Cr vs fortinet


Published on


Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cr vs fortinet

  1. 1. Cyberoam Certifications Westcoast Labs Checkmark Certification: UTM Level 5 Categories: Cyberoam Enterprise Firewall VPN vs. Anti-Virus and Anti Spyware Gateway Premium Level Anti-Spam FortiGate IPS URL Filtering ICSA Certification Category: Corporate Firewall High Availability Awards Winner of 2008/2009 ZDNet Award Category: IT Leader The design philosophy Asias Most Promising Asianbehind Cyberoam UTM is TechnoVisionariesto balance between One Winner of 2007 Global Product Excellence Box Total Solution and Awards - Customer Trust Category:Optimum Performance to For Integrated Security Appliance For Security Solution for Education provide superior value For Unified Security for money. Product Review SC Magazine : Cyberoam UTM Overall Rating: - 5 Stars Cyberoam UTM is Certified by Virtual Fortinet lacks the One Private Network Consortium (VPNC) :Box Solution philosophy Basic Interop AES Interop SSL Portal SSL Firefox SSL Java Script SSL Basic Network Extension SSL Advanced Network Extension
  2. 2. SC Magazine’s Comparative Review: Cyberoam – CR200i: 5 Stars Rating FortiGate-110C: 4 Stars RatingCyberoam’s Real-Time RPD™ Anti Spam TechnologyCyberoam’s RPD™ technology focuses on detecting recurrent message patterns in outbreaks.Message patterns are extracted from the message envelope, headers, and body. Patterns areextracted in real time from the message hashes being continuously sent to the detection centers.A Graphical comparison of Anti Spam Spastics:1. Cyberoam’s Better Spam Detection Rate:
  3. 3. 2. Cyberoam UTM’s Minimal False Positive Rate:If the user wants, Cyberoam also provides a Self Service Spam Quarantine area.Note: • The Fortigate numbers were taken from the Fortigate Knowledge Base. The link has now been disabled. • Fortigate publishes number of Fortimail. It is a secure email appliance and entails extra capital and operational overheads.Cyberoam Minimizes the Window of VulnerabilityCyberoam provides proactive protection against new email-borne virus outbreaks, hours before thesignatures are released. It has introduced the proactive virus detection technology which detects andblocks the new outbreaks immediately and accurately.It provides a critical first layer of defense by intelligently blocking suspicious mail during theearliest stage of a virus outbreak.Gateway Load Balancing vs. Load Sharing: Automated vs. ManualCyberoam UTM provides Load Balancing. FortiGate provides Load Sharing.Load sharing means one can split the traffic from a network to be transported by different routers(paths). So it requires a pre-specified manual route configuration and there is no balancing.
  4. 4. Load balancing means distributing the traffic as per defined weights dynamically among differentpaths to avoid link congestion and saturation. This can be done per destination in a round-robinfashion. The packets sent by a host follow different paths to the same destination. All paths belong toall hosts. So, as per the pre defined weights, the links are used. In case a specific user needs to use aparticular gateway; that can also be configured.Multiple Gateway Support: Cyberoam Checks the Link for its Functional RequirementFortiGate supports a Single Ping Rule to query the status of multiple gateways. If the ISP or theexternal site has blocked the ICMP Ping, this rule can fail.Cyberoam supports Multiple Failover Conditions using which a link status can be queried for thespecific functional purpose. Apart from the ICMP ping, Cyberoam also supports UDP and TCPprotocols to query the link status.This implies that in case a specific link is used for a database server for UDP traffic and the ping doesnot reply, FortiGate will consider it non-functional. While Cyberoam UTM will send an UDP Echo tocheck the link status, and in case it received a reply, the link is functional.ReportingTo get reporting in FortiGate the customer need to purchase and deploy FortiAnalyzer with a Fortigateappliance. This is a steep escalation in terms of Capital Expenditure and Operational Expenditure.In spite of this extra Capex and Opex there are a few reporting features that Fortinet still lacks: 1. User-wise reports of all types (Web Filtering, Internet Surfing, IPS) 2. User-wise Data Transfer 3. User-wise Search Keywords (reports of web searches) 4. Web Surfing Trends reports per: User, Organization, Site, Category(graphical reports) 5. Compliance reporting comprising of: HIPAA, GLBA, SOX, PCI, FISMACyberoam also supports external reporting – iView.Overview of Cyberoam’s Security Approach:• Who do you give access to: An IP Address or a User?• Whom do you wish to assign security policies: User Name or IP Addresses?• In case of an insider attempted breach, whom do you wish to see: User Name or IP Address?• How do you create network address based policies in a DHCP and a Wi-Fi network?• How do you create network address based policies for shared desktops?Cyberoam UTM approaches the Security paradigm from the identity perspective. The blended threatscircumvent the perimeter defense and launch an attack from within. The network’s own resources areused to subvert it. The main target is thus the end user who knowingly or unknowingly breaches theperimeter defense.While providing a robust perimeter defense, Cyberoam UTM’s Identity-based access controltechnology ensures that every user is encapsulated in a tight, yet granular security policy that spansacross Cyberoam UTM’s Firewall/VPN, Gateway Anti Virus, Anti-Spam, Web Filtering, IntrusionPrevention (IPS) and Bandwidth Management solutions.
