings, go to Management Console > Account Management >

Account > Settings.
Screen – Settings
Appliance Inventory
This page displays the list of appliances, which are available for management through CCMS.
Use Appliance Inventory page to view and manage Cyberoam appliances to the CCMS.
From Appliance Inventory page you can:
 Add
 View
View Appliances available in Inventory
To view available appliances to CCMS, go to Management Console > Account

Management > Accounts.
Screen – View Appliances available in Inventory
Appliance Key Appliance Key of the appliance. This field displays appliance
keys of both the appliances if the appliance is deployed in High
Availability Mode.
Company Name of the company which owns the appliance
Contact Person Name of the contact person from the company
Contact Number Contact number of the company
Add Icon Click to add appliance in CCMS

Table – View Appliance Inventory
47 OF 123
Administration
This menu covers general configuration of CCMS including adding administrators. Role-based
administration capabilities are provided to offer greater granular access control and flexibility.
 Access Profile
 User
 Live Users
Access Profile
Use Profile page to create profiles for Administrators. Role-based administration capabilities are
provided to offer greater granular access control and flexibility. Profile sets up access levels for the
administrative users. Profile determines the privileges of the administrator and the administrator’s
access to Cyberoam appliance features.
Access profile page is divided into access control categories for which you can enable None, Read-
only, or Read-Write access.
For ease of use by default, CCMS has “Administrator” profile with full privileges.
To manage default and custom profiles, go to Management Console > Account

Management > Administration > Access Profile. You can:
 Add
 View
 Edit – Click the Edit icon in the Manage column against the profile to be modified. Edit
Profile is displayed which has the same parameters as the Add Profile page.
 Delete – Click the Delete icon in the Manage column against a profile to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the profile. To
delete multiple profiles, select them and click the Delete button.
 You cannot delete the default profiles.

 You cannot delete profile assigned to any user.
Manage Profile
To manage default and custom profiles, go to Management Console > Account

Management > Administration > Access Profile
Screen – Manage Access Profile
48 OF 123
Add Button Add a new profile
Profile Name of the profile
Edit Icon Edit the profile
Delete Button Delete the profile

Table – Manage Access Profile screen elements
Profile Parameters
To add or edit profiles, go to Management Console > Account Management >

Administration > Access Profile. Click Add Button to add a new profile or Edit Icon to modify
the details of the profile.
Screen – Add Access Profile
Add Profile
Profile Name Name to identify the profile. By default CCMS has two profiles.
 Administrator – super administrator with full privileges
 Appliance Administrator – read-write privileges for
selected appliance(s)
Policy Configuration Profile Configuration access covers access to following menu
items of CCMS:
 Dashboard
 Objects
 Network
 Firewall
 Console Access from GUI
 Web Filter
49 OF 123
 Application Filter
 IM
 QoS
 Traffic Discovery
 System
 Identity
 VPN
 IPS
 Anti Virus
 Anti Spam
 Logs & Reports
 WAF
Click on the access level you want to provide to a profile.

Available Options:
 None – No access to any page

 Read-Only – View the pages
 Read-Write – Add or Modify the details
Access levels can be set for individual menus as well. You can
either set a common access level for all the menus or
individually select the access level for each of the menu.
Click on icon against a menu to view the items under that

menu.
For example, if you set access level as Read-Only against

VPN, the profile user would only be able to view the VPN
menu but would not be able to make any modifications. Read-
Write access is required to make any modifications.
Management Console Management Console access covers access to following

menu items of CCMS:
 Central Management
 Event Viewer
Table – Add Access Profile screen elements
Users
Use User page to add administrator users. It allows configuring administrator access to the Cyberoam
appliance, including the level of access and which Cyberoam appliances administrator have access
to. All administrator settings can be configured only when you are logged in as the admin
administrator. The admin administrator is the only user with complete access to the entire CCMS
options.
To manage users, go to Management Console > Account Management >
Administration > User. You can:
 Add
 View
50 OF 123
 Edit – Click the Edit icon in the Manage column against the User Name to be modified. Edit
User page is displayed which has the same parameters as the Add User window.
 Search – Click the Search icon in the User Name column to search for users with the
following criteria: is, is not, and contains. A pop-up window is displayed that has filter conditions
for search. Click OK to get the search results and Clear button to clear the results.
Search Criteria Search Results
is All the Usernames that exactly match with the string

specified in the criteria.
For example, if the search string is “John, only

Usernames with the name exactly matching “John” are
displayed.
is not All the Usernames that do not match with the string
For example, if the search string is “John, all Usernames

except the name exactly matching “John” are displayed.
contains All the Usernames that contain the string specified in the
criteria.
For example, if the search string is “John”, all the

Usernames containing the string “John” are displayed.
Table – Search Criteria
Manage Users
To manage users, go to Management Console > Account Management >

Administration > User.
Screen – Manage User
User Name Name for the User
Email ID Email address of the user
Profile Profile applied to the user
Status Current status of the user.

Possible status:
 Active
 Inactive
Table – Manage User screen elements
51 OF 123
User Parameters
To edit user details, go to Management Console > Account Management >

Administration > User. Click user hyperlink to modify the details of the user.
Screen – Edit User
Access Profile Select the Profile.
Administrator will get access of various Web Admin console

menus as per the configured profile.
You can create a new profile directly from this page itself and
attach to the user.
Accessible Appliance Select Cyberoam appliances. Administrator will be able to

manage only the selected appliances.
Table – Edit User screen elements
Live Users
Live Users page displays list of currently logged on users and their important parameters. Use Live
User page to manage live users of CCMS.
To manage live users, go to Management Console > Account Management >

Administration > Live Users. You can:
 View
 Details - Click Live user hyperlink to view live user details
Manage Live Users
To manage live users, go to Management Console > Account Management >

Administration > Live Users
Screen – Manage Live Users
52 OF 123
Username Username, which uniquely identifies user and used for login.
Profile Profile of the live user
Host IP IP address of the host from where the user is logged in.
Table – Manage Live User screen elements
Live User Parameters
To edit live user details, go to Management Console > Account Management >
Administration > Live Users. Click user hyperlink to edit user parameters.
 Note:
 Admin user cannot be deleted.
System
API Explorer
CCMS can be integrated with any Professional Services Automation solution (PSA) by using
Application Programming Interface (API) of CCMS. API Explorer page enables the administrator to
access CCMS’s XML based API to retrieve a certain set of information from CCMS.
CCMS API supports ‘get’ API request type to retrieve the information.
To access CCMS API, go to Management Console > Account Management > System
> API Explorer.
Screen – API Explorer

API Request Write XML query for API request.
Based on the written XML query, API response will be
53 OF 123
displayed in the response box.
Submit Click to submit XML query
API Response
Displays response of submitted XML query.
Table – API Explorer
54 OF 123
Appliance Management
Appliance management enables administrator to add and manage appliances. Once the appliances
are added, they can be organized into groups as per the requirement and add dynamic objects. Once
the appliance is added, administrator can select the appliance from the Appliance tree and configure
appliance. As CCMS acts as backup repository, administrator can take backup, save the backup for
the later use or, restore and apply the backup to a single appliance or group of appliances. Apart from
backup, administrator can also download and upgrade to the latest firmware.
Use the Appliance menu to add Cyberoam appliances to the CCMS. Once you have added the
appliances and organized them into groups, you can configure single appliance or groups of
appliances.
Appliances
Use the Appliances page to view and manage the list of Appliances added to CCMS.
To view or manage appliance details, go to Management Console > Appliance

Management > Appliance(s) > Appliances. You can:
 Add Appliance from Inventory - Click to add an appliance from the list of appliances available in
inventory. You will be redirected to the Appliance Inventory page, use the Appliance Inventory
page to add the appliances available in the inventory.
 Reboot Appliance - Click to reboot the appliance immediately or set Schedule to reboot the
appliance. You can choose to schedule the reboot process as per the appliance time. You can
use to reboot the appliance.
 View
 Edit – Click the Edit icon in the Manage column against the appliance to be modified. Edit
Appliance page is displayed which has the same parameters as the Add Appliance window.
 Search – Click the Search icon in the Appliance Name column to search for specific
appliance. Appliance can be searched on the following criteria: is, is not and contains. A pop-up
window is displayed that has filter conditions for search. Click OK to get the search results and
Clear button to clear the results.
is All the appliance names that exactly match with the

string specified in the criteria.
For example, if the search string is “CRAppliance”,

only that appliance will be displayed whose name
exactly matches with the search string -
“CRAppliance”.
is not All the appliances that do not match with the string
For example, if the search string is “CRAppliance”, all

the appliances except with the appliance whose
name exactly matches with the search string -
“CRAppliance”.
55 OF 123
contains All the appliances that contain the string specified in
the criteria.
For example, if the search string is “CRAppliance”, all

the appliances containing the string “CRAppliance”
are displayed.
 Delete – Click the Delete icon in the Manage column against the appliance to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the appliance. To
delete multiple appliances, select them and click the Delete button.
 Reboot – Click to reboot the selected appliance(s) immediately or set schedule to reboot the
appliance(s).
 More
1. Add Appliance Wizard
2. Export > Appliance List
3. Export > Appliance IP Change Report
View list of Appliances added to CCMS
To view added appliances, go to Management Console > Appliance Management >

Appliances > Appliances.
Screen – Appliance Management
Appliance Name Name for the Appliance
Appliance Key Appliance Key of the appliance. This field displays appliance keys
of both the appliances if the appliance is deployed in High
Availability Mode.
IP/Domain IP address assigned to the WAN port of the Appliance
Status
Conn Current Connectivity status i.e. whether appliance is currently

connected to the CCMS or not
Possible status:
 Connected
 Disconnected
Sync Status Synchronization status

Possible status:
56 OF 123
 Synchronized
 Disconnected
Comp Compatibility status

Possible status:
 Compatible
 Incompatible
Firmware Appliance firmware
License Information License information for various subscriptions:
Available subscriptions:
AV, AS, IPS, WAF, Outbound Anti Spam, Web & Application
Filter, 24×7, 8×5 support
Possible status:
 : Trial
 : Registered
 : Expired
Access Protocol Protocol and Port number used to communicate with the
appliance
Appliance Status Appliance Registration status
Possible status:
 Registered
 Unregistered
Model Appliance model number
User Name Name of the administrator user

Table – Appliance Management screen elements
Edit Appliances
To edit appliance details, go to Management Console > Appliance Management >

Appliances > Appliances. Click Edit Icon to modify the details.
57 OF 123
Screen – Edit Appliance
Appliance Name Specify appliance name, which uniquely identifies the

appliance
Appliance Key Specify appliance key
IP/Domain Specify IP address of the appliance
Admin Username Specify Administrator Username of the Appliance
Password and Confirm Password for the above mentioned Administrator Username of
Password the Appliance
Communication Mode Specify communication mode to manage Cyberoam appliance

from CCMS.
Appliance:
Select if the managed Cyberoam appliance is directly

accessible from CCMS i.e. there is no intermediate NAT box.
Specify access protocol and port number to communicate with
managed Cyberoam appliance.

