Cyberoam Unified Threat Management

5,777 views
5,532 views

Published on

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,777
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
522
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Cyberoam Unified Threat Management

  1. 1. www.cyberoam.com Cyberoam USP Presenter: <Name> <Position>, Cyberoam Our Products© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All RightsCopyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. © Reserved. www.cyberoam.com
  2. 2. Cyberoam Introduction Technology Powerhouse 450+ Employees Backed by World‟s Largest PE Investor ($156bn) – the Carlyle Group Sales, Distribution Channel and Customers across 125+ Countries Amongst the top 3 global players for UTM features Patent-pending Identity-based Management© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  3. 3. One stop shop: Cyberoam‟s Holistic Security Solutions Network Security Centralized security Management Network Monitoring & Analysis Securing Home users© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  4. 4. © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  5. 5. Cyberoam UTM – Comprehensive Network Security Layer 8 security Support for 3G/4G/WiMax© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  6. 6. Cyberoam UTMs offer…  Gigabit Firewall Throughputs  Powerful Hardware  Superior Quality  Value for Money  Cyberoam OS© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  7. 7. Cyberoam Architecture Powerful Hardware Intelligent Firmware  Multicore Gigahertz processors for  Tight integration with Nano second security processing Hardware  Gigabit Ports to integrate with  Network & Crypto Gigabit network Acceleration  Faster, Next-Gen Memory and High Capacity Storage for superior performance  Industrial grade components to withstand extreme environments© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  8. 8. Cyberoam Innovation: Layer 8 Security Cyberoams Layer 8 Technology treats “User Identity” as the 8th Layer in the protocol stack Cyberoam UTM offers security across Layer 2-Layer 8 using Identity-based policies© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  9. 9. AAA over single UTM appliance Identity-based AAA Users Cyberoam Cyberoam Cyberoam Employees Authenticates Authorizes Audits Management • User Name • Internet surfing quota • Identity–based • IP Address • Schedule control Logs + Reports • MAC Id • Security Policies • Compliance • Session Id • Web Filtering Reports • Application Visibility & Control • QoS / Bandwidth Customers Management • IM Controls Partners Control user network activities Ability to track the user • Who can connect to the network Take quick network security activities; identify attackers • Who can access what decisions • What have they accessed /victims© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  10. 10. Identity-based Security Corporate LAN DHCP 192.168.3.110 192.168.3.105 Steve Richard Internet Ancy  Applies security policies based on actual identity of users.  User-specific rules for multiple users to share a common IP address Administrator© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  11. 11. Prioritize applications with Layer 7 and Layer 8 controls Internet Cyberoam Appliance Application Traffic Visibility Control Manage Bandwidth Business Critical Socio business Non Critical Infected Applications Blocked worms Spyware Undesirable Logs & Reports Controls over applications based on User Identity, Time, Application and Bandwidth© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  12. 12. Granular classification of applications Category Risk Level Characteristics Technology File Transfer Very Low (1) Excessive Bandwidth Browser Based Gaming Low (2) Prone to misuse Client Server General Internet Medium (3) Instant Messenger High (4) Transfer files Network Protocol Infrastructure Very High (5) Tunnel other apps P2P Network Services Widely used P2P Proxy and Tunnel Loss of Productivity Remote Access Can bypass firewall policy Streaming Media VoIP Mobile Applications Social Networking Web Mail And more…© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  13. 13. Granular classification of applications Proactive Protection model: Eliminates the need for manual intervention by administrators to update policies for new applications added to the list Select P2P Applications Set Action Block all future P2P applications without adding applications manually© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  14. 