Cyberoam Presentation - SecureOne Distribution Sdn Bhd
Download
Report
Transcript Cyberoam Presentation - SecureOne Distribution Sdn Bhd
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Identity-Based Unified Threat Management
One Identity – One Security
Presentation
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Agenda of Presentation
•
•
•
•
•
About Company
Challenges of UTM Scenario
Introduction to Cyberoam
Cyberoam Credentials / Awards/ Accreditations
Cyberoam Product Walk-thru
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Est. in 1999
500+ Employees
ISO 9001-2000 Certified
Presence in USA, Asia, Middle East
Product installations in 55+ Countries
Invested by $90bn World’s Largest
Private Equity Group
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
UTM : Unified Threat Management
A solution to fight against multiple attacks and threats
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
UTM
Unified threat management (UTM) refers to a comprehensive
security product which integrates a range of security features
into a single appliance.
A true UTM Appliance should have following features in single
solution:
1. Firewall
2. VPN
3. Intrusion Detection & Prevention
4. Gateway Level Anti-virus for Mails, Website, File Transfers
5. Gateway level Anti-spam
6. Content Identification & Filtering
7. Bandwidth Management for Applications & Services
8. Load Balancing & Failover Facilities
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Benefits of UTM Appliances
Reduced complexity
All-in-one approach simplifies product selection, integration and support
Easy to deploy
Customers, VARs, VADs, MSSPs can easily install and maintain the products
Remote Management
Remote sites may not have security professionals – requires plug-and-play appliance for
easy installation and management
Better Man Power Management
Reduction in dependency and number of high end skilled Human resources
Managed Services
Security requirements & day to day operations can be outsourced to MSSPs
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Challenges with Current UTM Products
Lack of user Identity recognition and control
Inadequate in handling threats that target the user – Phishing, Pharming
Unable to Identify source of Internal Threats
Employee with malicious intent posed a serious internal threat
Indiscriminate surfing exposes network to external threats
50 % of security problems originate from internal threats – Yankee Group
Source of potentially dangerous internal threats remain anonymous
Unable to Handle Dynamic Environments
Wi-Fi
DHCP
Unable to Handle Blended Threats
Threats arising out of internet activity done by internal members of organization
External threats that use multiple methods to attack - Slammer
Lack of In-depth Features
Sacrificed flexibility as UTM tried to fit in many features in single appliance.
Inadequate Logging, reporting, lack of granular features in individual solutions
Need for Identity based UTM…
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Layer 8 Firewall (Patent-pending Technology)
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Patent Pending: Identity-Based Technology
User
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam – Identity Based Security
Cyberoam is the only Identity-based Unified Threat
Management appliance that provides integrated Internet
security to enterprises and educational institutions through
its unique granular user-based controls.
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam Appliances CRi Series
CRi series for SOHO (Small Office-Home Office)
& ROBO (Remote Office-Branch Office)
CR 15wi - Wireless
CR 15i
CR 25ia
CR 35ia
CRi series for Small to Medium Business
CR 50ia
CR 100ia
CR 200i
CRi series for Medium Enterprises
CR 300i
CR 500ia
CR 750ia
CRi series for Large Enterprises
CR 1000i
CR 1500i
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Basic Appliance
•
•
•
•
•
•
Identity-based Firewall
VPN
Bandwidth Management
Multiple Link Management
On Appliance Reporting
8*5 Tech Support & 1 Year Warranty
Subscriptions
•Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included)
•Gateway Anti-spam Subscription
•Web & Application Filtering Subscription
•Intrusion Prevention System (IPS)
• 8*5 Tech Support & 1 Year Warranty
Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
2008 - Emerging Vendor of the Year
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Certifications
UTM Level 5 complete UTM certification
Premium
Anti-Virus
Anti-Spyware
Anti-Spam
URL Filtering
Firewall
VPN
IPS/IDP
Certifications - pipeline
ICSA Certified
Firewall
VPNC Certified for Basic VPN
& AES Interoperability
IPv6 compliance
ICSA Certification
for High
Availability
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Five Star Rated – Three Years Running
March 2008 – UTM Roundup
Cyberoam CR1000i
July 2007 – UTM Roundup
Cyberoam CR250i
“console is well organized and
intuitive to navigate”
“flexible and very powerful”
“Fully loaded, with many great
features”
“packs a more serious punch”
“can restrict or open internet access by
bandwidth usage, surf time or data
transfer”.