Management
Select if the managed Cyberoam appliance is behind NAT box
e.g. ADSL. In that case:
1. Managed Cyberoam appliance will first poll CCMS
appliance in interval of 1 (one) minute for any configuration
updates available.
2. If the updates are available the managed Cyberoam
58 OF 123
appliance will pull those updated configuration settings.
Template Select configuration template which has to be applied on the

appliance
Access to User Specify CCMS Administrator who can manage the Appliance
Description Specify description of the CCMS
Administrator Information Click hyperlink to add additional information of CCMS

Administrator
Administrator Name Specify name of the CCMS Administrator
Contact Address Specify contact address of the CCMS Administrator
Email ID Specify email ID of the CCMS Administrator
Customer Information Click hyperlink to view customer information of CCMS

customer
Company Name Displays name of the CCMS customer company
Contact Number Displays contact number of the CCMS customer company
Test Connection Click to test the connectivity between CCMS and appliance
OK Click to add appliance
Cancel Click to return on Appliance Management page

Table – Edit Appliance screen elements
Add Appliance Wizard

The Add Appliance Wizard takes you step-by-step through process of appliance addition and
configuration of certain core features of appliance management like firmware backup & restore and
template configuration.
Wizard is divided into six sections:

 Appliance
 Communication
 Firmwares
 Backup
 Template
 Summary
Go to Management Console > Account Management> Appliance Management >

Appliances. Click More and follow the below given steps.
You can also run Add Appliance Wizard from Appliance Discovery notification.
Add Appliance Details using Wizard
59 OF 123
Screen – Appliance Information
60 OF 123
Appliance Name Specify appliance name, which uniquely identifies the

appliance.
Appliance Key Specify Appliance Key. If you are running the wizard from
Appliance Discovery notification then this field will reflect
appliance key automatically.
IP/Domain Specify IP address assigned to the WAN Interface of the

appliance.
Admin Username Specify Administrator Username of the Appliance.
Password and Confirm Password for the above mentioned Administrator Username of
Password the Appliance.
Enable Change Control Enabling Change Control allows the administrator to maintain
(CCL) list of configuration revisions. Configuration Revisions are the
configuration changes synchronized by CCMS.
The administrator can update the CCL settings from

Management Console > Applaince Management >
Change Control Settings page.
Description Specify description of the CCMS appliance.
Administrator Information Click hyperlink to add additional information of CCMS

Administrator.
Administrator Name Specify name of the CCMS Administrator.
Contact Number Specify contact number of the CCMS Administrator.
Email ID Specify email ID of the CCMS Administrator.
Test Connection Click to test the connectivity between CCMSand appliance.
OK Click to add appliance.
Cancel Click to return on Appliance Management page.
Next Click Next to go to Communication Mode details.
Done Click to complete the wizard.
Table – Appliance Information
61 OF 123
Configure Communication Mode Details using Wizard
Screen – Define Communication Mode
Communication Mode Specify Appliance communication mode to manage Cyberoam

appliance from CCMS.
Appliance:
Select if the managed Cyberoam appliance is directly
accessible from CCMS i.e. there is no intermediate NAT box.
Specify access protocol and port number to communicate with
managed Cyberoam appliance.

Management
Select if the managed Cyberoam appliance is behind NAT box
e.g. ADSL. In that case Managed Cyberoam appliance will first
poll CCMS in interval of 1 (one) minute for any configuration
updates available. If the updates are available the managed
Cyberoam appliance will pull those updated configuration
settings.
Access Protocol Specify Protocol that is to be used to access the Appliance for
pushing configuration and synchronizing i.e. Protocol used to
communicate with the appliance.
Access Port Specify Port through which Appliance and CCMS should
62 OF 123
communicate.
Users Specify CCMS Administrator who can manage the Appliance.
Back Click Back to go to Add Appliance Details.
Next Click Next to go to Firmware Management.

Table – Define Communication Mode
Firmware Management using Wizard
Screen – Upgrade Appliance Firmware
Current Firmware in Displays current firmware version of managed Cyberoam

Appliance appliance and availability of latest Cyberoam firmware version.
Latest Applicable Firmware If the appliance model is already added in CCMS the latest
for Appliance version will be displayed automatically else click ‘Check for
Upgrades’ to check availability of latest firmware version.
Do you want to upgrade the To upgrade the appliance with latest available firmware click
appliance Yes.
By default, it is disabled.
Back Click Back to go to Communication Details.
Next Click Next to go to Backup Management.

Table – Upgrade Appliance Firmware
63 OF 123
Backup Management using Wizard
Screen – Restrore Existing Configuration Backup
Do you want to restore any Click Yes to restore backup of any existing appliance in
existing configuration appliance to be added. By default, it is disabled.
backup in new appliance?
Use backup of other Select an existing appliance and backup to restore it in

appliance appliance to be added.
Upload Backup Enable to upload backup available at your local machine.
Choose File Browse to locate backup file in your machine.
Back Click Back to go to Firmware Management.
Next Click Next to go to Template Management.

Table – Restrore Existing Configuration Backup
64 OF 123
Template Management using Wizard
Screen – Select Template to Configure Appliance
Do you want to apply any Click Yes to add an appliance with existing configuration
configured template to the template. By default, it is disabled.
appliance?
Template Select template to be applied.
Back Click Back to go to Backup Management.
Next Click Next to view Summary.

Table – Select Template to Configure Appliance
65 OF 123
Summary
Screen – Summary
Appliance Name Name of the appliance.
Appliance Key Appliance key.
IP/Domain IP Address or domain name for the appliance.
Admin Username Name of the administrator user.
CCL Status of CCL.
Communication Mode Mode of communication between CCMS and Cyberoam.
Access Protocol Name of access protocol for communication between CCMS

and Cyberoam.
Access Port Port number for communication between CCMS and

Cyberoam.
Upgrade Firmware Status of firmware upgrade.
Restore Backup Status of backup restore.
Apply Configuration Status of template configuration.

Tempate
Back Click Back to go to Template Management.
Finish Click to complete the wizard.

Table – Summary
66 OF 123
Export > Appliance List
Export > Appliance List option is used to export the list of all managed appliances added in the
CCMS.
The list is exported in excel format containing the following details for each appliance which includes
Appliance Name, Appliance Key, IP/Domain, Connection Status, Firmware Version, IPS Version, AV
Version, Webcat Version, License Subscription Expiration, Last backup Time, Upstream Bytes and
Downstream Bytes.
Appliance List report is generated automatically at 11:50 PM Daily by default and the previous report
is overwritten by the new report. To see the last generated report, go to Management Console >
Appliance Management > Appliances > More > Export > Appliance List. This report
can also be generated manually. To generate reports manually, go to Management Console >
Appliance Management > Appliances > More > Export > Appliance List and click
Generate.
Screen: Export Appliance List
The manually generated report will overwrite the previously generated report.
Export > Appliance IP Change Report

Export > Appliance IP Change Report option is used to export the IP Address revisions for each
added appliance.
This report displays IP address changes or revisions for last 30 days.
This report is generated automatically 11:50 PM Daily.
To download the reports, go to Management Console > Appliance Management >

Appliances > More > Export > Appliance IP Change Report and click Download.
The report is exported in the excel format which includes IP change information based on Appliance
67 OF 123
Name, Appliance Key, Time, Old IP and New IP.
Appliance Discovery
Cyberoam appliance(s) sends heartbeat packet to CCMS over Syslog, HTTP or HTTPS. Appliance
discovery page allows you to view and add these Cyberoam appliance(s) to CCMS.
Appliance Discovery Notification

On successful login, CCMS administrator can view appliance discovery notification(s) on top most
button bar. Click to view list of appliance(s) sending heartbeat packet to CCMS along with
appliance IP address, appliance key, company name and registered email address.
Screen – Appliance Discovery Notification
IP Address IP address of the appliance
Company Name of the Company where the Cyberoam appliance is

deployed
Email Email address used to register the appliance
Manage Click to add the discovered appliance to CCMS and to

remove appliance from the list.
Table – Appliance Discovery Notification screen elements
Appliance Discovery
To view and add discovered appliance(s) to CCMS, go to Management Console > Appliance
Management > Appliances > Appliance Discovery. You can:
 View
 Add
Manage Discovered appliances
To manage discovered appliance(s) to CCMS, go to Management Console > Appliance

Management > Appliances > Appliance Discovery.
Screen – Appliance Discovery
68 OF 123
IP IP address of WAN interface of the appliance
Country Name of the Country where the Cyberoam appliance is deployed
Company Name of the Company where the Cyberoam appliance is deployed
Email Email address used to register the appliance
Manage Click to add the discovered appliance to CCMS and to remove

appliance from list of discovered appliance(s).
Table – Appliance Discovery
Appliance Groups
Administrator may want to divide the managed appliances into groups for the following reasons:
 to configure group-shared settings and then push the configurations on the appliances at once.
For example group all the appliances that need to upgrade subscription and push the upgrades
to all the appliances
 to manage a great number of appliances more efficiently
 to group the appliances according to their locations (country/state/city)
 to group the appliances according to ownership/company and departments
 to group the appliances according to their firmware
 to group the appliances according to the appliance models
 to group the appliances according to subscription - AV, IPS, Web category
 to group the appliances according to the appliance names
Single appliance can be part of multiple groups.
To manage appliance groups, go to Management Console > Appliance Management >

Appliances > Appliance Group. You can:
 Add
 View
 Search – Click the Search icon in the Appliance Group Name column to search for group
with the following criteria: is, is not, and contains. A pop-up window is displayed that has filter
conditions for search. Click OK to get the search results and Clear button to clear the results.
is All the groups that exactly match with the string

For example, if the search string is “Branch, only groups

with the name exactly matching “Branch” are displayed.
is not All the groups that do not match with the string specified
in the criteria.
For example, if the search string is “Branch, all groups

except the name exactly matching “Branch” are
displayed.
contains All the groups that contain the string specified in the
criteria.
69 OF 123
For example, if the search string is “Branch”, all the
groups containing the string “Branch” are displayed.
 Delete – Click the Delete icon in the Manage column against a group to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the group. To
delete multiple Users, select them and click the Delete button.
Manage Appliance Groups
To manage appliance groups, go Management Console > Appliance Management >

Appliances > Appliance Group.
Screen – Manage Appliance Group
Add Button Add a new Appliance Group
Appliance Group Name Name for the Appliance Group
Delete Button Delete the Appliance Group

Table – Manage Appliance Group Screen elements
Appliance Group Parameters
To add or edit appliance group details, go to Management Console > Appliance

Management > Appliances > Appliance Group. Click Add Button to create a new group or
Edit Icon to modify the details of the group.
Screen – Add Appliance Group
70 OF 123
Appliance Group Name Specify group name, which uniquely identifies the group
Appliance Group Condition Specify appliances to be grouped.

