ELITE Presentation cyberoam

  • 4,916 views
Uploaded on

Presentasi tentang Cyberoam oleh ELITE ( Eka Liman Technology ) www.elite-securitysystem.com

Presentasi tentang Cyberoam oleh ELITE ( Eka Liman Technology ) www.elite-securitysystem.com

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
4,916
On Slideshare
0
From Embeds
0
Number of Embeds
9

Actions

Shares
Downloads
185
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Domain name: google.com IP address: 64.233.187.99
  • Cyberoam firewall is the only UTM firewall that embeds user identity in firewall rule matching criteria, enabling enterprises to configure policies and identify users directly by the username rather than through IP addresses. Cyberoam’s powerful hardware firewall provides stateful and deep packet inspection, access control, user authentication, network and application-level protection. Multiple zone security-
  • Threats over email like spam, phishing, viruses, worms, are released in the billions within a short span of time. Today’s attackers launch threats for financial gain rather than out of malicious intent. They mask the originator and launch the attack using a network of zombie machines. With Zombie botnets carrying the ability to send up to 1 billion spam messages within a few hours, the spread of the attack is rapid. Gateway level spam protection for Zero-hour spam detection  To effectively match the speed with which attacks spread, zero-hour responsiveness is required to deliver enterprise security. Zero-hour protection swings into action, generating defenses in the first hour of an attack. Further, the content and characteristics of the message within a single attack differ, making it difficult to identify the threat through traditional methods. Solutions that rely on signature databases are likely to leave the enterprise defenses lowered during the critical first hours of attack. Cyberoam in Partnership with CommTouch RPD (Recurrent Pattern Detection) Cyberoam delivers zero-hour spam protection in addition to image spam defense though Recurrent Pattern Detection (RPD) technology. This unique content-agnostic technology detects and blocks image spam which accounts for almost 35 % of worldwide spam mail and 70% of bandwidth taken by spam.   Cyberoam’s anti-spam protection delivers maximum spam detection with low false positives through relevant, continuous and real-time spam detection. The solution reduces spyware, phishing and adware attempts, controls spam involving pornography while enhancing enterprise productivity by preventing mail systems from being submerged by spam
  • Cyberoam Central Console enables enforcement of global policies for Firewall, Intrusion Detection & Prevention and Anti-virus scanning. This supports the creation and implementation of enterprise-wide security policy to strengthen branch and remote office security while lowering operational complexity.   The Cyberoam Central Console enables administrators to assign security policies based on user’s work profile even in remote locations. This fully leverages Cyberoam's unique user identity-based security approach.  
  • Threats instead
  • The way Cyberoam is licensed… scale from 25-1500 users. Appliance model matches number of users
  • File type & size yang dibatasi sebagai attachment, nanti akan keluar notes bahwa tidak boleh mengirim file tsb dan administrator mendapat notification
  • QQ, ICQ, MSN, Yahoo, TM, UC, POPO, SKYPE, RTX, LSC, ALI, FETION, Google Talk
  • . Handling bug fixes across network : lebih cepat mengatasi bug di berbagai lokasi secara bersamaan