14. Instant Messaging Controls Control communication medium (chat, video, voice, file transfer) Archive Communication Data Protection Control who can chat with whom Productivity Prevent data leakage Control loss of productivity Forensic Analysis • Block specific keywords • Control access over chat, voice, • IM audit logs • Block regular expressions (RegEx) video, file transfer • Filter logs based on Users, IPs, e.g. social security no., credit card • Control who can chat with whom Messages based on keywords no., ABN routing numbers© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  15. 15. On-appliance Logging & Reporting  Real time visibility into user and network activities  Traffic Discovery - Real-time visibility into bandwidth utilization by user, protocol, application Security Forensic Management Analysis 1200+ Reports Data Compliance Protection Management© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  16. 16. Layer-8 User-based Reports© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  17. 17. Layer-8 User-based Reports© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  18. 18. Dual Dashboard – Traffic & Security Dashboard Traffic Dashboard© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  19. 19. Dual Dashboard – Traffic & Security Dashboard Security Dashboard© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  20. 20. Application Reports© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  21. 21. Compliance Reports© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  22. 22. Interactive World Traffic Map Interactive World Traffic Map for Source and Destination traffic© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  23. 23. Traffic Discovery© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  24. 24. Traffic Discovery© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  25. 25. Stateful Inspection Firewall  Unified Security  Application Firewall Security  Identity-based Firewall Policies Firewall Rule  Layer 8 Geo-based Traffic Control Connectivity Policies - Control incoming/outgoing traffic Productivity from/to a specific country Policies  FastPath Technology - To improve processing speed and Unified Security reduce CPU overhead  Rules for all security features from firewall page  Easy navigation and increased administrative productivity© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  26. 26. Configure rules for all features from Firewall page Identity + Security + Productivity + Connectivity© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  27. 27. Threat Protection Features Intrusion Prevention System Gateway Anti-Virus, Anti- spyware - Layer 8 and IPS Tuner driven - 4 million+ signatures - Identity-based IPS policies per user, group and - Bi-directional scanning: Web & Email IP address - Self-service Virus Quarantine - Allows multiple IPS policies - Scans HTTP, FTP, SMTP, POP3, HTTPS, IMAP and - Identity-based alerts & reports IM traffic - 4500+ signatures – broadest security cover - Instant visibility into Attacker/Victim Cyberoam Security Center Anti-Spam (Inbound/Outbound) DoS & DDoS Protection - Three level scanning: - Packet Rate Limit  IP Reputation filtering - Protection against flood attacks  Real-time Blackhole List (RBL) Continuously updated via - SYN Flood  Recurrent Pattern Detection (RPDTM) technology - ~98% spam detection Cyberoam Security Center - TCP Flood - UDP Flood - Self-service Quarantine and Spam Digest - ICMP Flood - Scans SMTP, POP3, IMAP traffic - IPS Signature to prevent attacks - Virus outbreak detection for zero-hour protection - Protocol Anomaly© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  28. 28. On-appliance Web Application Firewall (WAF)  Firewalls/IPS cannot protect a web application from unknown threats WAF protection on Cyberoam UTM  Protects web-apps and web servers from hackers  Positive protection model and No Web & Traditional Signature Tables Application Database Firewall  Intuitive website flow detector Server Server Cyberoam UTM offering Automatically adapts to website WAF protection changes  Protects against OWASP top 10 web-app vulnerabilities  SSL Offloading  Monitoring & Reporting Organizations IT network Unauthorized access blocked Cost Effective Does not require any changes Easy to deploy No need to buy dedicated hardware in setup WAF© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  29. 29. Virtual Private Network (VPN) Embrace BYOD with mobile  Support for IPSec, L2TP, VPN clients PPTP, SSL VPN Supported VPN Clients  Threat Free Tunneling (TFT)  MacOS Technology  iOS  Android Devices - Scans VPN traffic for Malware, Spam, Inappropriate content, Intrusion attempts iOS  Advanced features for business continuity - MPLS failover to VPN IPSec VPN L2TP VPN - VPN failover PPTP VPN SSL VPN -Client less Android -License free L2TP VPN© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  30. 