Transcript Cyberoam iView

Securing You
www.cyberoam-iview.com
Intelligent Logging & Reporting
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Cyberoam iView - Intelligent Logging & Reporting
1. Cyberoam iView Overview
2. Cyberoam iView Appliance
3. Deployment Scenario
4. Open Source Downloads
5. Screen Shots
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Cyberoam iView – An Overview
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Internal Threat
 Dupont’s confidential data stored in Electronic Data Library
(EDL) server
 Former DuPont research scientist stole proprietary technical
information valued at $400 mn
 Downloaded 22,000 abstracts
 Viewed 16,700 PDF documents
 Majority of compromised data irrelevant to employee’s areas
of research
 Stolen data covered DuPont’s technology and product lines
 Few in R&D stage
 Internal probe by Company revealed
 Unusually high EDL usage
 Huge volume of abstracts and reports accessed
 Employee’s behavior discovered from database access
logs
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
External Threat
 In 2007, Monster.com lost personal information of more
than 1 million people
 A Trojan horse, Infostealer.Monstres, stole records of
people posting resumes on Monster.com
 Personal details like name, email address, home address,
phone numbers and resume ID stolen
 Details uploaded to a remote server under the control of
attackers
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
External Threat
 Verus, Inc. exposed an untold number of patient account
information on the web
 Company built and maintained Websites and services for
40-60 hospitals nationwide
 A Verus, Inc. employee forgot to restore a firewall after
transferring data between servers
 The company went out of business
 About 90,000 patients involved in the breach
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Need for Centralized Logging-Reporting
 Organizations require a complete security picture
 Logging & Reporting tells the Who, What, When, Where and
How of organization’s activities
 Centralized logging & reporting delivers visibility across  Devices
 Systems & Solutions
 Locations
 Irrespective of vendor-specific devices or solutions
 Security Information & Event Management (SIEM) Market
 $1.1bn SIEM market by 2011
 Rise of 19.3% CAGR through 2012
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
 Intelligent Logging and Reporting solution
 Ability to log and report activities from various devices/vendors
 Networking Devices
 Security Solutions
 Applications
 Servers
 Operating Systems
 And more
 Unique ability – Shows “Who is doing What”
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Security
Management
Data
Protection
Forensic
Analysis
Compliance
Management
Identity
Logging
Reporting
Servers
Desktop systems
Logs & Events
Applications
Firewalls
UTM
IDP / IPS
Switches
Routers
Cyberoam iView’s Logging & Reporting Facilitates Security, Compliance, Forensics
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Features of Cyberoam iView
 Log Management
 Near real-time log retrieval
 Archival and Search facility
 Security Management
 iView dashboard – Shows network attacks on single
screen
 Drill-down reports – 3rd level drill-down for attack details
 Identity-based logging and reporting – Pinpoints the user
 1000+ Reports
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Features of Cyberoam iView
 Compliance Management
 Reduces compliance costs
 Single click access to reports - Simplified compliance
management
 Easy visibility into access by users
 Forensic Analysis
 Reconstructing sequence of events in a security breach
 Reporting stands in the face of legal scrutiny
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Benefits of Cyberoam iView
Security Benefits
 Centralized control
 Identifies attacks based on –
 Attack Reports (Type of Reports)
 Deviation from norm in access or usage of resources
 Allows quick investigation and determination of cause of breach
Compliance Benefits
 Access and Usage logs of
 Activity in critical applications, databases
 Data transmitted to external entities
 Enables setting user identity-based thresholds for acceptable
use
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Cyberoam iView Appliance
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Appliance Features
 Custom built appliance for Cyberoam iView logging and
reporting
 High Capacity Terabyte storage
 Data Redundancy - RAID Technology
 Hardened OS for security against attacks and system
downtime
 Fine-tuned software optimized for hardware and high capacity
 Central reporting and storage for logs from multiple devices
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Appliance Benefits - Customers
 Custom built Hardware
 Enables better stability and performance
 Turnkey Logging & Reporting Solution
 Save Time & Cost for deployment
 Single point of contact for Support
 Terabytes of storage space
 Meets compliance needs
 Long-term reporting/archiving needs in Enterprises
 Data Redundancy
 Faster data retrieval, event investigation
 Storage reliability
 Safety of logs, reports in case of disk failure
 Reliable support through telephone, chat and email
 8x5 and 24x7 support
 Annual Maintenance Contracts
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Appliance Benefits - Partners
 Custom built Hardware
 Enables better stability and performance
 Turnkey Logging & Reporting Solution
 Save Time & Cost for deployment
 Single point of contact for Support
 Provide Value for money to Customers
 Addition of Independent Logging & Archival solution to the
partner offering
 Out of box support for multiple network devices like Linux, Squid,
Cisco, Fortinet, Sonicwall etc
 Support for any Syslog enabled device
 Turnkey offering for Multi appliance deals along with central
reporting
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Appliance Benefits - Partners
 Logging-reporting for –
 All security solutions in their portfolio
 New network devices that are added continuously
 Expanded portfolio & sales potential
 Upsell to existing customer base with multiple security
solutions or devices
 Add new customers
 Meet MSSP needs
 Target the Compliance driven market
 Added revenues and profitability
 Cyberoam support in meeting sales objectives
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
CR-iVU Series
Specifications
Total Hard Drive Capacity
CR-iVU 25
500GB/R1
CR-iVU 100
1.5 TB/R5
CR-iVU 200
3TB/R5
RAID storage Management
Number of Hard Drives
RAM
Events per Second (EPS)
Devices Recommended
Yes
2 (500 GB)
1 GB
250
25
Yes (1,5)
4 (500 GB)
2 GB
1000
100
Yes (1,5)
4 (1 TB)
4 GB
2000
200
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Integration with Vendors/Devices
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Devices Supported
 Firewall
 Linux Iptables / Netfilter firewall
 UTMs
 Cyberoam
 Fortigate
 SonicWall
 Cisco
 HTTP proxy
 Squid
 Any System with Syslog Support
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Deployment Scenario
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Cyberoam iView integrated with multiple devices & locations
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
You
IntelligentSecuring
Logging
& Reporting
Open Source Downloads
 Free to download from Sourceforge.net
 http://sourceforge.net/projects/cyberoam-iview/
 High number of downloads
 Total Downloads till date– 9400+
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Screenshots
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Main Dashboard Gives At-a-glance View of Organization’s
SecurityPvt.Scenario
© Copyright 2012 Elitecore Technologies
Ltd. All Rights Reserved.
www.cyberoam.com
Securing You
www.cyberoam.com
Multiple Traffic Reports on a Single Screen
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
www.cyberoam.com
User Identity-based In-Depth
Reporting
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.
Securing You
Thank you
www.cyberoam.com
© Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.