Transcript

  • 1. Identity-Based Unified Threat Management One Identity - One Security
  • 2. What non-work related functions do you use your internet access at the office for ? (Source : www.vault.com)
  • 3.
    • 70% of porn is downloaded between 9am and 5pm
    • The number of hacking sites grew 45% in the past
    • year
    • 1 in 3 companies have detected spyware on their
    • network
    • 80% of network security managers claim their biggest
    • security threat comes from their own employees
    • gartner
    • 5 billion music files were downloaded everyday
    • Source : “computer crime and security survey” The computer Security Institute (CSI)
    COMPUTER CRIME AND SECURITY SURVEY
  • 4.
    • Unable to allocate bandwith to the needy users
    • unable to allocate bandwith to user according to their needs
    • unable to control the heavy downloads of music & video files
    • Facing reduced employee productivity problem due to chatting and
    • web browsing not related to work
    • Small number of users comsuming majority of the bandwith
    • unable to put a check on non-work related traffic
    • The physical connection or the ISP goes down, organization’s vital link to
    • internet also goes down
    • If YES, then you are not the only one, but sailing in the same boat of network managers across the world
    NETWORK MANAGER’S PROBLEMS
  • 5.
    • Allocate guaranteed bandwith per user
    • Automatically allocate the unutilized bandwith
    • Prioritize bandwith to most essential or latency-sensitive traffic
    • Schedule internet access based on time and day to control
    • bandwith
    • Block streaming media files and recreational web surfing
    • Limit upload and download
    • Block virus signatures and patterns
    • Continuous availability of internet / internet available all times
    • ( load balancing & auto failover )
    THE SOLUTION
  • 6.
    • Product Excellence Award in the 3 categories: (2007)‏
    • Integrated Security Appliance
    • Security Solution for Education
    • Unified Security
    • Tomorrow’s Technology Today 2007
    • 2007 Finalist American Business Awards
    • 2007 Finalist Network Middle East Award
    • Best Security Product
    • Best SMB Networking Vendor
    • VAR Editor’s Choice for Best UTM (2007)‏
    • Finalist - 2008 Global Excellence in Network Security Solution
    • CRN – Emerging Tech Vendors 2007
    Awards
  • 7. Example customers
  • 8. Example customer’s indonesia
    • PPATK
    • Badan Pemeriksa Keuangan
    • Asuransi JASINDO
    • MAYORA,PT
    • Polypet Karyapersada, PT
    • BANK DIPO
    • Pandu Logistics, PT
    • BUMA, PT
    • Kejaksaan Agung
    • Garuda Metalindo, PT
    • Airfast Indonesia,PT
    • Pemda DEPOK
    • Ripcurl
    • Angkasa Pura II
    • Pemkab SRAGEN
    • Pemkab KUDUS
    • PERTAMINA
    • Upgraded Brown Coal Indo, PT
    • METRASAT (TELKOM)
    • Asuransi ACA
    • Mobile 8
    • DKSH, PT
  • 9. Pengertian UTM
    • UTM
    • (UNIFIED THREAT MANAGEMENT)
    • Alat yang mengumpulkan solusi untuk ancaman didalam sistem jaringan
    • ANCAMAN SOLUSI
    • Virus / Spam Anti virus / Anti spam
    • Bandwith ‘boros’ Bandwith Management
    • Internet lamban Web content filtering
    • Hacker IPS
  • 10. Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls. Cyberoam – Identity Based Security
  • 11. Identity - based UTM
  • 12. Network Challenges for Organizations The Problem with Traditional Security Solutions
    • Focused on protection against external threats only
    • Insider threat protection not given due importance
    • Ineffective against blended threats
    • The users known by static IP addresses
    • Lack of security in dynamic IP environments
    • Lack of security for Shared desktops
    • Inability to know ‘Who is Doing What’ in the network
    • Sacrificed Flexibility as UTM tried to fit many features in single appliance
    • Inadequate logging and reporting
  • 13. PATENT PENDING: IDENTITY-BASED TECHNOLOGY User
  • 14. “ Know the user by user-name not the IP address” Easy Identification of the user
  • 15. Identity Based Policies
  • 16. The Cyberoam Firewall
  • 17.
    • Identity-based Security
    • Stateful Inspection Firewall
    • Centralized management for multiple security features
    • Multiple zone security
    • Granular IM, P2P controls
    • Enterprise-Grade Security
    • All the security features can be applied to each FW rule
    Identity-based Firewall
  • 18. Identity-Based Content Filtering
  • 19. 82 categories organized into four different groups of neutral, unhealthy, productive and non-working
  • 20. Educate Users with Custom Denied Messages and reduce your support calls
  • 21.
    • IDENTITY BASED BANDWITH MANAGEMENT
  • 22.
    • Application and Identity-based bandwidth allocation
    • Committed and burstable (sisa b/w dpt digunakan bila tidak sedang penuh) bandwidth
    • Schedule-based bandwidth allocation
    • Restrict Bandwidth usage to a combination of source, destination and service/service group
    Identity-based Bandwidth Management
  • 23. External Authentication Integration