30. Web & Content Filtering Industry‟s most comprehensive URL database 44million+ URLs in 82+ categories Controls access to HTTP/HTTPS websites Regular Web category Blocks Google Cache pages updates Blocks Embedded URLs Cyberoam Security Center Blocks Malware hosting sites Detects & Blocks Third Party Proxy and Tunneling sites Filters Web 2.0 content Proxy Proxy Allowed Malware Google Blocked Embedded Web & Website Internet Web Websites Websites hosting cache/ URLs 2.0 Tunneling HTTP 2.0 HTTP/ HTTP pages sites HTTPS sites HTTPS /HTTPS© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  31. 31. Web & Content Filtering  Manage productivity by controlling access to unwanted sites  On-appliance web category database  Faster access  Surfing pattern privacy  Control Data Leakage  Blocks file uploads to web pages  Helps meet regulatory compliance requirements  Prevent productivity loss with identity-based approach  Customize blocked messages to educate users on corporate policies “YouTube for Schools” for Educational Institutes  Allows access to selected educational content  Blocks all inappropriate, peripheral content such as ads, comments & links© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  32. 32. Best of Breed Bandwidth Management / QoS User/Users Web Bandwidth policies tied with User group Firewall Rule Category Application© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  33. 33. Best of Breed Bandwidth Management / QoS  Create a bandwidth policy on a combination of  User or User Group /Department  Application or Application Category  Web category  Allows great flexibility and real L2-L8 visibility and control  Bandwidth sharing with priority  Schedule-based bandwidth allocation Committed bandwidth Burstable bandwidth • Allocate dedicated bandwidth • Share the unutilized bandwidth Marketing When Group user is not 6mbps connected CEO Manager ERP System 5 mbps 2 mbps 8 mbps Manager Employee 1 Employee 2 2mbps 3mbps 2mbps 3mbps 2mbps© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  34. 34. Business Continuity Features  High Availability - Active-Active & Active-Passive - Reduces single-point-of-failure - Maximizes network uptime - Ensures continuous network security  Multiple Link Management with Automated Load Balancing - Multiple WAN and WWAN (3G/4G, WiMax) link management with multiple failover conditions - Active-Active and Active-Passive Auto Link Failover - Gateway failover over VPN Sales Dept. ISP1 MPLS (10 mbps) Dev. ISP2 Dept. (5 mbps) ISP3 (3G) Finance (3 mbps) Dept. Organizations IT network Failover Link© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  35. 35. Business Continuity Features  Layer 8 Policy-based Routing - Routes traffic based on Source IP addresses, Protocols & Users - Assures QoS for key users and applications© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  36. 36. Wireless (WLAN) Security  High performance, integrated security over WLAN - Secures wireless networks to the extent of wired networks  Faster performance, broader coverage with 3x3 MIMO Technology - Dual band support: 2.4 GHz or 5 GHz  Multiple Virtual Access Points  Layer 8 over WLAN - Identity-based policies in dynamic IP environment - MAC-based filtering - Supports IP-address pool  Enhances security Engineering Sales Marketing File server Internet ADS ERP© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  37. 37. Safeguard user privacy – 4-Eye Authentication  Prevent the risk of IT administrator from misusing privilege of tracking user activities  2 people: Authorizer and Administrator - Authorizer consent required for the Administrator to view user-specific activities© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  38. 38. SMS (Text-based) Authentication  Needed for hotspots, airports, hotels, corporate offices  Default group can be created for guest users  Sending Internet access credentials using SMS for guest users SMS for Guest users Hotels Airports© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  39. 39. Cyberoam features assure Security, Connectivity, Productivity Organizations cannot afford to compromise on any of these. The right SCP balance is essential!© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  40. 40. Customer Support System Web Support • Support available across all time zones Chat Support • Global Support Excellence - ITIL compliance (ISO 20000) • Appliance Registration and Upgrade • Subscribe security features • Email Create support tickets • Support Request RMA Phone Support Knowledge base© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  41. 