Year 2009 – UTM Roundup
One of the best UTM
Finalist in SC Magazine Awards 2009, Europe
Cyberoam has been short-listed as a finalist for the Best SME Security
Category
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
“deserves credit for its flexible configuration options,
extensive security, content filtering, and bandwidth
management features. “
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Awards
Get top tech company
From Zdnet Asia 2008/09
Finalist - 2008 Global Excellence
in Network Security Solution
Finalist – PC pro awards 2009
for the Business Hardware of the year
2007 Finalist American Business
Awards
2007 Finalist Network Middle East
Award
Best Security Product
Best SMB Networking Vendor
Tomorrow’s Technology Today
2007
CRN – Emerging Tech Vendors
2007
VAR Editor’s Choice for Best
UTM (2007 –left , 2008-right)
Received Gold Award from IDG
Channel World Magazine
Best network security vendor 2009
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
GLOBAL PRESENCE (Over 55 Countries)
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Global Clientele
USA Largest Chain Store
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Education:
DY Patil Institute of
Management
Cyberoam
客戶參考
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
BFSI & Govt. Clientele
BSNL
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Malaysia Government Clients
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Malaysia Corporate Clients
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam Product walk thru
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Normal
Firewall
Cyberoam
- Identity Based UTM
• Rule matching criteria
- Source address
- Destination address
- Service (port)
- Schedule
- Identity
• Action
- Accept
- NAT
- Drop
- Reject
•
However,
fails inControls
DHCP, Wi-Fi
Unified Threat
(per environment
Rule Matching Criteria)
- IDP Policy
- Internet Access Policy
- Bandwidth Policy
- Anti Virus & Anti Spam
- Routing decision
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Next Generation
Layer 7 Firewall
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
1st Generation Firewalls
Port 80
80
80
21
443
443
Port 443
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Application Firewalls – CR Version 9
Bit
Skype
Torrent
Web
Mail
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Next Generation Firewalls – Version X
You
Casual
Sales
IM
Web
Traffic
ERP
Tube
CRM
Application
force
mail
Application Firewall
Crowd of Applications
Bandwidth Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Next Generation Firewalls
You
Tube
IM
Web
mail
Application
ERP
CRM
Casual
Traffic
Sales
force
Application Firewall
Crowd of Applications
Bandwidth Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
New Architecture &
Firmware
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Salient Features of the
NG GUI
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Accordion Menu & TABs for easy navigation of menu items
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Easy Access Top Panel
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Identity-Based Content Filtering
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Web and Application Filtering Features
Database of millions of sites in 82+ categories
Blocks phishing, pharming, spyware URLs
HTTP upload control & reporting
Block & Control Applications such as P2P, Streaming, Videos/Flash
Local Content Filter Database to reduces latency and dependence
on network connectivity.
Customized blocked message to educate users about organizational
policies and reduce support calls
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Identity Based Policies
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Educate Users with Custom Denied Messages and
Reduce Your Support Calls
http://www.screensaver.com
James
Dear Mark,
The web site you are trying to access
is listed within the category SpywareandP2P
It can result in download of spyware and adware which result in popups.
They are a threat to you and the enterprise and can slow the network down.
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Identity-based Bandwidth Management
Application and Identity-based bandwidth allocation
Committed and burstable bandwidth
Time-based, schedule-based bandwidth allocation
Restrict Bandwidth usage to a combination of source, destination and
service/service group
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
External Authentication
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Authentication and External Integration
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Advanced Multiple Gateway Features
Active-Active Auto Link Failover & Load Balancing
Active-Passive Auto Link Failover
Source & Destination Routing
Support for more than 2+ ISP links
Schedule based bandwidth assignment
Gateway Alerts on Dashboard
Bandwidth Utilization Graphs
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Gateway Anti-Virus
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Gateway Anti- Virus Features
Scans WEB, FTP, Pop3, SMTP & IMAP traffic
Self-service quarantine area
Signature update ever 30 Mins
Identity-based HTTP virus reports
Disclaimer Addition to outbound emails
Spyware and other malware protection including “Phishing” emails
Block attachment based on Extensions (exe, .bat, .wav etc)
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Gateway Anti-Spam
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Gateway Anti-Spam Features
Spam filtering with (RPD) Recurrent Pattern Detection technology
Virus Outbreak Detection (VOD) for zero hour protection
Self-Service quarantine area
Content-agnostic
Change recipients of emails
Scans SMTP, POP3, IMAP traffic
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
RPD (Recurrent Pattern Detection)
Protects against Image-based Spam and spam in different languages
The spam catch rate of over 98%
1 in Million false positives in spam
Local cache is effective for >70% of all spam resolution cases
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Intrusion Prevention System (IPS)
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
IPS Features
Multiple and Custom IPS policies Identity-based policies
Identity-based intrusion reporting
Ability to define multiple policies
Reveals User Identity in Internal Threats scenario
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam in Numbers
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Other Network / System Features
• High Availability (Active-Active / Active-Passive)
• Stateful Failover
• VPN Failover
• Dynamic Routing (RIP, OSPF, BGP)
• NTP Support
• Multiple Configurable Syslog Server Support
• GUI based Real Time Firewall Log
• Roll Back (Roll back to last upgraded version)
… And Much More
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Multicore Processor-based Cyberoam
What is Multi-core:
More than one processors working together to achieve high
processing power.