Available options:
 Model
 Firmware
 Anti Virus
 IPS
 Web Category
 Company
 Country
 Department
 State
 City
 Appliance Name: Specify group condition criterion.
Available options:
o Starts with
o Contains
o Substring
o Ends with
Specify string to be matched with selected criterion
 You can select Appliance Name as a criterion for multiple
times.
 All the appliances starting with specified name prefix will
be grouped dynamically
Table – Add Appliance Group Screen elements
Template
A template is a set of most commonly used objects, services and configurations. CCMS allows
administrator to store the most common configuration settings of Cyberoam appliances in the form of
template. The administrator can directly export the objects, services and configuration stored in a
template to selected appliance(s). You can
 Add
 View
 Edit – Click the Edit icon in the Manage column against the template to be modified. Edit
template pop-up is displayed where you can edit description of the template.
 Export – Click the Export icon in the Manage column against the template to be exported.
 Clone – Click the Clone icon in the Manage column against the template to be cloned.
 Delete – Click the Delete icon in the Manage column against the template to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the template.
Please note that delete process takes some time based on size of configuration stored in the
template. Hence you can not delete another template before the completion of earlier delete
process. You also can not delete multiple templates in a single click.
Manage Templates
To manage templates, go Management Console > Appliance Management >

Appliances > Template.
71 OF 123
Screen – Manage Template

Add Button Add a new Template
Template Name Name for the Template
Description Description of the Template
Export Icon Export the Template
Clone Icon Clone the template
Edit Icon Edit the Template
Delete Icon Delete the Template
Table – Manage Template Screen elements
Template Parameters
You can add a new template from Management Console > Appliance Management >
Template or Policy Configuration > Template > Add Template. Click Add Button to
create a template or Edit Icon to modify the description of the template.
Screen – Add Template

Template Name Specify template name, which uniquely identifies the template
Template Type Select the type of template to be added
 New Template
 Select to store global configuration available at CCMS in
the form of template
 Import Appliance Configuration
 Select to store configuration available at selected
Cyberoam appliance in the form of template
 Clone Template
 Select to add a new template with configuration stored in
existingTemplate
72 OF 123
Appliance Select a Cyberoam appliance from the list of managed
appliances to store configuration available at that Cyberoam
appliance in the form of template
Clone From Select the template to be cloned
Description Specify description of the appliance
Table – Add Template Screen elements
Export Template
To export a template, go to Management Console > Appliance Management >

Template. Click the Export icon in the Manage column against the template to be exported.
You can also export a template from Policy Configuration > Template Dashboard. Click
Apply button to export the selected template.
Screen – Export Template
System Displays name of ‘System’ configurations along with number of

entries:
 Administration > Settings
 Administration > Appliance Access
 Administration > Profile
73 OF 123
 Configuration > Time
 Configuration > Notification
 Configuration > Messages
 Configuration > Web Proxy
 Configuration > Parent Proxy
 Configuration > Captive Portal
 Maintenance > Updates
 SNMP > Agent Configuration
 SNMP > Community
 SNMP > v3 User
 Certificate > Certificate
 Certificate > Certificate Authority
 Certificate > CRL
 CLI Configuration > CLI Configuration
 CLI Configuration > CTA
Objects Displays name of the ‘Objects’ configurations along with number
of entries:
 Host > IP Host
 Host > IP Host Group
 Host > MAC Host
 Host > FQDN Host
 Host > FQDN Host Group
 Host > Country Host
 Host > Country Host Group
 Services > Services
 Services > Service Groups
 Schedule > Schedule
 File Type > File Type
Network Displays name of the ‘Network’ configurations along with number
of entries:
 Static Route > Unicast
 DNS > DNS
 DNS > DNS Host Entry
 DHCP > Relay
Identity Displays name of the ‘Identity’ configurations along with number
of entries:
 Authentication > Authentication Server
 Authentication > Firewall
 Authentication > VPN
 Authentication > Admin
 Groups > Group
 Users > Users
 Users > Clientless User
 Guest Users > General Settings
 Guest Users > SMS Gateway
 Policy > Access Time Policy
 Policy > Surfing Quota Policy
 Policy > Data Transfer Policy
Firewall Displays name of the ‘Firewall’ configurations along with number
of entries:
 Rule > Rule
 Virtual Host > Virtual Host
 NAT Policy > NAT Policy
 DoS > Settings
 DoS > Bypass Rules
74 OF 123
VPN Displays name of the ‘VPN’ configurations along with number of
entries:
 Policy > VPN Policy
 IPSec > IPSec Connection
 L2TP > L2TP Configuration
 L2TP > L2TP Connection
 PPTP > PPTP Configuration
IPS Displays name of the ‘IPS’ configurations along with number of
entries:
 Policy > IPS Policy
 Custom Signature > Custom Signature
Web Filter Displays name of the ‘Web Filter’ configuration along with
number of entries:
 Settings > Settings
 Category > Web Filter Category
 Category > URL Group
 Policy > Web Filter Policy
Application Filter Displays name of the ‘Application Filter’ configuration along with
number of entries:
 Category > Application Filter Category
 Policy > Application Filter Policy
WAF Displays name of the ‘WAF’ configurations along with number of
entries:
 Web Servers > Web Servers
 Web Servers > Exceptions
 Global Settings > Global Settings
IM Displays name of the ‘IM’ configurations along with number of
entries:
 IM Contact > IM Contact
 IM Contact > IM Contact Group
 IM Rules > Login
 IM Rules > Conversation
 IM Rules > File Transfer
 IM Rules > Webcam
 Content Filter > Content Filter
QoS Displays name of the QoS configuration along with number of
entries:
 Policy > Policy
Anti Virus Displays name of the ‘Anti Virus’ configurations along with
number of entries:
 Mail > SMTP Scanning Rules
 Mail > Address Group
 HTTP/S > HTTP Scanning Rules
 HTTP/S > HTTP Scanning Exceptions
 FTP > FTP
Anti Spam Displays name of the ‘Anti Spam’ configurations along with
number of entries:
 Configuration > Configuration
 Configuration > Address Group
 Configuration > Email Archiver
 Spam Rules > Spam Rules
75 OF 123
 Spam Digest > Spam Digest Settings
 Trusted Domain > Trusted Domain
Logs and Reports Displays name of the ‘Logs and Reports’ configurations along
with number of entries:
 Configuration > Syslog Servers
 Configuration > Log Settings
Confirm Button Confirm the template to be exported
Cancel Button Cancel export

Table – Export Template Screen elements
Edit Template
To edit the details of individual template, go to Policy Configuration > Template>

Templates and click the template to be edited. Click Policy tab to edit following configuration
settings for the selected template:
 System
o Administration > Settings
o Administration > Appliance Access
o Administration > Profile
o Configuration > Time
o Configuration > Notification
o Configuration > Messages
o Configuration > Web Proxy
o Configuration > Parent Proxy
o Configuration > Captive Portal
o Maintenance > Updates
o SNMP > Agent Configuration
o SNMP > Community
o SNMP > v3 User
o Certificate > Certificate
o Certificate > Certificate Authority
o Certificate > CRL
o CLI Configuration > CLI Configuration
Go to System for detailed steps.
 Objects
o Host > IP Host
o Host > IP Host Group
o Host > MAC Host
o Host > FQDN Host
o Host > FQDN Host Group
o Host > Country Host
o Host > Country Host Group
o Services > Services
o Services > Service Groups
o Schedule > Schedule
76 OF 123
o File Type > File Type
Go to Objects for detailed steps.
 Network
o Static Route > Unicast
o DNS > DNS
o DNS > DNS Host Entry
o DHCP > Relay
Go to Network for detailed steps.
 Identity
o Authentication > Authentication Server
o Authentication > Firewall
o Authentication > VPN
o Authentication > Admin
o Groups > Group
o Users > Users
o Users > Clientless User
o Guest Users > General Settings
o Guest Users > SMS Gateway
o Policy > Access Time Policy
o Policy > Surfing Quota Policy
o Policy > Data Transfer Policy
Go to Identity for detailed steps.
 Firewall
o Rule > Rule
o Virtual Host > Virtual Host
o NAT Policy > NAT Policy
o DoS > Settings
o DoS > Bypass Rules
Go to Firewall for detailed steps.
 VPN
o Policy > VPN Policy
o IPSec > IPSec Connection
o L2TP > L2TP Configuration
o L2TP > L2TP Connection
o PPTP > PPTP Configuration
Go to VPN for detailed steps.
 IPS
o Policy > IPS Policy
77 OF 123
o Custom Signature > Custom Signature
Go to IPS for detailed steps.
 Web Filter
o Settings > Settings
o Category > Web Filter Category
o Category > URL Group
o Policy > Web Filter Policy
Go to Web Filter for detailed steps.
o Category > Application Filter Category
o Policy > Application Filter Policy
Go to Application Filter for detailed steps.
 WAF
o Web Servers > Web Servers
o Web Servers > Exceptions
o Global Settings > Global Settings
Go to WAF for detailed steps.
 IM
o IM Contact > IM Contact
o IM Contact > IM Contact Group
o IM Rules > Login
o IM Rules > Conversation
o IM Rules > File Transfer
o IM Rules > Webcam
o Content Filter > Content Filter
Go to IM for detailed steps.
 QoS
o Policy > Policy
Go to QoS for detailed steps.
 Anti Virus
o Mail > Configuration
o Mail > SMTP Scanning Rules
o Mail > Address Group
o Mail > Configuration
o HTTP/S > HTTP Scanning Rules
o HTTP/S > HTTP Scanning Exceptions
78 OF 123
o FTP > FTP
Go to Anti Virus for detailed steps.
 Anti Spam
o Configuration > Configuration
o Configuration > Address Group
o Configuration > Email Archiver
o Spam Rules > Spam Rules
o Spam Digest > Spam Digest Settings
o Trusted Domain > Trusted Domain
Go to Anti Spam for detailed steps.
 Logs & Reports

o Configuration > Syslog Servers
o Configuration > Log Settings
Go to Logs & Reports for detailed steps.
Change Control
Change Control Change Control page allows the administrator to view and manage list of revisions for
the managed appliances. Revisions are the configuration changes synchronized by CCMS and stored
in CCMS repository. Each revision has a unique Change List ID. Additionally, Export Configuration
can be used to export configuration and the change list of appliances or appliance groups.
Change Control
Change Control page allows the administrator to view and manage list of revisions for the
managed appliances. Revisions are the configuration changes synchronized by CCMS and stored
in CCMS repository. Each revision has a unique Changed List ID.
This page also allows the administrator to view list of affected configuration settings, compare
different versions of configurations and roll back to previous configurations.
Given below is the description of Policy Version Control terminology for your understanding:
 Revision – Number of changes made to an entity (an entity can be an object, policy, rule etc.)
 Change List – Operation ID which results into revision of one or more entities. For example,
Change List 10009 results into Revision 6 of Entity A and Revision 2 of Entity B.
 System Snapshot – Entire configuration which is considered as base version.
Please note that:

 System Snapshots are automatically generated in following cases:
o If the managed appliance is in unsynchronized state and any configuration change is
pending, CCMS tries to synchronize the appliance and generates System Snapshot
o After a factory reset
79 OF 123
o After a firmware upgrade
Alternatively, the administrator can take system snapshot(s) manually.
 There can be maximum three snapshots for an appliance.
 Configuration roll back is possible up to the last snapshot only.
 If an appliance is no longer managed by CCMS, the revision history for the appliance will
remain in CCMS until not purged manually.
This page in CCMS is named as Change Control and allows the administrator to
 view change list of affected configuration settings
 view details of configuration changes
 compare different versions of configurations
 take configuration snapshot
 restore system configuration snapshot
 roll back to previous configuration
Go to Management Console > Appliance Management > Change Control to

 View
 Revision History
 Change List Details
 Revision Details
 Revert
View the list of Change Control
Screen – List of Change Control

Appliances Select the appliance to view configuration revisions.
Refresh Button Click to refresh configuration revision list.
View Revision Click to view appliance revision history.
Create Snapshot Click to take snapshot of the current system configuration
manually. In general, CCMS takes snapshot of the system
on set frequency. System Snapshot can be identified by *
displayed against the entity name ‘System Snapshot’.
Purge Click to purge revision history. This option is available only
for those appliances which are no longer managed by
CCMS.
Time Revision time in YYYY-MM-DD HH:MM format
Change List Unique Change List ID
User Name Name of the user who has done configuration changes
80 OF 123
IP Address IP address of the User
Entity Type of Entity
Entity Name Name of the Entity
Component Name of the component used for configuration change.
Possible components:
 GUI
 API
Action Action performed on the configuration.
Possible Actions:
 Update
 Insert
 Delete
 Reorder
 Enable/Disable
 Custom
Reverted Change List Displays list of Change List IDs on mouse over. Changes
associated with the listed IDs have been reverted.
Details Icon Click to view details of the revision. Details include
listing of all dependent entities.
For example if there is a change in firewall rule, details will
display list of dependent Web Filter policy, Application
Filter policy etc.
Revert up to this change Click to revert the changes done in the revision.
list Icon
Restore Icon Click to restore the configuration revision.
Purge Icon Click to purge the configuration revision.
Table – List of Change Control
81 OF 123
View the Revision History
Screen – Revision History

Time Revision time in YYYY-MM-DD HH:MM format.
Change List Change List ID
Username Name of the user
IP Address IP address of the User.
 GUI
 API
Possible Actions:
 Update
 Insert
 Delete
 Reorder
 Enable/Disable
 Custom
Revision Revision number. Click to view revision details.
82 OF 123
Details Icon Click to view details of the revision in XML format.
Difference with Previous Click to compare revision versions.
Version Icon
Table – Revision History
View the Change List Details
Screen – Change List Details

Time Revision time in YYYY-MM-DD HH:MM format.
User Name Name of the user who has done configuration changes.
 GUI
 API
Possible Actions:
 Update
 Insert
 Delete
 Reorder
 Enable/Disable
 Custom
Revision Revision number. Click to view revision details.
Details Icon Click to view details of the revision in XML format.
Version Icon
Table – Change List Details
83 OF 123
View the Revision Details
Screen – Revision Details

Entity Type of entity
Sub Entity Name of the sub entity
Entity Name Name of the entity
Time Revision time in YYYY-MM-DD HH:MM format
Change List Unique Change List ID
Username Name of the user who has done configuration changes.
 GUI
 API
Possible Actions:
 Update
 Insert
 Delete
 Reorder
 Enable/Disable
 Custom
Revision Revision number
Details of change Icon Click to view details of the revision in XML format.
Version Icon
Table – Revision Details
84 OF 123
Revert the Revision
Screen – Revert the Revision

Revert Change List
Entity Type of entity to be reverted
Entity Name Name of entity to be reverted
Last Revision Number of revisions. Click to view revision details.
Action Action to be performed on the entity.
Possible Actions:
 Add
 Insert
 Update
Details Click to compare the revisions. It displays XML for
current version and previous version configurations. The
changes are highlighted by different color codes.
Table – Revert the Revision
Export Configuration
Export Configuration allows the administrator to export configuration and the change list of appliances
or appliance groups. Multiple appliances or appliance groups can be selected for export. To export
configuration go to Management Console > Appliance Management > Change
Control > Export Configuration.
Select the Appliance or Appliance Groups from the drop down list and click Export to generate the
configuration file in .TAR file format. To stop the export process, click Cancel.
85 OF 123
Screen – Export Configuaration
The .TAR file contains selected appliance configuration along with the change list applicable to the
appliance or appliance group. After generation, the .TAR file can be downloaded by clicking
Download. The .TAR file must be extracted at preferred location to view configuration details and
change list details including Appliance Name, Appliance Key and Time.
Group Level Configuration - Dynamic Objects

Dynamic objects – Host, Zone, Interface and Gateway are the network objects whose configurations
vary from one Cyberoam appliance to another. Administrator can configure these objects in CCMS
and map them to individual appliances. Administrator can use these objects while creating Firewall
rule and various policies.
All of the dynamic objects are created using a similar method - create object and then specify the
dynamic object-appliance mappings.
With dynamic objects, configuration of common objects like mail server, radius servers becomes easy
as they need to be configured only once and then can be mapped.
 Host
 Zone
 Interface
 Gateway
Host
Host is a logical building block used in defining firewall rules, virtual host and NAT policy. By default,
the number of hosts equal to the ports in the Cyberoam appliance are already created.
Host represents various types of addresses, including IP addresses, networks and Ethernet MAC
addresses.
Hosts allow entities to be defined once and then be re-used in multiple referential instances
throughout the configuration. For example, an internal Mail Server with an IP address as
192.168.1.15. Rather than repeated use of the IP address while constructing firewall rules or NAT
Policies, it allows creating a single entity called “Internal Mail Server” as a Host name with an IP
address as 192.168.1.15. This host, “Internal Mail Server” can then be easily selected in any
configuration screen that uses Hosts as a defining criterion.
By using hosts instead of numerical addresses, you only need to make changes in a single location,
rather than in each configuration where the IP address appears. Using Hosts reduces the error of
86 OF 123
entering incorrect IP addresses, makes it easier to change addresses and increases readability.
Go to Management Console > Appliance Management > Dynamic Objects > Host
to:
 Add
 View
 Edit – Click the Edit icon in the Manage column against the Host to be modified. Edit Host
pop-up window is displayed which has the same parameters as the Add Host window.
 Search – Click the Search icon in the Address Detail column to search for specific IP
address. IP address can be searched on the following criteria: is equal to, starts with and
contains. Click OK to get the search results and Clear button to clear the results.
is All the appliance names that exactly match with the

string specified in the criteria.
For example, if the search string is “CRmailserver”,

only that host will be displayed whose name exactly
matches with the search string - “CRmailserver”.
is not All the appliances that do not match with the string

all the hosts except with the appliance whose name
exactly matches with the search string -
“CRmailserver”.
contains All the appliances that contain the string specified in

the criteria.

all the hosts containing the string “CRmailserver” are
displayed.
 Delete – Click the Delete icon in the Manage column against a Host to be deleted. A dialog
box is displayed asking you to confirm the deletion. Click OK to delete the Host. To delete
multiple Hosts, select them and click the Delete button.
Manage IP Hosts
To manage IP host, go to Management Console > Appliance Management > Dynamic

Objects > Host.
87 OF 123
Screen – Manage IP host
Add Button Add a new Host
Name Name of the Host
Type Type of Hosts – Single or range of IP, Network, list of assorted

IP addresses, MAC address, MAC address list
IP Family Type of IP Family – IPv4 and IPv6
Edit Icon Edit the IP Host
Delete Button Delete the IP Host

Table – Manage IP host screen elements
Host Parameters
To add or edit hosts, go to Management Console > Appliance Management > Dynamic
Objects > Host.
Screen – Add IP host
Add Dynamic Host
Name Name to identify the Host
88 OF 123
IP Family Type of IP family.
Available options:
 IPv4
 IPv6
Type Select the type of host.

Available options:
 Single IP address
 Network IP address with subnet
 IP Range
 IP list to add assorted IP addresses. Use comma to
specify assorted multiple IP addresses. Create IP list
when you want to create single firewall rule for multiple
IP address which are not in a range. Please note only
Class B IP addresses can be added in IP list. IP
addresses can be added or removed from IP list.
 MAC Address
 MAC list
Appliance-Host Mapping
Default Select the host that is to be mapped with the particular

appliance host.
Appliance Select the appliance whose host is to be mapped with the

above selected host.
IP Select the host which is to be mapped.