41. Partner Support System Web Support Region specific dedicated Technical Account Chat Managers (TAM) Support • Ordering & Inventory management • Sales & Marketing tools & resources • Presales Support • Track Appliance/Subscription Email Support Knowledge base© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  42. 42. Cyberoam UTM Product Range Hardware UTM appliances Virtual UTM appliances Small and Remote Offices CR35wiNG, CR35iNG, CR25wiNG, CR25iNG, CR15wiNG, CR15iNG CRiV-1C, CRiV-2C, CRiV-4C, CRiV-8C, CRiV-12C Small and Medium Enterprises CR300i, CR200i, CR100iNG, CR50iNG Large Enterprises CR2500iNG CR1500ia, CR1500ia-10F, CR1000ia, CR1000ia-10F, CR750ia, CR750ia-1F/10F, CR500ia, CR500ia-1F/10F/RP,© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  43. 43. Cyberoam Central Console (CCC)  CCC is for centralized, integrated management and monitoring of Cyberoam UTM devices - Offers complete control over distributed networks from head office (H.O.) or Security Operations Center (S.O.C.) of MSSPs  Available as - Hardware CCC Appliances, Virtual CCC Appliances Mumbai Branch Office New York Branch Office Boston Cyberoam Branch Office UTM Cyberoam UTM Dubai Head Office Cyberoam Cyberoam UTM UTM Cyberoam Central Console (CCC)© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  44. 44. Cyberoam iView – Logging and Reporting  Ability to log and report Security Management Forensic Analysis activities from various devices/vendors Log Compliance Available as Management Management  Open Source software  Appliance Identity Logging Reporting Servers Desktop systems Logs & Events Firewalls Applications IDP / IPS UTM Routers Switches Cyberoam iView‟s Logging & Reporting Facilitates Security, Compliance, Forensics© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  45. 45. CCC & iView product range CCC appliances iView – Logging & Reporting Hardware CCC appliances CCC1000, CCC500, CCC200, CCC100, CCC50, CCC15 CR-iVU200 Virtual CCC appliances CR-iVU100 CR-iVU25 For VMware Server: CCC VMS 200, CCC VMS 100, CCC VMS 50, CCC VMS 15 For VMware Workstation: CCC VMW 200, CCC VMW 100, CCC VMW 50, CCC VMW 15© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  46. 46. Training & Certification Developing competencies with Cyberoam UTM appliances CYBEROAM CERTIFIED NETWORK & SECURITY Professional (CCNSP) CYBEROAM CERTIFIED NETWORK & SECURITY EXPERT (CCNSE) CYBEROAM CERTIFIED TRAINER (CCT)© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  47. 47. Recognized as „Visionary‟ in the Gartner UTM MQ 2009 2010 2012 Magic Quadrant for SMB Magic Quadrant for Unified Magic Quadrant for Unified Multifunction Firewalls Threat Management Threat Management© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  48. 48. Proven track record of Innovation Innovation: Go-to-market strategy in a global market that is quite crowded in its product space. Greatest strength: Product and support through most media 24/7. For Cyberoam, customer commitment means measuring, analyzing and responding to customer attitudes, needs and how customers view Cyberoam products. “One innovative solution to growth and extensibility requirements has been adding an abstraction layer – a sort of Layer 8 on the open systems interconnectionNASSCOM INNOVATION (OSI) model - that allows connection of names. This AWARD 2011 could be users, domains and more. This allows greatly improved granularity of system administration.”© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  49. 49. Clientele Worldwide BFSI Manufacturing Government Education Pharma & Healthcare Telecom & ISP© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  50. 50. Clientele Worldwide Hotels Retail & Services IT/BPO & Media Others© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  51. 51. Product Certifications Member of ICSA Certified Firewall IPv6 Ready Internet Watch Foundation UTM Level 5: Cyberoam holds a unique & complete UTM certification Firewall VPN Anti-Virus Anti-Spyware ICSA Certified VPNC Certified for Basic High-Availability VPN & AES Interoperability Premium Premium Premium EAL4+ Pending Approval Anti-Spam URL Filtering IPS/IDP© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  52. 52. Cyberoam Live Demo Link: http://demo.cyberoam.com Credentials: guest /guest Get a 30 day FREE Evaluation of Cyberoam Virtual appliance© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  53. 53. Thank you Contact: sales@cyberoam.com© Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com

×