  5. 5. Head to Head:Points to Ponder Fortigate Cyberoam UTMIdentity based security – Fortigate lacked a user-centric Cyberoam was one of the first UTMCyberoam’s First Movers approach till Forti OS 4.0. solutions that embedded userAdvantage: It has recently added this identity in the firewall rule matchingUTM’s Single platform demands feature, which is still a catch- criteria apart from MAC address, IPan approach that holds the up feature and lacks the level address, protocol and timediverse solutions together to of maturity. schedule.strengthen and provide a Similarly, the firewall actions aresimplistic operational synergy. extended to include policy basedThe best security system is control over all the member securityvulnerable to human error. If the features like Filtering, Anti Virus,end user is contained in a Anti Spam, IPS and Bandwidthdecision matrix, it lends Management.completeness. User’s identity binds Cyberoam UTM’s security features together to create a single consolidated security unit.Total VPN Solution: Fortigate has PPTP, L2TP, Cyberoam has PPTP, L2TP, IPSecWith mobile workforce on the IPSec and SSL VPN, on and SSL VPN, on appliance.rise, VPN has become a appliance.mainstay to promote secureconnectivity to remote users.VPN ensures that theorganizational resources areutilized securely over publicnetworks.
  6. 6. Points to Ponder Fortigate Cyberoam UTMComprehensive Anti Virus and Fortigate does not have a Cyberoam has the industry’s bestAnti Spam Protection: Zero Day Protection. gateway anti virus solution –Viruses, Trojans, Spyware and As they have a proprietary Kaspersky. It has one of the bestother Malware infiltrate an anti virus feature which is response-time as compared toorganization through internet signature driven and reactive Fortinet AV.using various vectors. From mail in nature, the security gap is Cyberoam’s Virus Outbreakto Web surfing to Instant glaring. Detection technology is a proactive,Messaging all are the most Fortigate has a response time signature-less proactive securitycommon mediums of infection. of three (3) hours to release technology, which primarily defendsZero day attacks are a very an anti-malware signature. the organization against Zero Daypotent weapon which is wielded Attacks. Reference:to achieve maximum penetration Cyberoam detects all malware onas the traditional security brief/antivirus_sol_brief.pdf all Web, Mail and IM protocols. Itsystems are reactive in natures also scans forty (40) different typesand rely heavily on signatures. of compressed files. Kaspersky has a response time that is less than 2 hours. References: hp?showtopic=7735 us/comparative_test.php?test=Resp onseAdaptable AV/AS Scans: Fortigate provides limited Using Cyberoam UTM you canFor most users, missing a control over its AV and AS define custom spam filtering ruleslegitimate email is an order of scans. based on sender or recipient, IPmagnitude worse than receiving To get granular controls over address, mime header andspam or virus. the mail traffic, the users are message size.When a critical mail gets urged to buy, FortiMail. You have the flexibility to tweak aclassified as a virus or a spam This is a separate mail spam scan as per your needs,you should have the right to security device. rather than adjusting yourself to thechoose; what to allow and block way a security solution operates. All these are features are given in One Box – Cyberoam.
  7. 7. Points to Ponder Fortigate Cyberoam UTMSelf-service AV Quarantine Fortigate does not have self- The Self-service quarantine areaArea: service quarantine facility. from Cyberoam UTM enablesThe user first has to know that a individual mail recipients to viewmail has been quarantined and and manage their infectedthen get access, to deal with it. messages.So a Gateway AV quarantine The self-service feature removesarea proves to be a bottle-neck user’s dependency on administratorfor users and administrator, to manage user’s quarantine mails.alike.Self-Service quarantine area isthe solution.Superior Spam Filtering: Fortigate is not effectively Cyberoam has an OEM withSpammers use various equipped spam. Commtouch Software Ltd.techniques to circumvent the The users are urged to buy, Recurrent Patterns Detection (RPD)gateway anti spam solutions. FortiMail. technology, based on theMinor changes in the content identification and classification ofand language can easily for the message patterns delivers thetraditional anti spam solutions. industry’s best and highest spam and threat detection capabilities providing protection all types of email-borne threats. The spam detection is not based on the language or the content of the mail.Category Based Bandwidth Fortigate does not have this Cyberoam UTM provides aManagement: feature. comprehensive category basedEnterprises often need to bandwidth management. Thisprovide category based ensures productivity.bandwidth management.Productive and business relatedcategories need to be given apriority over other categories.Disclaimer:The comparison is based on our interpretation of the publicly available information of the compared product.Either of the product features is likely to change without prior notice.This document is strictly confidential and intended for private circulation only. Document Version: 5.0 – 96016 – 14052009