Table – Add IP host screen elements
Zone
A Zone is a logical grouping of ports/physical interfaces and/or virtual subinterfaces if defined.
Zones provide a flexible layer of security for the firewall. With the zone-based security, the
administrator can group similar ports and apply the same policies to them, instead of having to write
the same policy for each interface.
Default Zone Types
LAN – Depending on the appliance in use and network design, one can group one to six physical
ports in this zone. Group multiple interfaces with different network subnets to manage them as a
single entity. Group all the LAN networks under this zone.
By default the traffic to and from this zone is blocked and hence the highest secured zone. However,
traffic between ports belonging to the same zone will be allowed.
DMZ (DeMilitarized Zone) - This zone is normally used for publicly accessible servers. Depending on
the appliance in use and network design, one can group one to five physical ports in this zone.
WAN - This zone is used for Internet services. It can also be referred as Internet zone.
VPN - This zone is used for simplifying secure, remote connectivity. It is the only zone that does not
have an assigned physical port/interface. Whenever the VPN connection is established, port/interface
89 OF 123
used by the connection is automatically added to this zone and on disconnection; port is automatically
removed from the zone. Like all other default zones, scanning and access policies can be applied on
the traffic for this zone.
Local – Entire set of physical ports available on your appliance including their configured aliases are
grouped in LOCAL zone. In other words, IP addresses assigned to all the ports fall under the LOCAL
zone.
To manage zones, go to Management Console > Appliance Management > Dynamic

Objects > Zone. You can:
 Add
 View
 Edit – Click the Edit icon in the Manage column against the Zone to be modified. Edit zone
page is displayed which has the same parameters as the Add Zone window.
 Delete – Click the Delete icon in the Manage column against the Zone to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the zone. To
delete multiple zones, select them and click the Delete button.
Manage Zones
To manage IP host, go to Management Console > Appliance Management > Dynamic

Objects > Zone.
Screen – Manage Zones
Add Button Add a new Zone
Name Name of the Zone
Type Type of Zone selected – LAN or DMZ
Edit Icon Edit the Zone
Delete Button Delete the Zone

Table – Manage Zones screen elements
Zone Parameters
To add or edit zones, go to Management Console > Appliance Management >

Dynamic Objects > Zone. Click Add Button to add a new zone or Edit Icon to modify the details
of the zone.
90 OF 123
Screen – Add Zone
Name Name to identify the zone
Type Select Zone Type – LAN, DMZ

Available Options:
LAN – Depending on the appliance in use and network design,
one can group one to six physical ports in this zone. Group
multiple interfaces with different network subnets to manage
them as a single entity. Group all the LAN networks under this
zone.
By default the traffic to and from this zone is blocked and

hence the highest secured zone. However, traffic between
ports belonging to the same zone will be allowed.
DMZ (DeMilitarized Zone) - This zone is normally used for

publicly accessible servers. Depending on the appliance in use
and network design, one can group one to five physical ports
in this zone.
By default, entire traffic will be blocked except LAN to Local

zone service likes Administration, Authentication, and Network.
Appliance-Zone Mapping
Default Select the zone that is to be mapped with the particular

appliance zone
Appliance Select the appliance whose zone is to be mapped with the

above selected zone.
Zone Select the zone which is to be mapped.

Table – Add Zone screen elements
Interface
Interface - Physical interfaces/ports available on your appliance. If virtual subinterface is configured
for the physical interface, it is also displayed beneath the physical interface. Virtual subinterface
configuration can be updated or deleted.
91 OF 123
Zone and Zone Type - Displays port to zone relationship i.e. zone-port membership.
To manage Interfaces, go to Management Console > Appliance Management >
Dynamic Objects > Interface. You can:
 Add
 View
 Edit – Click the Edit icon in the Manage column against the Interface to be modified. Edit
Interface page is displayed which has the same parameters as the Add Interface window.
 Delete – Click the Delete icon in the Manage column against the Interface to be deleted. A
delete multiple Interfaces, select them and click the Delete button.
Manage Interface
To manage Interfaces, go to Management Console > Appliance Management >

Dynamic Objects > Interface.
Screen – Manage Interface

Add Button Add a new Interface
Name Name of the Interface
Type Zone Type to which the Interface is bound
Available options:
 IPv4
 IPv6
Edit Icon Edit the Interface
Delete Button Delete the Interface
Table – Manage Interface screen elements
92 OF 123
Interface Parameters
To add or edit zones, go to go to Management Console > Appliance Management >

Dynamic Objects > Interface. Click Add Button to add a new Interface or Edit Icon to modify
the details.
Screen – Add Interface

Add Dynamic Interface
Name Name of the Interface
Available options:
 IPv4
 IPv6
Type Type of the Interface.
Available Options:
 Route
 Bridge
Zone Select Zone to which the Route Interface is bound – LAN,
WAN, DMZ
Available Options:
 LAN – Depending on the appliance in use and network
design, one can group one to six physical ports in this
zone. Group multiple interfaces with different network
subnets to manage them as a single entity. Group all
the LAN networks under this zone.
 By default the traffic to and from this zone is blocked

and hence the highest secured zone. However, traffic
between ports belonging to the same zone will be
allowed.
 WAN - This zone is used for Internet services. It can

also be referred as Internet zone.
 DMZ (DeMilitarized Zone) - This zone is normally used

for publicly accessible servers. Depending on the
appliance in use and network design, one can group
one to five physical ports in this zone.
 By default, entire traffic will be blocked except LAN to
93 OF 123
Local zone service likes Administration, Authentication,
and Network.
Appliance-Interface Mapping
Appliance Select the appliance.
Interface Select the Interface that is to be mapped.
Table – Add Interface screen elements
Gateway
Cyberoam supports multiple gateways to cope with gateway failure problems. However, simply adding
one more gateway is not an end to the problem. Optimal utilization of all the gateways is also
necessary. Cyberoam Multi Link Manger provides link failure protection by detecting the dead
gateway and switching over to the active link and provides a mechanism to balance traffic between
various links.
To manage Gateway, go to Management Console > Appliance Management >

Dynamic Objects > Gateway. You can:
 Add
 View
 Edit – Click the Edit icon in the Manage column against the Gateway to be modified. Edit
Gateway page is displayed which has the same parameters as the Add Gateway window.
 Delete – Click the Delete icon in the Manage column against the Gateway to be deleted. A
delete multiple Gateway, select them and click the Delete button.
Manage Gateway
To manage Gateway, go to Management Console > Appliance Management >

Dynamic Objects > Gateway.
Screen – Manage Gateway

Add Button Add a new Gateway
Name Name of the Gateway
Available options:
 IPv4
 IPv6
Edit Icon Edit the Gateway
Delete Button Delete the Gateway
Table – Manage Gateway screen elements
94 OF 123
Gateway Parameters
To add or edit gateway, go to go to Management Console > Appliance Management >

Dynamic Objects > Gateway. Click Add Button to add a new gateway or Edit Icon to modify
the details.
Screen – Add Gateway
Add Dynamic Gateway
Name Name to identify the Gateway

Available options:
 IPv4
 IPv6
Appliance-Gateway Mapping
Appliance Select the appliance
Gateway Select the gateway

Table – Add Gateway screen elements
Individual Appliance Level Configuration

This section describes configuration of individual Cyberoam appliance from CCMS.
You can configure:
 System
 Objects
 Network
 Identity
 Firewall
 VPN
 IPS
 Web Filter
 WAF
 IM
 QoS
95 OF 123
 Anti Virus
 Anti Spam
 Logs and Reports
System
System allows configuration and administration of Cyberoam appliance for secure and remote
management as well as administrative privilege that you can assign to admin users. It also provides
the basic system settings and language settings of the Web Admin console. Configure several non-
network features, such as SNMP, custom messages and portal setting through System.
Please refer to Cyberoam User Guide for further details.
Objects
Objects are the logical building blocks of various policies and rules, which include:
 Host – IP, network and MAC addresses. They are used in defining firewall rules, virtual host,
NAT policy, IPSec, L2TP and VPN policies
 Services which represent specific protocol and port combination for example, DNS service for
TCP protocol on 53 port. Access to services are allowed or denied through firewall rules.
 Schedule to control when the firewall rule, Access time policy, Web filter policy, Application filter
policy, or QoS policy will be in effect for example, All Days, Work Hours
 File types – defining web filter policy, SMTP scanning rules
Network
Network establishes how Cyberoam connects and interacts with your network and allows configuring
network specific settings.
Basic network settings include configuring Cyberoam interfaces and DNS settings. It also describes
how to use DHCP to provide convenient automatic network configuration for your clients.
This menu covers how to configure your Cyberoam to operate in your network. Basic network settings
include configuring Cyberoam interfaces and DNS settings. More advanced configuration includes
adding VLAN subinterfaces and custom zones to the Cyberoam network configuration. It also
describes how to use DHCP to provide convenient automatic network configuration for your clients.
Identity
Once you have deployed Cyberoam, default access policy is automatically applied which will allow
complete network traffic to pass through Cyberoam. This will allow you to monitor user activity in your
Network based on default policy.
As Cyberoam monitors and logs user activity based on IP address, all the reports are also generated
based on IP address. To monitor and log user activities based on User names or logon names, you
have to configure Cyberoam for integrating user information and authentication process. Integration
will identify access request based on User names and generate reports based on Usernames.
When the user attempts to access Cyberoam, Cyberoam requests a user name and password and
authenticates the user’s credentials before giving access. User level authentication can be performed
96 OF 123
using the local user database on the Cyberoam, an External ADS server, LDAP or RADIUS server.
Firewall
A firewall protects the network from unauthorized access and typically guards the LAN and DMZ
networks against malicious access; however, firewalls may also be configured to limit the access to
harmful sites for LAN users.
The responsibility of firewall is to grant access from Internet to DMZ or Service Network according to
the Rules and Policies configured. It also keeps watch on state of connection and denies any traffic
that is out of connection state.
Firewall rule provides centralized management of security policies. From a single firewall rule, you can
define and manage entire set of Cyberoam security policies.
From the firewall rule, you can:

 Monitor and scan VPN traffic
 Define inbound and outbound access based on source and destination hosts/network
 Enable scanning for HTTP, HTTPS, FTP, SMTP, POP3 or IMAP traffic - for email spam filtering
and virus security and also get spyware, malware and phishing protection. To apply antivirus
protection and spam filtering, you need to subscribe for Gateway Anti Virus and Gateway Anti
Spam modules individually.
 Define IPS policy - for protection against threats and attacks originating from external world and
internal network. To apply IPS policy you need to subscribe for Intrusion Prevention System
module..
 Attach Gateway routing policy - for loading balancing and gateway failover protection incase of
multiple gateways
 Define Web filtering policy - for web access control and block access to inappropriate web
sites. To control access based on custom web categories, you need to subscribe for Web and
Application Filter module..
 Define Applications filtering policy – for controlling access to application like IM and P2P, VOIP.
To control access based on custom web categories, you need to subscribe for Web and
Application Filter module.
 Schedule access
 Attach QoS policy - to control and schedule bandwidth usage per user, group or prioritize
bandwidth usage for particular application.
VPN
Cyberoam VPN automatically encrypts the data and sends it to the remote site over the Internet,
where it is automatically decrypted and forwarded to the intended destination. By encrypting, the
integrity and confidentiality of data is protected even when transmitted over the untrusted public
network. Cyberoam uses IPSec standard i.e. IPSec protocol to protect traffic. In IPSec, the identity of
communicating users is checked with the user authentication based on digital certificates, public keys
or preshared keys.
Cyberoam ensures that all the VPN traffic passing through the VPN tunnels is threat free. All the
firewall rules and policies are applicable to the traffic going into the VPN tunnels and coming out of
the VPN tunnels. Cyberoam inspects all the traffic going into the VPN tunnels and coming out of the
tunnels and makes sure that there are no viruses, worms, spam, and inappropriate content or
intrusion attempts in the VPN traffic. As VPN traffic is, by default subjected to the DoS
inspection,Cyberoam provides a facility by which one can bypass scanning of traffic coming from
97 OF 123
certain hosts from VPN zone. The above functionality is achieved by adding one additional zone
called VPN zone. VPN traffic passes through VPN zone and firewall rule can be applied to VPN zone.
Cyberoam can be used to establish VPN connection between sites, LAN-to-LAN and Client-to-LAN
connection. VPN is the bridge between Local & Remote networks/subnets.
Cyberoam supports following protocols to authenticate and encrypt traffic:
 Internet Protocol Security (IPSec)
 Layer Two Tunneling Protocol (L2TP)
 Point-to-Point Tunneling Protocol (PPTP)
Please refer to Cyberoam VPN Management Guide for further details.
IPS
Cyberoam IPS uses Signatures to identify the malicious activity on the network but instead of
providing only one policy (global) for managing multiple networks/hosts, allows to tailor the policy per
network/host i.e. allows to defining multiple policies for managing multiple networks/hosts.
Cyberoam IPS consists of a signature engine with a predefined database of signatures. Predefined
signatures are not editable.
As per your network requirements, Cyberoam allows you to define multiple policies instead of one
global policy, to decrease packet latency and reduce false positives.
Policy allows you to view Cyberoam predefined signatures and customize the intrusion prevention
configuration at the category as well as individual signature level. Categories are signatures grouped
together based on the application and protocol vulnerabilities.
Each IPS policy contains a set of signatures that the Cyberoam searches for, and log and block and
allows to:
 Enable or disable category from IPS protection
 Enable or disable individual signature in a category to tailor IPS protection based on your
 network environment
 Define the action to be taken when the matching traffic pattern is found. Cyberoam can
 either detect or drop the connection. In either of the case, Cyberoam generates the log and
alerts the Network Administrator.
To enable the Intrusion Prevention System functionality, apply the policy using firewall rule. You can
create rule to apply:
 Single policy for all the user/networks
 Different policies for different users/networks or hosts
As firewall rules control all traffic passing through the Cyberoam and decide whether to allow or drop
the connection, IPS policy will be applied to only that traffic/packet which firewall passes.
Please refer to Cyberoam IPS Implementation Guide for further details.
Web Filter
Web Filter menu allows to configure and manage Web Filtering in Cyberoam. The traffic coming from
the web is filtered by various policies and categories.
98 OF 123
Application Filter
Application Filter menu in Cyberoam allows configuring and managing filtering on various
applications. The traffic coming from the web is filtered by various policies and categories.
WAF
A WAF (Web Application Firewall) protects applications accessed via HTTP and HTTPS against the
attacks on Web server at the application layer.
IM
IM (Instant Messaging) allows configuring and managing restrictions on instant messaging services
provided by the Yahoo and MSN messengers. The traffic coming from the web in form of files and
chat is filtered by various rules and content filtering strategies. You can add an IM contact or IM
contact group for configuring rules.
QoS
Bandwidth is the amount of data passing through a media over a period of time and is measured in
terms of kilobytes per second (kbps) or kilobits per second (kbits) (1 Byte = 8 bits).
The primary objective of QoS (Quality of Service) policy is to manage and distribute total bandwidth
on certain parameters and user attributes. QoS policy allocates & limits the maximum bandwidth
usage of the user and controls web and network traffic.
Anti Virus
Cyberoam Gateway Anti Virus provides you with powerful tools for scanning and detecting infection
and spam in the incoming e-mail traffic. For detecting virus, Cyberoam uses its built-in signature
database.
Cyberoam Anti Virus scans the following traffic as it passes through the Cyberoam:
 HTTP
 HTTPS
 FTP
 SMTP
 POP3
 IMAP
For extra protection, you can configure to block specified file types from passing through the
Cyberoam. You can use this feature to stop files that might contain new viruses. Additional filtration of
messages from configured IP address and URL decreases the load on the server when scanning
email traffic for viruses.
Cyberoam Anti Virus allows to:

 Scan email messages for viruses
 Detect infected, suspicious, and password-protected attachments and message
99 OF 123
 Stop users from sending/receiving messages with any type of attachments
 Perform anti-virus processing of infection revealed in email messages by scanning
 Define policies to take appropriate action based on the protocol i.e. define action policy on how
to handle for SMTP, POP3, FTP traffic and HTTP and HTTPS traffic if infection is detected
 Limit HTTP and FTP download file size
 Notify senders, recipients, and the administrator about messages containing infected,
suspicious, or password-protected attachments
 Quarantine messages - Quarantine feature allows to isolate and move infected and suspicious
mails in a quarantine directory defined by a network administrator.
 Customize the anti virus protection of incoming and outgoing e-mail messages by defining scan
policies.
Cyberoam Gateway Anti Virus is fully compatible with all the mail systems and therefore can be easily
integrated into the existing network.
Please refer to Cyberoam Anti Virus Implementation Guide for further details.
Anti Spam
Cyberoam Gateway Anti Spam provides a powerful tool for scanning and detecting infection.
Cyberoam Anti Spam as a part of unified solution along with Anti Virus and IPS (Intrusion Prevention
System), provides real time virus scanning that protects all network nodes – workstations, files
servers, mail system from known and unknown attacks by worms and viruses,
Trojans, spyware, adware, spam, hackers and all other cyber threats.
Cyberoam detects spam mails based on:

 RBL (Realtime Blackhole List)
 Mass distribution pattern using RPD (Recurrent Pattern Detection) technology for which
Gateway Anti Spam module subscription is required. RPD technology responsible for
proactively probing the Internet to gather information about massive spam outbreaks from the
time they are launched. This technology is used to identify recurrent patterns that characterize
massive spam outbreaks.
Cyberoam Gateway Anti Spam provides powerful tools for scanning and detecting spam in the
incoming e-mail traffic. Cyberoam Gateway Anti Spam inspects all incoming emails - SMTP, POP3
and IMAP traffic - before the messages are delivered to the receiver's mailbox. If spam is detected,
depending on the policy and rules set, emails are processed and delivered to the recipient unaltered,
reject and generate a notification on the message rejection, add or change subject or change the
receiver.
Cyberoam Gateway Anti Spam is fully compatible with all the mail systems and therefore can be
easily integrated into the existing network.
Cyberoam Anti Spam allows to:

 Scan email messages for spamming by protocols namely SMTP, POP3, IMAP
 Monitor and proactively detect recurrent patterns in spam mails and combat multi-format –text,
images, HTML etc. and multi-language threats
 Monitor mails received from Domain/IP address
 Detect spam mails using RBLs. If Anti Spam module is not subscribed, Cyberoam will detect
spam mails based on RBL only and not on recurrent patterns in mails.
 Accept/Reject messages based on message size and message header
 Customize protection of incoming and outgoing e-mail messages by defining scan policies
 Set different actions for SMTP, POP and IMAP spam mails
100 OF 123
 Configure action for individual email address
 Notify receivers about spam messages
Please refer to Cyberoam Anti Spam Implementation Guide for further details.
Logs & Reports

Cyberoam provides extensive logging capabilities for traffic, system and network protection functions.
Detailed log information and reports provide historical as well as current analysis of network activity to
help identify security issues and reduce network abuse.
Cyberoam can either store logs locally or send logs to external syslog servers for storage and archival
purposes.
Cyberoam can log many different network activities and traffic including:
 Firewall log
 Anti-virus infection and blocking
 Web filtering, URL and HTTP content blocking
 Signature and anomaly attack and prevention
 Spam filtering
 IM logs
 Administrator logs
 User Authentication logs
Cyberoam supports multiple syslog servers for remote logging. When configuring logging to a Syslog
server, one needs to configure the facility, severity and log file format. One can also specify logging
location if multiple syslog servers are defined.
Maximum five syslog servers can be defined from Logging page of Web Admin Console.
Cyberoam can either store logs locally or send to the syslog servers. Traffic Discovery logs can be
stored locally only.
Scheduled Tasks
Any configuration changes done on CCMS for managed appliances can be pushed to the appliance
or group of appliance(s) immediately or can be scheduled.
Go to Management Console > Appliance Management > Schedule Task >

Schedule Task to view list of task that are scheduled. You can delete any scheduled task.
Page displays details of the task – entity and sub entity name, appliance for which task is scheduled,
schedule time and option to delete or reschedule the task.
101 OF 123
Screen – Manage Scheduled Tasks
Event Unique number to identify the event
Entity Name of the configured entity
Sub Entity Name of the configured sub entity
Appliance Name of the appliance(s) or group of appliance(s) on which the

configuration has to be updated on scheduled time.
Scheduled Time Time on which the configuration has to be updated on selected

appliances.
Delete Button Delete the schedule
Reschedule Button Edit the schedule

Table – Manage Scheduled Tasks screen elements
Diagnostics
Diagnostic pages allow checking the accessibility of your CCMS in a single shot. This information can
be used for troubleshooting.
It is like a periodic connectivity check up that helps to identify the impending problems. After
identifying the problem, appropriate actions can be taken to solve the problems and keep the
appliance running smoothly and efficiently.
View the statistics to diagnose the connectivity problem, network problem and test network
communication. It assists in troubleshooting issues such as hangs, packet loss, connectivity,
discrepancies in the CCMS network.
Go to Management Console > Appliance Management > Diagnostics > Tools to

view the various statistics
 Ping
 Trace route
 Name lookup
 Route lookup
Ping
Ping is the most common network administration utility used to test the reachability of a host on an
Internet Protocol (IP) network and to measure the round-trip time for messages sent from the
originating host to a destination computer.
102 OF 123
Ping sends ICMP echo request/replies to test connectivity to other hosts. Use standard ICMP ping to
confirm that the server is responding. Ping confirms that the server can respond to an ICMP ping
request.
Use Ping diagnostically to

 Ensure that a host computer you are trying to reach is actually operating or address is
reachable or not
 Check how long it takes to get a response back
 Get the IP address from the domain name
 Check for the packet loss
Screen – Ping
IP address/Host Name IP Address or fully qualified domain name to be pinged.
It determines network connection between CCMS and host on

the network. The output shows if the response was received,
packets transmitted and received, packet loss if any and the
round-trip time. If a host is not responding, ping displays 100%
packet loss.
IP Family Type of IP family
Interface Interface through which the ICMP echo requests are to be

sent.
Size Ping packet size
Range – 1 to 65507
Table – Ping screen elements
Traceroute
Traceroute is a useful tool to determine if a packet or communications stream is being stopped at the
CCMS, or is lost on the Internet by tracing the path taken by a packet from the source system to the
destination system, over the Internet.
Use traceroute to
 find any discrepancies in the CCMS network or the ISP network within milliseconds
 trace the path taken by a packet from the source system to the destination system, over the
Internet
103 OF 123
Screen – Trace Route
IP address/Host Name IP Address or fully qualified domain name.
It determines network connection between CCMS and host on

the network. The output shows all the routers through which
data packets pass on way to the destination system from the
source system, maximum hops and Total time taken by the
packet to return measured in milliseconds.
IP Family Type of IP family
Interface Interface through which the requests are to be sent.