Benefits:
Purpose-built Hardware
True Parallel Processing
Each processor is programmed to run tasks parallel
In case of a new attack, Cyberoam appliances do not suffer from
performance degradation associated with switching from ASIC-
based acceleration to general-purpose processors.
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam Reports are placed on Appliance
Other UTMs
Reporting Module/
Device
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Integrated iView
Reporting
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
iView
(Cyberoam Aggregated Reporting & Logging Software)
Subscription free On-Appliance Reporting
Real-time Monitoring and Alerting
Over 1100+ Drilldown Reports
Reports in HTML, MHTML, PDF, & CSV formats & Email Alerts
Web 2.0 GUI and Reporting interface.
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Instant Messaging
Logging & Control
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Instant Messaging Logging & Control
• Yahoo & Windows Live Messaging
• Control Who Communicates with Whom
• Control Webcam usage
• Control Voice Usage
• Individual as well as Group Control
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Instant Messaging & Control
Control communication medium
(chat, video, voice)
Archive
Communication
Data Protection
Control who can chat with whom
Productivity
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
VPN Features
Cyberoam supports IPSec, SSL VPN, L2TP, PPTP
Threat Free Tunneling (TFT)
VPN Firewall Management
VPN Bandwidth Management
VPN Protection – Antivirus / Antispam / IPS / Content Filtering / DoS
VPN Topologies:
Road-Warrior (Remote Access), Site to Site
Hub & Spoke
VPN Failover
Main Mode / Aggressive Mode
Identity based VPN control using xAuth
Local digital certification authority (CA) and support external CA
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
SSL VPN Enhancements
• Application Access Mode within Web Browzer
• HTTP, HTTPS
• RDP
• Telnet , SSH
• FTP
• SSL VPN Client
• Save Password
• Auto Start VPN Connection
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Stability
& Performance
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Stability & Performance
• Firmware based approach
• ~10 second Soft Reboot Time
• Fast GUI Access
• Extensible Architecture vs ASIC
• Preparing for upcoming threats
• HTTP Proxy Enhancements for HTTP 1.1 protocol
• Extensive Logging and Log Viewer for Instant Troubleshooting
• Getting ready for the Enterprise.
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
…And Much More
• Role Based Access Control
• Multiple Authentication Support for User
• External Authentication for Administrator
• Customer My Account Revamp
• HTTP DDoS attack protection
• Naming Firewall Rules for easy troubleshooting
• HTTP & FTP scanning over custom ports
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
…And Much More
• Inline Captive Portal
• HTTPS
• Super Enhanced Packet Capture Log & Log Viewer
• VLAN over WAN
• Support for MD5 Authentication for RIP & OSPF
• Enhanced IPS Actions
• Drop Connection
• Drop Attack Source
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
IPv6 Ready
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam – With IPv6 Ready Logo – Only 2
IPV4
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
IPv6 Ready
• Only the 2nd UTM
• IPv4IPv6 tunneling
• IPv6IPv4 tunneling
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
3G & Wimax USB Card Connectivity
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Version X
Summary
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Security
Connectivity
Productivity
•Application Control
•3G Support
•SSL (HTTPS)
Scanning
•IPv6 Ready
•Instant Messaging
•Firmware based
Control
Approach
•Usable GUI
•SSL VPN
Application Access
Mode
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Cyberoam: Identity-based Security
Overview of Cyberoam’s Security Approach:
Who do you give access to: An IP Address or a User?
Whom do you wish to assign security policies:
Username or IP Addresses?
In case of an insider attempted breach, whom do you wish to
see: User Name or IP Address?
How do you create network address based policies in a DHCP
and a Wi-Fi network?
How do you create network address based policies for shared
desktops?
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Question/Answer Session
Cyberoam
Cyberoam
- Unified
Threat Management
Unified
Threat
Management
Thank You
Please visit us at www.secureone.com.my