  • 24. Authentication and External Integration
  • 25. Multilink Manager Load Balancer
  • 26. Advanced Multiple Gateway Features
    • Auto failover
    • Complex rule support for auto failover checking.
    • Weighted round robin load balancing
    • Policy routing per application ,user, source and destination.
    • Gateway status on dashboard
    • No restriction on number of WAN Ports
    • Schedule based bandwidth assignment
  • 27. Gateway Anti-Virus
  • 28.
    • Scans HTTP, FTP, SMTP, POP3, IMAP traffic on a combination of Source, Destination, Identity, Service and Schedule
    • Self-service quarantine area
    • Identity-based HTTP virus reports
    • Updates every ½ hour
    • Spyware and other malware protection included
    • Blocks “Phishing” emails.
    Gateway Anti- Virus Features
  • 29. Gateway Anti- Virus Reports
  • 30. Gateway Anti-Spam
  • 31.
    • Scans SMTP, POP3, IMAP traffic
    • Virus Outbreak Detection (VOD) for zero hour protection
    • Self-Service quarantine area
    • Spam filtering with (RPD) Recurrent Pattern Detection technology
    • Content-agnostic
    • Narrow window of exposure
    • Compliance to Sarbanes Oxley (Copy to Archive feature)‏
    • Change recipients of emails
    Gateway Anti-Spam Features
  • 32.
    • Protects against Image-based Spam and spam in different languages
    • The spam catch rate of over 98%
    • 0.007% false positives in spam
    • Local cache is effective for >70% of all spam resolution cases
    RPD (Recurrent Pattern Detection)‏
  • 33. Intrusion Prevention System (IPS)‏
  • 34.
    • Multiple and Custom IPS policies
    • Identity-based policies
    • Automatic real-time updates
    • Identity-based intrusion reporting
    • Ability to define multiple policies
    • Ability to bind IPS policy to a firewall rule.
    • Reveals User Identity in Internal Threats scenario
    IPS Features
  • 35.
    • Cyberoam IPS can log / block all type of applications:
      • Anonymous Surfing:
        • UltraSurf, TOR, Hotspot, FreeGate, JAP
        • All external proxies (Regardless of IP / Port)
      • P2P Applications:
        • BitTorrent, Limewire, Ares, Bearshare, Shareazaa
        • Morpheus,
        • File transfer over MSN, Yahoo, Google Talk
      • Anonymous VOIP:
        • Justvoip, LowRateVOIP
    IPS Features
  • 36. Traffic Discovery
  • 37. Data Leakage Report (HTTP Upload)
  • 38. Traffic Discovery
  • 39.  
  • 40.  
  • 41.  
  • 42.
    • VPN
    • (VIRTUAL PRIVATE NETWORK)
  • 43.
    • Cyberoam supports SSL-VPN, IPSec, L2TP, PPTP
    • Threat Free Tunneling (TFT)
      • VPN Firewall Management
      • VPN Bandwidth Management
      • VPN Protection – Antivirus / Antispam / IPS / Content Filtering / DoS
    • VPN Topologies:
      • Road-Warrior (Remote Access), Site to Site
      • Hub & Spoke
        • Branch Office Internet Traffic Tunneling over VPN
        • Inter Branch Office Communication
      • VPN Failover
    • Main Mode / Aggressive Mode
    • Identity based VPN control using xAuth
    • Local digital certification authority (CA) and support external CA
    VPN Features
  • 44.
    • Client and Location independent access
    • Authentication - AD, LDAP, RADIUS, Cyberoam
    • Multi-layered Client Authentication - Certificate, Username/Password
    • User & Group policy enforcement
    • Network access - Split and Full tunneling
    • End user Web Portal - Clientless access
    • SSL VPN Tunneling Client - Granular access control to all the Enterprise Network resources
    • Administrative controls: Session timeout, Dead Peer Detection,
    • Portal customization
    License Free SSL-VPN:
  • 45. Identity Based “On Appliance” Reporting
  • 46. Cyberoam Reports are placed on the appliance Other UTMs Reporting Module/ Device
  • 47. Deployment modes
  • 48. Cyberoam can be deployed in three modes: Deployment Modes Bridge / Transparent Mode Gateway / Route / NAT Mode Proxy Mode
  • 49. Cyberoam in Gateway Mode
  • 50. Default Gateway: 192.168.0.1 Cyberoam in Bridge Mode Users Router Network: 192.168.0.x/24 Firewall INT IP: 192.168.0.1/24
  • 51.
    • Reduces operational complexity and deployment time
    • Minimizes errors and lowers administration cost
    Cyberoam Central Console - CCC
    • Enables the MSSPs to have different personnel for managing different customer deployments
    • Ease of use with view of multiple devices and network status at a glance
  • 52. Cyberoam – Appliance Details
  • 53. CRi series for SOHO (Small Office-Home Office) & ROBO (Remote Office-Branch Office) CR 25i CRi series for Small to Medium Business CR 50ia CR 100ia CRi series for Medium Enterprises CR 200i CR 300i CR 500i CRi series for Large Enterprises CR 1000i CR 1500i Cyberoam Appliances
  • 54.
    • Identity-based Firewall
    • VPN
    • Bandwidth Management
    • Multiple Link Management
    • On Appliance Granular Reporting
    • 8*5 Tech Support & 1 Year Warranty
    • Subscriptions
    • Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included)‏
    • Gateway Anti-spam Subscription
    • Web & Application Filtering Subscription
    • Intrusion Prevention System (IPS)
    • Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis
    Basic Appliance – One time sale
  • 55. SUMMARY FIREWALL VPN IPS (ANTI HACKER) ANTI SPAM ANTI VIRUS BANDWITH MANAGEMENT WEB CONTENT FILTERING LOAD BALANCING & FAILOVER SYSTEM REPORTING
  • 56. Cyberoam Demo: http://demo.cyberoam.com
  • 57. Cyberoam – End Point Data Protection Protect your Data. Protect your Assets.
  • 58. Cyberoam for End Point Data Protection 1. Data Protection & Encryption 2. Device Management 3. Application Control 4. Asset Management
  • 59. Data Protection & Encryption
  • 60. Prevent Data Leakage – Email Attachments
    • Control data shared as attachment in emails
    • Send customized warning message to user and alert to administrator
  • 61. Record Data Shared over Webmails
    • Record content of Webmail such as Yahoo, Gmail & Msn
  • 62. Prevent Data Leakage - Attachments over Instant Messengers Attachment: .doc NOT ALLOWED File name: confident NOT ALLOWED Size: > 2 MB
    • Control data shared as attachment over Instant Messengers
    • Send customized warning message to user and alert to administrator
    .exe .jpg
  • 63. Email Capture
  • 64. Prevent Accidental / Malicious Deletion of Data Selective Action & Back-up of Document
    • Control operations over a document and its mode of transfer
    • Back up files before specific actions
    Before deleting Operation Modify Delete Fixed Floppy CD rom Removable Network Unknown .jpg .doc Before modifying Before copying/cut to Before copying/cut from Mode of Transfer File Name/Extn. Back up Read Document
  • 65. Prevent Data Leakage through Printed Files Copy of Printed File Saved in Database Server
    • Control access to printers in the system
    • Save shadow copy of printed file
    • Bisa dicustom / ditambah lagi
    Printer Printer Type Selected files/Extn. Attachment:.xls Attachment:.doc Shared Local Network Virtual Database Server Printer Printer Type Selected files/Extn. Attachment:.xls Attachment:.doc Shared Local Network Virtual Database Server
  • 66. Print Capture
  • 67. Print Capture
  • 68. Data Sharing Through Removable Devices
    • Encrypt all/selected files while writing to removable device
    • Decrypt files while reading from a removable device only in organization network
    • - Data in your lost USB device cannot be decrypted and is safe
    Encrypts Data, Blocks Data Sharing Encrypt entire device Attachment:.xls Attachment:.doc Attachment:.jpg Decrypt before reading Encrypt selected files
  • 69. Flash disk Policy
  • 70. Record Chat Sessions even for SKYPE Back up server Chat session logs
  • 71. IM Logs
  • 72. IM Logs
  • 73. Device Management
  • 74. Protect your Data by controlling data over device
    • Allow only authorized devices
    Storage Device Communication Interface Device USB Device Network Devices Others Dial Floppy, CD, Burning device, Tape, Removable device Serial ports, parallel ports, modems, Bluetooth Dial-up connection USB keyboard, mouse, modem, storage, hard disk, others Wireless LAN adapter, PnP adapter, Virtual LAN adapter Audio equipment, Virtual CDROM, any new device Device Management
  • 75. Flash disk Policy
  • 76. Flash disk Traffic
  • 77. Application Control
  • 78. Protect your Data by Controlling Applications
    • Prevent data loss through unauthorized/indiscriminate use of applications
    • Granular, policy-based application controls
    • - Protect sensitive data & enhance employee productivity
    • - Prevent legal liability, network outages
    IM tools Entertainment (MP3, MP4, MPEG) Pirated software Screensavers Password crackers
  • 79. Application Capture
  • 80. Application Capture
  • 81. Application Capture
  • 82. Asset Management Protect your Assets
  • 83. Need for End Point Asset Management
    • Organizations exposed to higher levels of threats
      • Distributed offices
      • Rise in malware attacks
    • Tracking Hardware & Software assets
      • Management of hardware/software inventory
    • Sophisticated attacks – Targeting vulnerabilities
    • Need for timely patch implementation across –
      • Hundreds or thousands of devices
      • Geographic locations
    • Immediate need - Centralized, automated asset management
  • 84. Fighting Threats with Asset Management Protect your Assets
    • Seamless IT infrastructure management
      • Simplifies tracking of IT asset allocation, configuration, version, historical information
      • Control over hardware, software costs
    • Automates and centralizes
      • Patch management
    • Install Software Remotely
      • Silently or in user-interactive mode
    • Meets security compliance requirements
      • Rapid and correct installation of patches
      • Handling bug fixes across network, geographies
  • 85. Asset Capture
  • 86. Asset Capture
  • 87. Asset Capture
  • 88. Asset Capture
  • 89. Cyberoam Trial Endpoint Data Protection: http://cyberoam.com/cyberoam/jsp/trialversion/trialversion.jsp?prdinterest=dataprotection
  • 90. Nurjiwanto Eka Liman Technology ( ELITE ) YM : nurjiwanto @yahoo. co.id Email : nurjiwanto @ elite-securitysystem.com Mobile : 08 5719597711 (021) 36972525