Table – Trace Route screen elements
Name lookup
Name lookup is used to query the Domain Name Service for information about domain names and IP
addresses. It sends a domain name query packet to a configured domain name system (DNS) server.
If you enter a domain name, you get back the IP address to which it corresponds, and if you enter an
IP address, then you get back the domain name to which it corresponds. In other words, it reaches
out over the Internet to do a DNS lookup from an authorized name server, and displays the
information in the user understandable format.
Screen – Name Lookup
IP address/Host Name IP address or fully qualified domain name that needs to be

resolved.
DNS Server IP DNS server to which the query is to be sent.

Table – Name Lookup screen elements
Route lookup
If you have routable networks and wish to search through which Interface CCMS routes the traffic
then lookup the route for the IP address.
104 OF 123
Screen – Route Lookup
IP address IP address that needs to be resolved.

Table – Route Lookup screen elements
105 OF 123
Appliance Maintenance
This section covers maintenance of added appliances in Cyberoam’s on-Cloud Management Service.
Backup and Restore of Cyberoam configuration and firmware management are the essential parts of
Cyberoam appliance maintenance.
The Backup and Restore menu enables you to save back up of your Cyberoam Appliance on CCMS.
It is a good idea to backup the Appliance configuration on a regular basis to ensure that, if the system
fails, you can quickly get the system back to its original state with minimal affect to the network. It is
also a good idea to back up the configuration after making any configuration changes in the
appliance.
You can save the backup of the appliance on CCMS and restore later if something fails on the
Appliance. It is always a good idea to back up the configuration when any changes are made to
ensure you have the latest configuration stored.
 Backup and Restore Cyberoam configuration

 Firmware
 Maintenance
Backup & Restore

Use Backup & Restore page to take backup of managed Cyberoam appliances and store on CCMS.
CCMS acts as a Backup repository for Cyberoam backups. Administrator can restore this backup on
Cyberoam appliance whenever required. CCMS automatically takes backup of all the managed
Cyberoam appliances at the predefined intervals and if required administrator can manually also take
backup.
To take the backup manually or restore, go to Management Console > Appliance

Management > Maintenance > Backup & Restore, select the appliance whose backup is
to be taken and click “Take Backup”.
This Page displays date on which the backup was taken along with option to save one backup as
‘Last Good Backup’. You can store upto 5(five) backups for any appliance. The ‘Last Good Backup’
will be preserved all the time.
You can also download the backup to save and restore later.
Screen – Backup and Restore
106 OF 123
Scheduled Backup
Backup Frequency Select System data backup frequency

In general, it is best to schedule backup on regular basis. Depending on how
much information you add or change will help you determine the schedule.
Available options:
 Never – Select if you do not want to take any backup

 Daily – Configure time at which the backup should be taken.
 Weekly – Configure day and time at which the backup should be
taken.
 Monthly – Configure day and time at which the backup should be
taken
Backup Mode Select how and to whom backup files should be sent.
Available Options:
 Local – Select to store appliance backup on CCMS.

 FTP – If backup is to be stored on FTP server, configure FTP server
IP address,path, username and password to be used.
 Mail – If back up is to be mailed, configure email id on which backup
is to be mailed.
Select Appliances Select the appliances whose backup is to be taken at the configured
schedule.
Manual Backup
Select Appliances Select the appliance whose backup is to be taken
Take Backup Click to take backup of selected appliance manually
Backup Date Time and Date of the backup in DD/MM/YYYY HH:MM:SS format
Backup Type Type of the backup.

Possible options:
 Scheduled Backup/ Manual Backup
 System Snapshot (CCL)
Last Good Backup Select a backup to be stored as ‘last good backup’. This backup will not be
purged.
You can take maximum five backups including ‘last good backup’.
Restore Click to restore the downloaded backup
Download Click to download the backup

Table – Backup and Restore Screen Elements
107 OF 123
Firmware
Instead of upgrading each managed appliance manually, administrator can upgrade appliance
firmware through CCMS. CCMS can store and apply firmware images. CCMS can download local
copies of firmware images from the Upgrade server. After firmware images have been downloaded,
you can upgrade an appliance or group of appliances.
Use Firmware page to check for the latest available firmware for managed Cyberoam appliances. To
check for the availability of the latest firmware, go to Management Console > Appliance
Management > Firmware > Firmware.
Screen – Firmware

Check for Latest Firmware Click to check availability of latest firmwares
Model Cyberoam Model number
Applicable Appliances Click ‘List Appliance’ to view list of Cyberoam appliances
which can be upgraded with available firmware
Applicable Version Applicable Cyberoam firmware version
Release Date Date of firmware release
Size (MB) Size of downloadable firmware image in MB
Status Status of the firmware as ‘Downloaded’ or ‘N/A’
Download Click to download the firmware image
Apply Click to apply downloaded firmware on the selected
appliance(s)
Table – Firmware Screen Elements
Administrator can download and save the firmware for later use or apply firmware directly.
108 OF 123
Apply Firmware
Screem – Apply Firmware

Schedule Click to schedule firmware upgrade. You can upgrade the
selected appliance(s) with downloaded firmware immediately
or you can choose to upgrade it later
Apply Firmware From Firmware can be applied from following options:
 Management Console
 Live Server
 Private URL
Appliance Select the appliance to be upgraded with downloaded
firmware.
Table – Apply Firmware
Maintenance
Maintenance page is used to Manage Inactive Users. The following management options are
available:
 Inactive Users Report – To generate and download Inactive User Reports.
 Delete Inactive Users – To delete Inactive Users.
To manage Inactive Users, go to Management Console > Appliance Management >

Maintenance > Maintenance.
109 OF 123
Screen – Maintenance

Inactive Users Report
Generate Report Specify the number of days after which the user is
considered Inactive if not logged-on and the date from
which the report is to be generated using calendar .
Click Generate to generate the report.
Report Shows the last generated Inactive Users Report. Click
Download to download the generated reports.
Delete Inactive Users Specify the number of days after which the users are to
be deleted if not logged-on and the start date using
calendar . Click Delete to delete the Inactive Users.
Table – Maintenance
110 OF 123
Appliance Monitoring
CCMS helps administrator to monitor all the managed appliance for surfing trends, attacks and
outages. Graphs can be used to monitor single appliance or group of appliances. It normally required
Administrator to log on to individual appliance to view system resources and information but with
CCMS, the administrator can view that same information for all the appliances from CCMS itself.
Graphs
Graphs are graphical presentation of user surfing pattern, disk, memory and CPU usage and various
attacks on the appliance.
Administrator can add multiple profiles. Administrator can add profile for group of appliances or single
appliance. Tab for each profile is added on Graphs page.
Profile
To add or edit profile, go to Management Console > Appliance Monitoring > Graphs >
Profile. You can
 Add
 View
 Edit - Click the Edit icon in the Manage column against the profile to be modified. Edit
Profile page is displayed which has the same parameters as the Add Profile window.
 Delete – Click the Delete icon in the Manage column against the profile to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the dashboard. To
Manage Profile
To manage added profiles, go to Management Console > Appliance Monitoring >

Graphs > Profile.
Screen – Manage Profiles
Title Name of the profile
111 OF 123
Edit Icon Edit profile details

Table – Manage Profile screen Elements
Profile Parameters
To add or edit profiles, go to Management Console > Appliance Monitoring > Graphs >
Profile. Click Add Button to add a new profile or Edit Icon to modify the details.
Screen – Add Profile
Title Name of the Profile
Appliances Select appliance(s) whose details are to be displayed on the

profile graph.
Category Select the components to be displayed on the dashboard for

the appliance(s) selected in the above field.
Available options:
 CPU Usage
 Memory Usage
 Virus Attacks
 HTTP Attacks
 Mail Attacks
 IPS Threats
112 OF 123
 Spam Mails
 Disk Usage
 User Surfing Pattern
Table – Add Profile screen elements
Graphs
To view graphs, go to Management Console > Appliance Monitoring > Graphs >
Graphs. If multiple graphs are added, Tab for each graph is displayed
Depending on the components selected at the time of adding graph, graph displays line graphs for the
usage status of the CPU, memory and hard disk, user surfing patter grouped into Neutral, Productive,
Non Working and Unhealthy categories, virus, HTTP and mail attacks, IPS threats and spam mails.
If multiple appliances are grouped under single graph, line graph of each appliance is plotted in each
component.
Screen – Graphs
Alerts
CCMS allows administrator to create and send email alerts to the specified email address(s) based on
predefined criteria. CCMS alert notification ensures the concerned person receive an alert in
situations like excess CPU, disk and memory usage or alarming count of viruses or IPS attacks.
Profile
To add or edit alerts, go to Management Console > Appliance Monitoring > Alerts >
Profile. You can
 Add
 View
 Edit – Click the Edit icon in the Manage column against the profile to be modified. Edit
Profile page is displayed which has the same parameters as the Add Profile window.
 Delete – Click the Delete icon in the Manage column against the profile to be deleted. A
dialog box is displayed asking you to confirm the deletion. Click OK to delete the dashboard. To
113 OF 123
Manage Alert Profile
To manage added profiles, go to Management Console > Appliance Monitoring >

Alerts > Profile.
Screen – Manage Alert Profiles
Profile Name Name of the profile. DefaultAlertProfile is the default alert

profile and it can be not be deleted.
Appliance(s) Appliance(s) for which alert profile is created.
Status Status of the Alert profile.
Possible status:
 - Click to disable the alert notification.
 - Click to enable the alert notification.
Description Description of the alert profile
Edit Icon Edit profile details
Change Status Click to change the status of selected profile.

Table – Manage Alert Profile screen Elements
Alert Profile Parameters
To add or edit profiles, go to Management Console > Appliance Monitoring > Alerts >
Profile. Click Add Button to add a new profile or Edit Icon to modify the details.
Screen – Add Alert Profile
114 OF 123
Profile Name Name to identify the Profile
Send email(s) alerts to Specify the email addresses on which the alerts are to be sent.
Appliance(s) Select appliance(s) or group of appliance(s) to be displayed on

the alert profile.
Alert Criteria Configure alert criteria. Select checkbox against criterion to be

configured and specify value for the criterion.
Available criteria:
 Any subscription module expires
 CPU usage exceeds
 Memory usage exceeds
 Disk usage exceeds
 IPS Threats count
 Web virus count exceeds
 Mail Virus count exceeds
 Total virus count exceeds
 Spam Mail count exceeds
 Unhealthy Surfing hits
 Appliance Connection Status
 Gateway status change
 VPN connection status change
 HA Status change

Specify duration of sending notifications in ‘Notify me’ field.
 The duration can be in hours or minutes.
Description Description of the alert profile.
Table – Add Alert Profile screen elements
Alerts
To view alerts, go to Management Console > Appliance Monitoring > Alerts > Alerts.
115 OF 123
Screen – Alerts
Time Time of alert in YYYY-MM-DD HH:MM format.
Profile Name Name of the profile
Appliance Name Appliance(s) for which alert profile is created
Alert Message Description of the alert i.e. on which event the alert has been
sent
Table – Add Alert
Event Viewer
Audit and System logs are an important part of any secure system that provides an invaluable view
into the current and past state of almost any type of complex system, and they need to be carefully
designed in order to give a faithful representation of system activity.
They can identify what action was taken by whom and when. The existence of such logs can be used
to enforce correct user behavior, by holding users accountable for their actions as recorded in the
audit log.
They are the simplest, yet also one of the most effective forms of tracking temporal information. The
idea is that any time something significant happens you write some record indicating what happened
and when it happened.
Event Viewer
To view logs of any of the managed appliance, go to Management Console > Appliance
Monitoring > Event Viewer > Event Viewer, select log date and time, appliance and log
type and click Go. Page will display list of all archived logs for the selected appliance.
116 OF 123
Screen – Event Viewer

Start Date and End Date Select start date and end date to view log files
Appliance Select appliance whose logs are to be displayed
File type Select Log file type. Available file types are :
 System Logs
 Anti Virus
 IPS
 Authentication
 Audit Logs
Date Date of archived logs
File Details File details which includes time interval for which the file is
created, file size and status of the file (Loaded, partially
loaded)
Total Size Total size of archive data for the specified day
Action Action that can be performed on archived data:
 View: Load archived file to view and search. Click
checkbox against the file and click View Data link,
which opens a new page from where you can search
the log. This process may take some time depending
on the size of data.
 Unload: Unload archived file. Click against the file to be
unloaded.
 Search: Perform a refined search based on multiple
criteria
Table – Appliance Logs screen elements
Search Archived logs
To search the archived log, go to Management Console > Appliance Monitoring > Event
Viewer > Event Viewer, and click the View Data link. In Advanced Search section:
Screen – Search Logs
117 OF 123
Advanced Search options  Select Match all of the following to get search result
based on all criteria or Match any of the following to
get search result based on any of the criterion
 Add searching criterion. Available options are Upload
Time, Log Component, Status, Username, IP address,
Message, Message ID, File Name, Offset.
Formatted Logs Search result displays logs in comprehensive format
Raw Logs Search result displays logs in syslog format
Search Results
Upload Time Time of log
Log Component For file type Audit Logs, Log Component is GUI
For file type System, Log Component is System
Status  Successful
 Unsucessful
Username Username of the user
IP address IP Address of the user
Message Message associated with the log
Message ID Message ID
Table – Search Logs screen elements
118 OF 123
CCMS Monitoring
The administrator can monitor CCMS for policy configuration changes, management console changes
and system events using CCMS logs. In addition, the administrator can view status of the various
signature distribution servers and update them as and when required.
CCMS includes a system to view the events and activities occurring through CCMS from Event
Viewer. Events for various modules – Policy Configuration, Management Console and System are
logged and can be viewed for required date and time.
 Event Viewer
Event Viewer
The administrator can monitor CCMS for policy configuration changes, management console changes
and system events using CCMS logs. In addition, the administrator can view status of the various
signature distribution servers and update them as and when required.
CCMS includes a system to view the events and activities occurring through CCMS from Event
Viewer. Events for various modules – Policy Configuration, Management Console and System are
logged and can be viewed for required date and time.
CCMS displays events in expandable three level tree format. By default the event tree is displayed in
collapsed format. Click to expand the tree to view event details.
 First level shows CCMS Group/Global/Appliance Level Event Message.
 Second Level shows response for each appliance (on which entity is pushed)
 Third level shows response of dependent entities
Event Viewer page allows to view the logs for various modules – Policy Configuration, Management
Console, System Events. This page gives consolidated information about all the events that occurred
for the respective modules and information can be filtered based on event id, username or IP
address.
To view logs, go to Management Console > Event Viewer > Event Viewer.
Select date for the log and one of the following modules:
 Policy Configuration log – Log provides information of the administrative events and task
occurred at global and appliance level.
 Management Console log – Log provides information of the administrative events and task
occurred at CCMS
 System Events – Log provides information of the system events
119 OF 123
Screen – Event Viewer
Policy Configuration Events
Time Time when the event has occurred.
Event Event ID
Username Name of the admin user
IP address IP address of the admin user
Entity Name of the entity through which the event occurred
Sub Entity Name of the sub entity through which the event occurred
Action Operation requested by entity. Possible operations:

 Insert/Update
 Delete
 Apply
 Custom
Status Displays status of the operation on selected appliance(s). The

status field consists of three numbers in Green, Red and
Yellow color code.
 Number in Green displays number of appliances where

the configuration update has been done successfully.
 Number in Red displays number of appliances where

the configuration update has not been applied
successfully. Option to Retry failed configuration
settings has been given next to number of fialed events.
This option allows administrator to re-apply those policy
configuration changes which are not successfully
120 OF 123
pushed on managed appliances.
 Currently CCMS supports Auto-Retry functionality for

disconnected appliances only, which means if a
disconnected appliance gets connectivity in next 8
(eight) hours CCMS tries to push the configuration
changes again on that appliance. With ‘Retry’ option the
CCMS administrator can push failed configuration
events manually on connected appliance(s) as well.
 Number in Yellow displays number of appliances where

the configuration update is pending.

 Fail – When configuration changes are failed at global
level.
 Retry – Click to re-apply configuration update in case of

failed events.
Appliance Name of the appliance(s) on which the action has been

performed
Message Details of the event.
Management Console Events
Event Event ID
Username Username of the admin user
Entity Name of the Component through which the event occurred
Sub Entity Name of the Sub Component through which the event
occurred

 Appliance Backup
 Update
 Appliance latest firmware check
 Insert
 Authentication
 Version Upgrade
 Delete
Status Successful or failed
Message Details of the event.
System Events
Entity Name of the Component through which the event occurred
121 OF 123
Sub Entity Name of the Sub Component through which the event
occurred

 Synchronization
 Information collection
 Update
 Insert
Status Successful or failed
Appliance Appliance on which the event occurred
Message Message for the event

Table – Event Viewer screen elements
122 OF 123

Administrator Guide

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Administrator Guide

Загружено:

Авторское право:

Доступные форматы

Cyberoam’s on-Cloud Management Service

Cyberoam’s on-Cloud Management service (CCMS) is a cloud-based management service for

Part 1 - How to Start Using CCMS

Part 2 - Manage Cyberoam Network Security Appliance(s) using CCMS

This section further covers following sub-sections:

Advanced CCMS Configuration

Item Convention Example

Topic titles Shaded font

Subtitles Bold & Black

Visit www.cyberoam.com for the regional and latest contact information.

This section is divided into following sub-sections.

 Cyberoam’s on-Cloud Management Service for Partners

Cyberoam’s on-Cloud Management Service for Partners

Logon to https://partner.cyberoam.com/ using your user credentials.

Screen – CCMS Settings – Users

Username Displays network administrator username. Tick checkbox against the

First Name Displays first name of the user

Last Name Displays last name of the user

Primary User Displays whether the user is primary or not.

A primary user has complete control over configuration and

Email Address Email Address of the user

Screen – CCMS Settings – Customer Enrollment

Screen Elements Description

Partner Name Displays name of the partner.

Email Displays registered Email address of the partner.

Country Displays name of the Country, where the partner is located.

Category Displays category of the partner.

Manage Click to view list of appliances available with the partner.

Screen Elements Description

Appliance Key Displays appliance key of the Cyberoam Appliance.

Select appliance(s) to send CCMS program request.

Customer Name Displays name of the customer.

Email ID/Username Displays registered email ID of the customer.

Status Displays CCMS program request status for the appliance.

Once the request has been accepted, it displays date of service

Close Button Click to close appliance list

Login to http://customer.cyberoam.com/ using your user credentials.

Click Accept to accept the CCMS program request.

If you want to unsubscribe CCMS, click Deny.

Go to System > Administration > Central Management to configure central management

Login to https://partner.cyberoam.com/ using your user credentials and go to On-Cloud

Click to add newly discovered appliance(s) to CCMS.

Appliance Key Specify appliance key.

IP/Domain Specify IP address of the appliance.

Admin Username Specify Administrator Username of the Appliance.

 This Appliance will fetch updates from Central Management

Description Specify description of the Cyberoam appliance

Administrator Click hyperlink to add additional information of CCMS Administrator

Administrator Name Specify name of the CCMS Administrator

Contact Number Specify contact number of the CCMS Administrator

Email ID Specify email ID of the CCMS Administrator

OK Click to add appliance.

Cancel Click to return on Appliance Management page

 Web Admin Console

Connecting Web Admin Console

Asterisks are the placeholders in the password field.

Select your preferable GUI language.

User name Specify user login name.

Password Specify user account Password.

Language Select CCMS GUI language.

Appliance Group Dashboard

Screen Elements Description

Logged In User Name of the logged in user

Account Name Name of the account holder company